WASHINGTON: The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter.
The charges accuse the hacking suspects of targeting hundreds of entities in the US and around the world, including inside Britain, Australia, Iran, Russia and the US, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said.
But a separate US Treasury announcement of sanctions said the three were part of a larger hacking group tied to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC), and the US State Department has offered a $10 million reward for information on them.
The indictment identified the three as Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nikaeen Ravari.
It said that between October 2020 and August 2022, the men used known vulnerabilities in computer systems to attack multiple targets in the United States, stealing their data and demanding up to hundreds of thousands of dollars to have it returned.
Those included local governments, a shelter for victims of domestic violence, a children’s hospital in Boston, accounting firms and electricity generating companies.
The victims were not methodically chosen but were “targets of opportunity” whose computer systems were vulnerable to hacking, officials said.
“The indictment does not allege that these actors undertook these actions on behalf of the Government of Iran,” a senior Justice Department official told reporters.
The three “engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain,” FBI Director Chris Wray said in a separate statement.
But a concurrent announcement by the US Treasury said the three were part of a group of 10 Iranian hackers targeted with sanctions that was backed by the Revolutionary Guards.
“This IRGC-affiliated group is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities,” the Treasury said.
Their actions align with those of known Iranian cyberattack operations which private cybersecurity groups have dubbed “APT35,” “Charming Kitten” and “Phosphorous,” Treasury added.
The Biden administration has tried to go after hackers who have held US targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast.
Iran-based hackers have also been a focus over the last year, with the FBI last year thwarting a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government.
“The cyber threat facing our nation is growing more dangerous and complex every day,” FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. “Today’s announcement makes clear the threat is both local and global. It’s one we can’t ignore and it’s one we can’t fight on our own, either.”
the Treasury Department’s Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of a technology firm it says is affiliated with the Revolutionary Guard.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers.
The actions come amid an apparent stalemate in talks between the US and Iran over the possible revival of a 2015 nuclear deal. Israel and some US lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran’s nuclear program a failure.
The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it “functionally impossible” for them to leave the country.
(With AFP and AP)
3 Iranian citizens charged in broad hacking campaign in US
https://arab.news/6cucw
3 Iranian citizens charged in broad hacking campaign in US
- Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nikaein are citizens of Iran who own or are employed by private technology companies in the country
- Treasury Department also sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard
Thousands protest in Iraq against the Iran-Israel war
- “No to Israel! No to America!” chanted demonstrators gathered after Friday prayers in the Sadr City district of Baghdad
- In Iraq's southern city of Basra, around 2,000 people demonstrated after the prayers
BAGHDAD: Thousands of supporters of powerful Iraqi cleric Moqtada Sadr rallied Friday in Baghdad and other cities against Israel’s war with Iran, AFP correspondents said.
“No to Israel! No to America!” chanted demonstrators gathered after Friday prayers in the Sadr City district of Baghdad, Moqtada Sadr’s stronghold in the capital, holding umbrellas to shield themselves from Iraq’s scorching summer sun.
“It is an unjust war... Israel has no right” to hit Iran, said protester Abu Hussein.
“Israel is not in it for the (Iranian) nuclear (program). What Israel and the Americans want is to dominate the Middle East,” added the 54-year-old taxi driver.
He said he hoped Iran would come out of the war victorious, and that Iraq should support its neighbor “with money, weapons and protests.”
In Iraq’s southern city of Basra, around 2,000 people demonstrated after the prayers, according to an AFP correspondent.
Cleric Qusai Assadi, 43, denounced Israel’s use of Iraqi airspace to bomb Iran. “It is a violation of Iraq’s sovereignty,” he said, warning against “a third world war against Islam.”
Echoing the views of Sadr, Assadi said that Iraq should not be dragged into the conflict.
In a statement earlier this week, Sadr condemned “the Zionist and American terrorism” and the “aggression against neighboring Iran, Palestine, Lebanon, Syria and Yemen,” referring to Israel’s military operations in those countries.
Sadr, who once led a militia fighting US-led forces after the 2003 invasion, retains a devoted following of millions among the country’s majority community of Shiite Muslims, and wields great influence over Iraqi politics.
He has previously criticized Tehran-backed Iraqi armed factions, who have threatened US interests in the region if the United States were to join Israel in its war against Iran.
On Friday, Israel launched a surprise attack targeting Iran’s military and nuclear sites and killing top commanders and scientists, saying it was acting to prevent Iran from obtaining a nuclear weapon, an ambition Tehran denies having.
The assault has prompted Iran to retaliate with barrages of missiles aimed at Israel, with residential areas in both countries suffering.
Iraq is both a significant ally of Iran and a strategic partner of Israel’s key supporter, the United States, and has for years negotiated a delicate balancing act between the two foes.
It has only recently regained a semblance of stability after decades of devastating conflicts and turmoil.
Fearful of Iranian missiles, many sleep in Israel’s underground train stations
- “We’re not sleeping because of the anxiety and because of the sirens that are happening during the nights,” said Shraibmen
- Melech said the scene, with hundreds of people in their pajamas in the train station, reminded her of her grandfather’s stories from World War II
RAMAT GAN, Israel: Aziza Melech felt her body relax for the first time in days when she settled onto her inflatable mattress in an underground station of Israel’s light rail system on a recent evening.
For the next few hours, at least, the 34-year-old event planner wouldn’t need to run every time a siren warning of Iranian missiles sounded.
Since the war began a week ago with Israel’s airstrikes on Iran, families with young kids, foreign workers, and young professionals have brought mattresses and sleeping bags, snacks and pets into the stations each evening.
Repeatedly running for shelter
On Wednesday night, in a station that straddles Tel Aviv and neighboring Ramat Gan, parents settled in their kids with stuffed animals, while young people fired up tablets loaded with movies.
Many walked in carrying boxes of pizza. Workers set out snacks and coffee.
It was Melech’s first night sleeping in the brightly lit train station, and she was joined by her friend Sonia Shraibmen.
“We’re not sleeping because of the anxiety and because of the sirens that are happening during the nights,” said Shraibmen. “It’s very scary to run every time to the shelter.”
That morning, Shraibmen fell on the street while rushing to a nearby shelter, and decided to move somewhere where she wouldn’t have to get up and run each time her phone blared.
Melech said the scene, with hundreds of people in their pajamas in the train station, reminded her of her grandfather’s stories from World War II. “Now, we’ll be able to tell our grandkids about this,” she said.
The war between Israel and Iran began on June 13, when Israel launched airstrikes targeting Iranian nuclear and military sites as well as top generals and nuclear scientists.
More than 600 people, including over 200 civilians, have been killed in Iran and more than 2,000 wounded, according to a Washington-based Iranian human rights group. People in Tehran have also packed into metro stations as strikes boomed overhead.
Iran has retaliated by firing 450 missiles and more than 1,000 drones at Israel, according to Israeli army estimates. Those strikes have killed have killed 24 people and injured hundreds in Israel. Missiles have struck 40 different sites, including apartment buildings, offices and a hospital, according to authorities.
Footage of pancaked buildings or apartment towers with faces sheared off has forced some people to reconsider what they do when a siren blares.
The Tel Aviv light rail, which is not running because of the war, has several underground stations. In addition to the hundreds who sleep in them each night, thousands of others come only when there’s a siren, crowding into every part of the station not taken up by mattresses.
Those living older apartments lack shelter
Around half of the nighttime residents at the train station are foreign workers, who often live in older apartment buildings that are often not equipped with adequate shelters.
While new buildings in Israel are required to have reinforced safe rooms meant to withstand rockets, Iran is firing much stronger ballistic missiles. And shelter access is severely lacking in poorer neighborhoods and towns, especially in Arab areas.
Babu Chinabery, a home health aide from India, said he went to the station ”because we are very scared about the missiles because they’re so strong.”
Chinabery, 48, has been in Israel for 10 years, so he is no stranger to the sirens. But the past week has been something different. “It’s very difficult, that’s why we’re coming to sleep here,” he said.
The light rail stations aren’t the only places people have sought shelter.
Around 400 people also sleep in an underground parking garage at one of the city’s biggest malls each night, according to organizers. Mutual aid groups set up more than 100 tents, each one in a parking space, providing a bit more privacy for people who wanted to sleep in a safe area.
Tel Aviv’s Central Bus Station — a half-abandoned cement behemoth — also opened its underground atomic shelter to the public for the first time in years.
While likely one of the safest places in Israel during a missile attack, the creepily deserted rat- and cockroach-infested shelter, filled with standing water from leaky pipes, attracted only a handful of curious onlookers during the day and no residents at night.
Not taking ‘unnecessary risks’
Roi Asraf, 45, has been sleeping at the train station in Ramat Gan for the past few nights with his wife and 3-year-old daughter, even though they have a safe room at home.
“I don’t like to take unnecessary risks,” he said.
They now have the routine down: They give their daughter a bath at home, get everyone in their pajamas, and walk to the train station by 7 p.m. Local volunteers have run a nightly show for kids to help settle them before sleep.
“I hope (the conflict) will be short and quick,” said Asraf, after his daughter, Ariel, bounded off with her mom to catch the show. Despite the difficulties, he supports Israel’s attack on Iran.
“If I have to sleep a week of my life in a train station for everything to be safer, I’m willing to do it,” he said.
Libya objects to Greek tender for hydrocarbon exploration off Crete
- Greece opposed the agreement, saying it had no legal basis
- Last month Athens invited bidders for hydrocarbon exploration in two blocks south of Crete
TRIPOLI: Libya’s internationally recognized government of national unity has objected to Greece’s approval of an international tender for hydrocarbon exploration off the island of Crete, saying some of the blocks infringed upon its own maritime zones.
The two countries have been trying to mend relations strained by an accord signed in 2019 between the Libyan government and Greece’s regional rival Turkiye, which mapped out a sea area between them close to the Greek island.
Greece opposed the agreement, saying it had no legal basis as it sought to create an exclusive economic zone from Turkiye’s southern Mediterranean shore to Libya’s northeast coast, ignoring the presence of Crete.
Last month Athens invited bidders for hydrocarbon exploration in two blocks south of Crete following an expression of interest by US major Chevron.
Libya’s Tripoli-based foreign ministry said in a statement late on Thursday that some of the tendered sea blocks off Crete fell within disputed zones and were “a clear violation of Libya’s sovereign rights.”
The ministry objected “to any exploration or drilling activities in these areas without a prior legal understanding that respects the rules of international law,” it said, calling on Greek authorities to prioritize dialogue and negotiation.
Responding to questions at the Greek parliament, Greek Foreign Minister George Gerapetritis said Greece was willing to discuss with Libya “the delimitation of maritime zones within the framework of international law.”
Gerapetritis is expected to visit Libya in the coming weeks, an official with the Greek foreign ministry told Reuters on condition of anonymity.
Israeli defense minister warns Hezbollah against joining conflict with Iran
- Hezbollah has made no explicit pledge to join the fighting
JERUSALEM: Israeli Defense Minister Israel Katz warned Lebanon’s Hezbollah to exercise caution on Friday, saying Israel’s patience with “terrorists” who threaten it had worn thin.
The head of Iran-backed Hezbollah, Naim Qassem, said on Thursday that the Lebanese group would act as it saw fit in the face of what he called “brutal Israeli-American aggression” against Iran.
In other statements, the group has made no explicit pledge to join the fighting and a Hezbollah official told Reuters last week that the group did not intend to initiate attacks against Israel.
Gaza rescuers say 43 killed by Israeli forces
- Civil defense official says 26 people killed while gathered near aid distribution center
GAZA CITY: Gaza’s civil defense agency said Israeli forces killed at least 43 people on Friday, including 26 who had gathered near an aid distribution center, the latest in a string of deadly incidents targeting aid seekers in the Palestinian territory.
“Forty-three martyrs have fallen as a result of the ongoing Israeli bombardment on the Gaza Strip since dawn today, 26 of whom were waiting for humanitarian aid,” Mohammad Al-Mughayyir, director of medical supply at the civil defense agency in Gaza, told AFP.
