Federal prosecutors have indicted three state-sponsored Iranian hackers who tried on behalf of the Islamic Revolutionary Guard Corps to infiltrate U.S. companies' networks and steal "critical information related to U.S. aerospace and satellite technology."
"This case highlights the Islamic Revolutionary Guard Corps' efforts to infiltrate the networks of American companies in search of valuable commercial information and intellectual property," said Assistant Attorney General for National Security John C. Demers. "It is yet another effort by a rogue foreign nation to steal the fruits of this country’s hard work and expertise."
G. Zachary Terwilliger, U.S. attorney for the Eastern District of Virginia, said: "We will relentlessly pursue and expose those who seek to harm American companies and individuals wherever they reside in the world. The use of malware, the theft of commercial data and intellectual property, and the use of social engineering to steal the identities of U.S. citizens to accomplish unlawful acts will not be tolerated."
The accused are Said Pourkarim Arabi, 34, Mohammad Reza Espargham, age unknown, and Mohammad Bayati, 34. The U.S. District Court for the Eastern District of Virginia has issued warrants for their arrest.
Arabi, a member of the IRGC, is accused of conspiracy to commit computer intrusions, obtaining information by unauthorized access to protected computers, intentional damage to protected computers, aggravated identity theft and conspiracy to commit wire fraud.
Esphargham is charged with conspiracy to commit computer intrusions, obtaining information by unauthorized access to protected computers, intentional damage to protected computers, and conspiracy to commit wire fraud. Bayati is charged with conspiracy to commit computer intrusions and conspiracy to commit wire fraud.
Possible penalties include jail terms of five to 20 years for each of the counts.
All three are residents and nationals of Iran.
Prosecutors allege the defendants' hacking campaign targeted numerous companies and organizations in the United States and abroad. It allegedly began in approximately July 2015 and continued until at least February 2019.
"According to the indictment, the defendants at one time possessed a target list of over 1,800 online accounts, including accounts belonging to organizations and companies involved in aerospace or satellite technology and international government organizations in Australia, Israel, Singapore, the United States, and the United Kingdom," the prosecutors said.
They "engaged in a coordinated campaign of social engineering to identify real U.S. citizens working in the satellite and aerospace fields whose identities the defendants could assume online. The defendants then impersonated those individuals and used their stolen identities to register email addresses and fraudulently purchase domains and hacking tools for use in the scheme. The defendants then created customized spear phishing emails that purported to be from the individuals whose identities the defendants had stolen, in an attempt to entice the recipients to click on malicious links embedded in the emails. Once a recipient clicked on a malicious link, malware would be downloaded to the individual’s computer, giving the defendants unauthorized access to the recipient’s computer and network."
"Today’s charges are yet another example of the FBI’s dedication to investigating those who target and attempt to steal data and proprietary information from the U.S.," said James A. Dawson, assistant director in charge of the FBI's Washington field office. "Today's charges allege that these individuals conspired in a coordinated campaign with known IRGC members and acted at their direction."
The post State-sponsored Iranian hackers indicted for trying to steal U.S. aerospace tech appeared first on WND.
