WASHINGTON: The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter.
The charges accuse the hacking suspects of targeting hundreds of entities in the US and around the world, including inside Britain, Australia, Iran, Russia and the US, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said.
But a separate US Treasury announcement of sanctions said the three were part of a larger hacking group tied to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC), and the US State Department has offered a $10 million reward for information on them.
The indictment identified the three as Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nikaeen Ravari.
It said that between October 2020 and August 2022, the men used known vulnerabilities in computer systems to attack multiple targets in the United States, stealing their data and demanding up to hundreds of thousands of dollars to have it returned.
Those included local governments, a shelter for victims of domestic violence, a children’s hospital in Boston, accounting firms and electricity generating companies.
The victims were not methodically chosen but were “targets of opportunity” whose computer systems were vulnerable to hacking, officials said.
“The indictment does not allege that these actors undertook these actions on behalf of the Government of Iran,” a senior Justice Department official told reporters.
The three “engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain,” FBI Director Chris Wray said in a separate statement.
But a concurrent announcement by the US Treasury said the three were part of a group of 10 Iranian hackers targeted with sanctions that was backed by the Revolutionary Guards.
“This IRGC-affiliated group is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities,” the Treasury said.
Their actions align with those of known Iranian cyberattack operations which private cybersecurity groups have dubbed “APT35,” “Charming Kitten” and “Phosphorous,” Treasury added.
The Biden administration has tried to go after hackers who have held US targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast.
Iran-based hackers have also been a focus over the last year, with the FBI last year thwarting a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government.
“The cyber threat facing our nation is growing more dangerous and complex every day,” FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. “Today’s announcement makes clear the threat is both local and global. It’s one we can’t ignore and it’s one we can’t fight on our own, either.”
the Treasury Department’s Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of a technology firm it says is affiliated with the Revolutionary Guard.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers.
The actions come amid an apparent stalemate in talks between the US and Iran over the possible revival of a 2015 nuclear deal. Israel and some US lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran’s nuclear program a failure.
The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it “functionally impossible” for them to leave the country.
(With AFP and AP)
3 Iranian citizens charged in broad hacking campaign in US
https://arab.news/6cucw
3 Iranian citizens charged in broad hacking campaign in US
- Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nikaein are citizens of Iran who own or are employed by private technology companies in the country
- Treasury Department also sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard
Egypt unveils ancient rock-cut tombs and burial shafts in Luxor
CAIRO: Egypt unveiled several discoveries near the famed city of Luxor on Wednesday, including ancient rock-cut tombs and burial shafts dating back 3,600 years.
They were unearthed at the causeway of Queen Hatshepsut’s funerary temple at Deir Al-Bahri on the Nile’s West Bank, according to a statement released by Zahi Hawass Foundation for Antiquities & Heritage. It said it worked in tandem with the Supreme Council of Antiquities on the site since September 2022.
Artifacts found at the tombs included bronze coins with the image of Alexander the Great dating to the Time of Ptolemy I (367-283), children’s toys made of clay, cartonnage and funerary masks that covered mummies, winged scarabs, beads and funerary amulets.
Hawass told reporters that the discoveries could “reconstruct history” and offer an understanding of the type of programs ancient Egyptians designed inside a temple.
The Archeologists also found the remains of Queen Hatshepsut’s Valley Temple, rock-cut tombs dating back to the Middle Kingdom (1938 B.C. — 1630 B.C.), burial shafts from the 17th dynasty, the tomb of Djehuti-Mes and part of the Assassif Ptolemaic Necropolis.
The rock-cut tombs had been previously robbed during the Ptolemaic period and later. Still, the Egyptian teams uncovered some artifacts such as pottery tables that were used to offer bread, wine and meat.
Inside the burial shafts dating back to 1580 B.C. — 1550 B.C., anthropoid wooden coffins were found, including one that belonged to a young child. It remained intact since its burial some 3,600 years ago.
Libya’s eastern parliament approves transitional justice law
- The UN mission to Libya has repeatedly called for an inclusive, rights-based transitional justice and reconciliation process in the country
TRIPOLI: Libya’s eastern-based parliament has approved a national reconciliation and transitional justice law, three lawmakers said, a measure aimed at reunifying the oil-producing country after over a decade of factional conflict.
The House of Representatives spokesperson, Abdullah Belaihaq, said on the X platform that the legislation was passed on Tuesday by a majority of the session’s attendees in Libya’s largest second city Benghazi.
However, implementing the law could be challenging as Libya has been divided since a 2014 civil war that spawned two rival administrations vying for power in east and west following the NATO-backed uprising that toppled Muammar Qaddafi in 2011.
“I hope that it (the law) will be in effect all over the country and will not face any difficulty,” House member Abdulmenam Alorafi told Reuters by phone on Wednesday.
The UN mission to Libya has repeatedly called for an inclusive, rights-based transitional justice and reconciliation process in the North African country.
A political process to end years of institutional division and outright warfare has been stalled since an election scheduled for December 2021 collapsed amid disputes over the eligibility of the main candidates.
In Tripoli, there is the Government of National Unity under Prime Minister Abdulhamid Al-Dbeibah that was installed through a UN-backed process in 2021, but the parliament no longer recognizes its legitimacy. Dbeibah has vowed not to cede power to a new government without national elections.
There are two competing legislative bodies — the HoR that was elected in 2014 as the national parliament with a four-year mandate to oversee a political transition, and the High Council of State in Tripoli formed as part of a 2015 political agreement and drawn from a parliament first elected in 2012.
The Tripoli-based Presidential Council, which came to power with GNU, has been working on a reconciliation project and holding “a comprehensive conference” with the support of the UN and African Union. But it has been unable to bring all rival groups together because of their continuing differences.
Army chief Gen. Joseph Aoun seems increasingly likely to be Lebanon’s new president
- On eve of latest attempt by MPs to agree on a candidate, reports suggest Hezbollah’s preferred candidate ‘may announce his withdrawal’
- French envoy Jean-Yves Le Drian arrives in Beirut and is expected to attend the parliamentary presidential election session on Thursday
BEIRUT: A day before the Lebanese parliament was due to assemble to discuss the election of a president — an office that has remained vacant for more than 26 months — there was a flurry of activity on Wednesday including intensified discussions, communications and declarations.
Reports in the afternoon suggested that Hezbollah’s preferred candidate, Suleiman Frangieh, “may announce his withdrawal from the presidential race,” leaving army chief Gen. Joseph Aoun as the leading contender.
The day was marked by a visit from French envoy Jean-Yves Le Drian, who arrived in Beirut on Tuesday evening and was expected to attend the parliamentary presidential election session on Thursday.
He held meetings with several political and parliamentary figures, during which he reportedly recommended Aoun for “consideration without any preconditions.” This was in relation to the bloc of Hezbollah and Amal Movement MPs who opposed the general’s nomination on the grounds that his election would require a constitutional amendment because he still serves in his capacity as commander of the army.
The head of Hezbollah’s parliamentary bloc, MP Mohammed Raad, was quoted after meeting the French envoy as saying: “Hezbollah will not stand in the way of the Lebanese people’s consensus on the name of a president for the republic.”
Media estimates suggest that Aoun, if he secures the support of Hezbollah and Amal, would win 95 votes in the 128-member parliament. This level of support would mean a constitutional amendment is not needed.
Events leading up to Thursday’s session suggested all parliamentary blocs are committed to attending, which would ensure the quorum required for the election is reached. The presidency has been vacant since former president Michel Aoun’s term ended in October 2022. Previous attempts to appoint a successor failed amid disagreements between political factions about suitable candidates.
Prime Minister Najib Mikati said he was feeling “joy for the first time since the presidential vacancy as, God willing, we will have a new president for the republic tomorrow,” raising hopes that the office might finally be filled.
One political observer said there is now the real possibility that “all members of parliament, regardless of their political affiliations, would choose their candidate within the framework of consensus and understanding during the voting sessions, which will remain open as confirmed by the speaker of parliament, Nabih Berri, until” a decision is reached.
This renewed optimism was in contrast to the prior skepticism about the possibility that parliamentary blocs would be able to successfully convene a session to elect a president, given their previous failures to reach a consensus on a candidate who could secure a majority in the first round of voting.
The electoral session on Thursday will be the 13th of its kind. During the previous one, in June 2024, the candidate favored by Hezbollah and its allies, former minister and Marada Movement leader Suleiman Frangieh, who was close to the Assad regime in Syria, faced the candidate favored by the Free Patriotic Movement and opposition parties, former Minister of Finance Jihad Azour, who is director of the Middle East and Central Asia department at the International Monetary Fund.
During that session, Frangieh received 51 votes in the first round of voting and Azour 59. When the totals were announced, Hezbollah and Amal MPs withdrew from the session, thereby depriving it of the quorum required for a second round of voting, as stipulated by the constitution.
Against this background of long-running political divisions resulting in deadlock within the parliament, and in light of the war between Israel and Hezbollah, the number of presidential candidates has dwindled from 11 to just a few names. Aside from Aoun, Frangieh and Azour, the other candidates whose names continued to circulate to varying degrees on Wednesday included Samir Geagea, the head of the Lebanese Forces party, which heads the parliament’s biggest Christian bloc. However, he is fiercely opposed by Hezbollah.
Less-discussed candidates include the acting chief of Lebanon’s General Security Directorate, Elias Al-Bayssari; MP Ibrahim Kanaan, who resigned from the Free Patriotic Movement to join the Independent Consultative Parliamentary Gathering; and former ambassador Georges Al-Khoury, a retired brigadier general. Al-Khoury has the support of Maronite Patriarchate, Speaker Berri and the Free Patriotic Movement, but the majority of the opposition rejects his candidacy.
MP Neemat Frem, who has presented a political and economic vision for the country, is also a candidate. He is on good terms with the Patriarchate and the opposition. Others include Farid Al-Khazen, who is also on good terms with Berri and close to the Patriarchate, and Ziad Baroud, a human rights activist and former minister of interior who is seen as a consensus candidate.
The parliamentary blocs continued to hold talks on Wednesday afternoon to discuss preferred candidates. Lebanese Forces MP Fadi Karam said: “Starting today, there has been a significant shift toward having Joseph Aoun as a president.”
During a meeting on Wednesday, the Maronite Archbishops Council called for “a national parliamentary awakening that leads tomorrow to the election of a president who brings together the country’s sons and daughters within the framework of national unity, solidarity and reform, allowing Lebanon to regain its leading role in the East.”
The archbishops said: “The opportunity has become appropriate and available for national deliberation on the importance of Lebanon’s progress toward a positive neutrality that saves the country from the damage of conflicts and drives it toward a healthy cycle of one fruitful national life.”
UAE adds 19 individuals, entities to terrorism list over Muslim Brotherhood links
- Designation is part of UAE’s national and international efforts to dismantle terrorist financial networks
LONDON: The UAE designated 19 individuals and entities as terrorists on Wednesday due to their connections to the Muslim Brotherhood, which is classified as a terror group in the UAE.
Abu Dhabi placed 11 individuals and eight entities on the country’s Local Terrorist List, the WAM news agency reported. All the organizations are based in the UK, while the individuals, except two, are Emirati nationals.
The decision is part of the UAE’s national and international efforts to dismantle networks associated with the direct and indirect financing of terrorism, according to WAM.
Egypt and Saudi Arabia also classify the Muslim Brotherhood as a terror group.
The list of individuals as published by WAM includes:
1. Yousuf Hassan Ahmed Al-Mulla — Current nationality: Sweden, former nationality: Liberia.
2. Saeed Khadim Ahmed bin Touq Al-Marri — Nationality: Turkiye/UAE.
3. Ibrahim Ahmed Ibrahim Ali Al-Hammadi — Nationality: Sweden/UAE.
4. Ilham Abdullah Ahmed Al-Hashimi — Nationality: UAE.
5. Jasem Rashid Khalfan Rashid Al-Shamsi — Nationality: UAE.
6. Khaled Obaid Yousuf Buatabh Al-Zaabi — Nationality: UAE.
7. Abdulrahman Hassan Munif Abdullah Hassan Al-Jabri — Nationality: UAE.
8. Humaid Abdullah Abdulrahman Al-Jarman Al-Nuaimi — Nationality: UAE.
9. Abdulrahman Omar Salem Bajbair Al-Hadrami — Nationality: Yemen.
10. Ali Hassan Ali Hussein Al-Hammadi — Nationality: UAE.
11. Mohammed Ali Hassan Ali Al-Hammadi — Nationality: UAE.
The list of entities as published by WAM includes:
1. Cambridge Education and Training Center Ltd. — Based in: UK.
2. IMA6INE Ltd. — Based in: UK.
3. Wembley Tree Ltd. — Based in: UK.
4. Waslaforall — Based in: UK.
5. Future Graduates Ltd. — Based in: UK.
6. Yas for Investment and Real Estate — Based in: UK.
7. Holdco UK Properties Limited — Based in: UK.
8. Nafel Capital — Based in: UK.
Israeli troops recover body of Gaza hostage with signs son also killed
- It was not immediately clear how Youssef Ziyadne had been killed but Lt. Col. Nadav Shoshani said his death did not appear to have been recent
- Two other children of Ziyadne were released in an exchange of hostages for Palestinian prisoners that took place in November 2023
JERUSALEM: The body of Youssef Ziyadne, an Israeli Bedouin taken hostage by Hamas-led fighters on Oct. 7, 2023, has been found in a tunnel in Gaza, along with evidence suggesting his son may also have been killed, the Israeli military said on Wednesday.
It was not immediately clear how Youssef Ziyadne had been killed but Lt. Col. Nadav Shoshani said his death did not appear to have been recent.
“We are currently investigating the circumstances of his death and we are also investigating the findings regarding his son,” he told a briefing with reporters.
“These findings raise concern for his life and they are still being examined at this moment,” he said, without giving details.
Earlier Defense Minister Israel Katz said in a statement that the bodies of both men had been recovered.
Shoshani said special forces soldiers had conducted a “complex and difficult operation” in a tunnel in the area of the southern Gaza city of Rafah on Tuesday, and that the body of Ziyadne had been recovered close to bodies of armed guards from Hamas or another Palestinian militant group.
Two other children of Ziyadne, who were also abducted at the same time, were released in an exchange of hostages for Palestinian prisoners that took place in November 2023.
The recovery of Ziyadne’s body took place as negotiators continued talks in Doha to halt the fighting in Gaza and bring the remaining hostages back as part of a deal that would include the return of a number of Palestinian prisoners held by Israel.
Israel launched its assault on Gaza after Hamas fighters stormed across the border 15 months ago, killing 1,200 people and taking over 250 hostages, according to Israeli tallies.
More than 46,000 Palestinians have been killed in Israel’s air and ground war against Hamas, according to health officials in the enclave.
