In unsealing a 13-page indictment this week, the U.S. Department of Justice (DOJ) revealed charges against four Iranian nationals for their alleged involvement in a hacking campaign against the U.S. government and private companies.
The defendants remain at large and the United States has offered a $10 million reward for their whereabouts. Manhattan court documents named the four men as: Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani and Alireza Shafie Nasab. Nasab was particularly notable, given previous charges for the same conduct in an unsealed Feb. 29 indictment as well. In all, the defendants were supposed to have aided efforts to compromise the U.S Departments of Treasury and State, defense contractors and two New York-based companies.
“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” Attorney General Merrick Garland said. “These defendants are alleged to have engaged in a coordinated, multi-year hacking campaign from Iran targeting more than a dozen American companies and the U.S. Treasury and State Departments. This case represents just one part of the U.S. government’s effort to counter the range of threats originating from Iran that endanger the American people.”
The Treasury Department followed suit with sanctions against the four defendants, along with other malicious cyber actors.
Reportedly, the group worked from 2016 through at least April 2021 as part of a hacking organization, with three of them employed by the Iran-based Mahak Rayan Afraz as supposed cybersecurity providers. The DOJ alleged this was but a front for their true purpose, as they went after cleared defense contractors, as well as a New York-based accounting firm and hospitality company.
Through spearphishing and social manipulation, they managed to compromise more than 200,000 employee accounts, including an administrator email account for a defense contractor.
“As alleged, the defendants participated in a cyber campaign using spearphishing and other hacking techniques in an attempt to compromise private companies with access to defense-related information,” U.S. Attorney Damian Williams for the Southern District of New York, said. “Cyber intrusion schemes such as the one alleged threaten our national security, and I’m proud of our law enforcement partners and the career prosecutors of this office for continuing to use innovative technologies and investigative measures to disrupt and track down these cybercriminals.”
While each had a different alleged role in the conspiracy, each was charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud and wire fraud. While computer fraud conspiracy could bring up to five years in prison, each count of wire fraud and conspiracy to commit it could bring up to 20 years in prison. Harooni faces an added charge of knowingly damaging a protected computer, with a maximum penalty of 10 years in prison, and shared a charge of aggravated identify theft – punishable by up to two years in prison – with Salamani and Nasab.