Colin Thierry
The Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions on Wednesday against 10 individuals and two entities who are associated with Iran’s Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware támadásokat.
Over the past two years, these threat actors have been linked to ransomware incidents where they compromised networks belonging to organizations in the United States and internationally.
“Several cybersecurity firms have determined these intrusion sets as being associated with the Government of Iran, and have identified them as having conducted a varied range of malicious cyber-enabled activities, including ransomware and cyber-espionage,” the Department of Treasury said in its sajtóközlemény szerdán.
“This group has launched extensive campaigns against organizations and officials across the globe, particularly targeting the U.S. and Middle Eastern defense, diplomatic, and government personnel, as well as private industries including media, energy, business services, and telecommunications,” the US Treasury added.
The IRGC-affiliated group is made up of employees and associates of Iran-based companies Najee Technology Hooshmand Fater LLC (Najee Technology) and Afkar System Yazd Company (Afkar System).
Additionally, the US Department of the Treasury szankcionált individuals linked to Net Peygard Samavat Company for working with the IRGC and Iran’s Ministry of Intelligence and Security (MOIS) back in 2019.
Then, in 2020, the U.S. Treasury szankcionált Rana Intelligence Computing Company and some of its employees for acting as a front company to organize and coordinate cyber-attackers for the MOIS.
Az amerikai külügyminisztérium is felajánlott a $10 million reward for information regarding three of the sanctioned Iranians (Mansour Ahmadi, Ahmad Khatibi Aghda, and Hossein Nikaeen Ravari) who were also töltött by the Department of Justice on Wednesday for being involved in ransomware attacks against US critical infrastructure organizations.
Finally, the cybercriminal group’s actions were described in further detail in a közös tanácsadás issued earlier on Wednesday by cybersecurity agencies in the US, Canada, UK, and Australia.
