Iranian Hackers Indicted for Widespread Computer Hacking as well as Extortion Scheme

Two men of Iranian origin were indicted in New Jersey by the Federal Grand Jury on Wednesday, November 28, 2018. They were indicted for widespread computer hacking as well as extortion scheme, which affected the major computer systems throughout Canada and United States.

The scheme was launched by the two Iranian hackers in the month of December 2015. Their aim was to hold large number of computer systems hostage till the ransom was paid by the system owners to remove the malicious software from their systems. As per the Federal authorities, the critical systems of the country, including hospitals, were infected with the malware, and the attackers extorted $6 million from over 200 victims.

The Federal court documents of New Jersey allege that Mohammad Mehdi Shah Mansouri, aged 27, and Faramarz Shahi Savandi, aged 34, accessed CDOT system in the month of February and then deployed a ransomware called 'SamSam' on its computers.

The Prosecutors alleged that the two accused demand a ransom to be paid in the form of Bitcoin from the CDOT, and in exchange they said they will give them the keys to decrypt the data. This incidence led the agency to shut down the systems of around 1300 employees along with 400 computer servers. However, the State said that critical traffic systems, such as traffic lights, were not affected.

According to Chief Information Security Officer, Office of Information Technology of the State, Deborah Blyth, the authorities took over six weeks to clean up the infected machines. The estimated cost for the clean up came up to $1.5 million to $2 million with labour and expenses.

Blyth further added that, "today's indictment shows how seriously we take this type of criminal activity. We want to thank the FBI for their partnership and commitment to prosecuting the malicious actors who are responsible for these devastating cyber attacks".

Besides, the Iranian hackers, Mansouri and Savandi are suspected also of infiltrating as well as holding hostage data belonging to various municipalities, including Newark and Atlanta, and numerous healthcare providers throughout the United States. They demand a ransom to be paid in the form of Bitcoin from their targets, and then use the Iran-based Bitcoin exchangers for converting the bitcoin into Rial, monetary currency of Iran.

Rod Rosenstein, Deputy U.S. Attorney General, commented that, "the defendants chose to focus their scheme on public entities, hospitals, and municipalities. They knew that shutting down those computer systems could cause significant harm to innocent victims".

» SPAMfighter News - 12/4/2018