The US Justice Department has unsealed an indictment charging an Iranian national with involvement in spearphishing attacks against government and private entities. The fed is offering a $10 million reward for information leading to the hacker’s arrest.
Between 2016 and 2021, Alireza Shafie Nasab allegedly formed part of a hacking organization that ran a coordinated campaign targeting more than a dozen US companies and the US Departments of the Treasury and State.
The 39-year-old was employed by Mahak Rayan Afraz, an Iran-based company that claimed to provide cybersecurity services, but was actually a front.
Nasab was allegedly responsible for procuring infrastructure and is accused of using a stolen identity to register a server and email accounts used in the course of the cyber campaigns.
The hacking group’s private sector victims were primarily cleared defense contractors, which are companies that support US Department of Defense programs. In addition, the group targeted an accounting firm and a hospitality company, both based in New York.
The group used spearphishing tactics to infect more than 200,000 computers with malware. According to the indictment, they created and used “a particular computer application” (likely a phishing kit) that let the crew to organize and deploy their spearphishing attacks.
Nasab and his co-conspirators allegedly compromised an administrator email account belonging to a defense contractor, which enabled them to create unauthorized accounts for use in spearphishing campaigns targeting employees of a different defense contractor and a consulting firm.
The crew also allegedly impersonated women and used social engineering tactics “to obtain the confidence of victims,” the indictment alleges.
Nasab is charged with multiple counts involving computer fraud, wire fraud, and aggravated identity theft, and faces decades behind bars if found guilty.
The Department of State is offering a reward of up to $10 million to anyone who provides information leading to the identification or location of Nasab.
Anyone with information on Nasab and his cyberactivity is urged to contact Rewards for Justice via their Tor-based tips-reporting channel at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsSeptember 06, 2024
September 02, 2024