Saturday, January 18, 2025
HomeSecurity NewsU.S. Department of Justice Charged Nine Iranian Hackers for Conducting Massive Cyber...

U.S. Department of Justice Charged Nine Iranian Hackers for Conducting Massive Cyber Theft Campaign

Published on

SIEM as a Service

Follow Us on Google News

The U.S. Department of Justice Charged Nine Iranian Hackers for conducting a massive cyber theft campaign to steal academic data and intellectual property from U.S.& foreign universities, private companies, and U.S. government entities.

The cybercriminals were the affiliate of the Iran based Mabna Institute and they coordinated with the campaign starting at least from 2013 to December 2017.

During this Four-year campaign attackers successfully infiltrated into 8,000 professor email accounts across 144 U.S.-based universities, 76 universities located in foreign countries and 30 American companies.

According to the court statement, attackers charged into all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields.

They approximately stolen more than 31 terabytes of data and intellectual property, their main goal is to steal the professor’s login details to gain unauthorized access to the system and steal whatever data available.

“Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code,” said U.S. Attorney Berman.

This massive theft campaign attack focused on a number of universities in 22 countries and dozens of private segment companies and governmental organizations directed in the interest of Iran’s Islamic Revolutionary Guard.

Also Read Hacking vs Spying: How puzzling it is to Find the Hackers in Cyber World

Iran based Mamba institute was found by the defendants Gholamreza Rafatnejad and Ehsan Mohammadi and their goal is to assist Iranian universities and scientific sectors by stealing other countries scientific resources.

The State-Sponsored hacker group contracted with both Iranian governmental and private entities for conducting hacking on their behalf reads court statement.

Name and roles of Nine Iranian Hackers

Gholamreza Rafatnejad – Founder of the Mabna Institute.

Ehsan Mohammadi – Founder of the Mabna Institute and organize university hacking campaigns.

Seyed Ali Mirkarimi – Hacker and contractor of Mabna Institute, engaged in various hacking campaigns.

Mostafa Sadeghi – Affiliate of Mabna Institute, who hacked more than 1,000 university professor’s accounts.

Sajjad Tahmasebi – Mabna Institute contractor who organized spearphishing campaign targeting universities.

Abdollah Karima – Businessman who sold the stolen academic data.

Abuzar Gohari Moqadam – Professor and affiliate of Mabna Institute.

Mohammed Reza Sabahi – Associate of Mabna Institute Involved in spear phishing activities.

Behzad Mesri – Targets Media companies, who illegally gained access to HBO Network and leaked unreleased scripts of Game of Thrones.

The Cyber Theft Campaign campaign targets following countries Australia, Canada, China, Denmark, Finland, Germany, Ireland, Israel, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Singapore, South Korea, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

New Tool Unveiled to Scan Hacking Content on Telegram

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024

Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...