WASHINGTON: The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter.
The charges accuse the hacking suspects of targeting hundreds of entities in the US and around the world, including inside Britain, Australia, Iran, Russia and the US, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said.
But a separate US Treasury announcement of sanctions said the three were part of a larger hacking group tied to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC), and the US State Department has offered a $10 million reward for information on them.
The indictment identified the three as Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nikaeen Ravari.
It said that between October 2020 and August 2022, the men used known vulnerabilities in computer systems to attack multiple targets in the United States, stealing their data and demanding up to hundreds of thousands of dollars to have it returned.
Those included local governments, a shelter for victims of domestic violence, a children’s hospital in Boston, accounting firms and electricity generating companies.
The victims were not methodically chosen but were “targets of opportunity” whose computer systems were vulnerable to hacking, officials said.
“The indictment does not allege that these actors undertook these actions on behalf of the Government of Iran,” a senior Justice Department official told reporters.
The three “engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain,” FBI Director Chris Wray said in a separate statement.
But a concurrent announcement by the US Treasury said the three were part of a group of 10 Iranian hackers targeted with sanctions that was backed by the Revolutionary Guards.
“This IRGC-affiliated group is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities,” the Treasury said.
Their actions align with those of known Iranian cyberattack operations which private cybersecurity groups have dubbed “APT35,” “Charming Kitten” and “Phosphorous,” Treasury added.
The Biden administration has tried to go after hackers who have held US targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast.
Iran-based hackers have also been a focus over the last year, with the FBI last year thwarting a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government.
“The cyber threat facing our nation is growing more dangerous and complex every day,” FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. “Today’s announcement makes clear the threat is both local and global. It’s one we can’t ignore and it’s one we can’t fight on our own, either.”
the Treasury Department’s Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of a technology firm it says is affiliated with the Revolutionary Guard.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers.
The actions come amid an apparent stalemate in talks between the US and Iran over the possible revival of a 2015 nuclear deal. Israel and some US lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran’s nuclear program a failure.
The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it “functionally impossible” for them to leave the country.
(With AFP and AP)
3 Iranian citizens charged in broad hacking campaign in US
https://arab.news/6cucw
3 Iranian citizens charged in broad hacking campaign in US
- Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nikaein are citizens of Iran who own or are employed by private technology companies in the country
- Treasury Department also sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard
Sirens in north Israel after army detects Iranian missiles
- Israel and Iran on Tuesday accepted a ceasefire plan proposed by US President Donald Trump to end their 12-day war
- Iran has not formally accepted a ceasefire
The Israeli military reported two missiles fired from Iran mid-morning on Tuesday, leading sirens to blare in the north several hours after US President Trump announced a ceasefire plan.
“Two missiles were launched from Iran and they were intercepted,” a military official told AFP on condition of anonymity, with the army saying people could leave shelters around 15 minuutes after the first alert.
Trump announced a phased 24-hour ceasefire process beginning at around 0400 GMT Tuesday, which Israel said it had agreed to. Iran has not formally accepted a ceasefire.
Israeli defence minister orders attacks on Iran after ceasefire 'violation'
Israeli Defence Minister Israel Katz said on Tuesday he had ordered the country’s military to respond forcefully to what he said was Iran’s violation of a ceasefire with Israel.
The directive followed an announcement by the military that it had detected missile launches from Iran towards Israel.
Less than three hours earlier, US President Donald Trump had said that the ceasefire was now in effect.
Katz said the military had been instructed to carry out high-intensity operations against targets in Tehran.
Israel and Iran accept ceasefire
Israel and Iran on Tuesday accepted a ceasefire plan proposed by US President Donald Trump to end their 12-day war that roiled the Middle East, after Tehran launched a retaliatory limited missile attack on a US military base in Qatar.
The acceptance of the deal by both sides came after Tehran launched a final onslaught of missiles targeting Israel that killed at least four people early Tuesday morning, while Israel launched a blitz of airstrikes targeting sites across Iran before dawn.
Prime Minister Benjamin Netanyahu said Israel had agreed to a bilateral ceasefire with Iran in coordination with Trump.
Israel says agreed to Trump proposal for bilateral ceasefire with Iran
Israel said Tuesday it had agreed to a “bilateral ceasefire” with Iran proposed by US President Donald Trump, following 12 days of war with its arch-foe.
“Last night, Prime Minister Benjamin Netanyahu convened the cabinet... to announce that Israel had achieved all the objectives of Operation ‘Rising Lion’ and much more,” the government said in a statement, adding that it had removed “an immediate dual existential threat: nuclear and ballistic”.
“Israel thanks President Trump and the United States for their support in defence and for their participation in removing the Iranian nuclear threat,” the statement said, adding that “Israel will respond forcefully to any violation of the ceasefire.”
Israel rescuers say 4 dead in multi-wave Iran missile attacks
At least four people were killed in Israel in a multi-wave Iranian missile attack Tuesday shortly before a staggered ceasefire announced by US President Donald Trump was meant to enter force, emergency services and the army said.
Writing on X, the Magen David Adom rescue service said three people were pronounced dead at the scene of a strike in southern Beersheba while a fourth was added in an update to its figures.
Another two people were “moderately injured” while 20 were treated for minor injuries and anxiety, it said.
UN condemns ‘weaponization of food’ in Gaza
GENEVA: The United Nations on Tuesday condemned Israel’s apparent “weaponization of food” in Gaza, a war crime, and urged Israel’s military to “stop shooting at people trying to get food.”
“Israel’s militarised humanitarian assistance mechanism is in contradiction with international standards on aid distribution,” the UN human rights office said in written notes provided before a briefing.
“Desperate, hungry people in Gaza continue to face the inhumane choice of either starving to death or risk being killed while trying to get food.”
The US- and Israel-backed Gaza Humanitarian Foundation (GHF) began food distribution operations in Gaza on May 26 after Israel completely cut off supplies into the occupied Palestinian territory for more than two months, sparking warnings of mass famine.
The UN said in May that “100 percent of the population” of the besieged territory were ” at risk of famine.”
The UN and major aid groups have refused to cooperate with the GHF — an officially private effort with opaque funding — over concerns it was designed to cater to Israeli military objectives.
UN rights office spokesman Thameen Al-Kheetan warned in the briefing notes of “scenes of chaos around the food distribution points” of the GHF.
Since the organization began operating, “the Israeli military has shelled and shot Palestinians trying to reach the distribution points, leading to many fatalities,” he said.
He pointed to reports that “over 410 Palestinians have been killed as a result, (while) at least 93 others have also been reportedly killed by the Israeli army while attempting to approach the very few aid convoys of the UN and other humanitarian organizations.”
“At least 3,000 Palestinians have been injured in these incidents,” he said.
“Each of these killings must be promptly and impartially investigated, and those responsible must be held to account.”
Kheetan cautioned that the system “endangers civilians and contributes to the catastrophic humanitarian situation in Gaza.”
“The weaponization of food for civilians, in addition to restricting or preventing their access to life-sustaining services, constitutes a war crime, and, under certain circumstances, may constitute elements of other crimes under international law,” he warned.
The UN rights office demanded immediate action to rectify the situation.
“The Israeli military must stop shooting at people trying to get food,” Kheetan said, also demanding that Israel “allow the entry of food and other humanitarian assistance needed to sustain the lives of Palestinians in Gaza.”
“It must immediately lift its unlawful restrictions on the work of UN and other humanitarian actors,” he said.
And he called on other countries to “take concrete steps to ensure that Israel — the occupying power in Gaza — complies with its duty to ensure that sufficient food and lifesaving necessities are provided to the population.”
Oman Air resumes flights as Iraq, Syria reopen airspace after Iran-Israel truce announcement
- Iraq reopened its airspace 12 days after closing it amid the Iran-Israel conflict
DUBAI: Oman Air on Tuesday announced the resumption of flights as Iraq and Syria reopened their airspace following Israel and Iran’s acceptance of a ceasefire plan to end their 12-day war that had destabilized the region.
Iraq reopened its airspace 12 days after closing it during the Iran-Israel conflict, aviation authorities confirmed. The Iraqi Civil Aviation Authority said the move came “following a comprehensive assessment of the security situation and coordination with relevant national and international authorities.”
The reopening of airspace and resumption of flights is expected to ease regional flight disruptions and allow airlines to resume more direct and efficient routes.
Gaza rescuers say Israeli forces killed 21 people waiting for aid
- Thousands of Palestinians have gathered daily in the hope of receiving food rations in Gaza, as famine looms across the territory after more than 20 months of war
GAZA CITY: Gaza’s civil defense agency said Israeli forces killed 21 people waiting for aid near a distribution site in the center of the Palestinian territory on Tuesday, the latest deadly incident targeting aid-seekers.
Civil defense spokesman Mahmud Bassal told AFP that 21 people were killed and around 150 wounded “as a result of the Israeli occupation forces’ targeting of gatherings of citizens waiting for aid... in the central Gaza Strip with bullets and tank shells” in the early hours of Tuesday.
AFP has contacted the Israeli military for comment on the incident.
Israeli restrictions on media in the Gaza Strip and difficulties in accessing some areas mean AFP is unable to independently verify the tolls and details provided by rescuers and authorities in the Palestinian territory.
Bassal added that five people were killed and several injured in an Israeli air strike that targeted a house in Gaza City at dawn.
Thousands of Palestinians have gathered daily in the hope of receiving food rations in Gaza, as famine looms across the territory after more than 20 months of war.
According to figures issued on Saturday by the health ministry in the Hamas-run Gaza Strip, at least 450 people have been killed and nearly 3,500 injured by Israeli fire while seeking aid since late May.
Many of those have been near sites operated by the Gaza Humanitarian Foundation, according to rescuers.
The privately run foundation’s operations in Gaza have been marred by chaotic scenes. UN agencies and major aid groups have refused to cooperate with it over concerns it was designed to cater to Israeli military objectives.
Israel’s opposition leader on Tuesday called for an end to the war in Gaza, after Israel announced it had agreed to a ceasefire with Iran.
“And now Gaza. It’s time to finish it there too. Bring back the hostages, end the war,” Yair Lapid wrote on X.
Over 40 people, including children, killed in Sudan hospital attack, says WHO chief
- Saturday’s attack on the Al Mujlad Hospital took place in West Kordofan, near the front line between the Sudanese army and the paramilitary Rapid Support Forces
GENEVA: Over 40 people, including children and health care workers, were killed in an attack on a hospital in Sudan at the weekend, the head of the World Health Organization said on Tuesday.
Saturday’s attack on the Al Mujlad Hospital took place in West Kordofan, near the front line between the Sudanese army and the paramilitary Rapid Support Forces.
WHO Director General Tedros Adhanom Ghebreyesus called for attacks on health infrastructure to stop, without saying who was responsible.
