Investing.com - Financial Markets Worldwide

U.S. charges three Iranians for ransomware attacks on women's shelter, businesses

Published 09/14/2022, 10:42 AM
Updated 09/14/2022, 04:56 PM
© Reuters. FILE PHOTO: Figurines with computers are seen in front of USA and Iran flags in this illustration taken, September 10, 2022. REUTERS/Dado Ruvic/Illustration

By Christopher Bing and Andy Sullivan

WASHINGTON (Reuters) -Three Iranians have been charged with trying to extort hundreds of thousands of dollars from organizations in the United States, Europe, Iran and Israel, including a domestic violence shelter, by hacking in to their computer systems, U.S. officials said on Wednesday.

Other targets included local U.S. governments, regional utilities in Mississippi and Indiana, accounting firms and a state lawyers' association, according to charges filed by the U.S. Justice Department.

While the criminal charges do not say whether the alleged hackers worked for the Iranian government, a separate U.S. Treasury Department statement said they were affiliated with the Islamic Revolutionary Guard Corps, an Iranian intelligence and security force.

A senior Justice Department official said the Iran government does not discourage residents from engaging in hacking, as long as it is directed outside the country.

Iran's mission to the United Nations in New York did not immediately respond to a request for comment.

The defendants, named Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nikaein, are citizens of Iran who own or are employed by private technology companies in the country.

The Treasury Department also imposed sanctions on the three Iranians, as well as several other individuals and two organizations they said were part of Tehran's "malicious" cyber and ransomware activity.

The alleged hackers face little chance of being arrested, as they are believed to be living freely in Iran. But officials said the charges will make it difficult for them to travel or find work outside the country, as is the preference of many educated Iranians.

According to the charges, the three men infiltrated the computer systems of a wide range of businesses and governments between October 2020 and August 2022, encrypted their data and demanded bitcoin payments of up to hundreds of thousands of dollars.

Some victims, including the domestic violence shelter, opted to pay the ransom to recover their data.

© Reuters. FILE PHOTO: Figurines with computers are seen in front of USA and Iran flags in this illustration taken, September 10, 2022. REUTERS/Dado Ruvic/Illustration

Such ransomware attacks have skyrocketed over the past decade, damaging scores of U.S. companies and other organizations around the globe.

In June last year, the Justice Department said it was elevating ransomware investigations to a similar priority as terrorism in the wake of a major, disruptive attack on a U.S. pipeline company, which led to localized gas shortages on the U.S. East coast.

Latest comments

Install Our App
Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2025 - Fusion Media Limited. All Rights Reserved.