US Treasury announced sanctions against seven Iranian nationals and other entities

CERT-LatestNews Security News ThreatsCybercrime ThreatsStrategic Uncategorized
Fb-Button

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and Iranian nationals for malicious cyber-enabled activity.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and individuals for malicious cyber-enabled activity.

US Dept. of Treasury announced sanctions against 7 Iranian nationals and security firms for ‘malicious cyber-activity’ against US entities.

The seven Iranians were employed by ITSecTeam (ITSEC) and Mersad Company (MERSAD), both private companies were working for the Iranian government and the Islamic Revolutionary Guard.

The Iranian nationals were indicted by the US Department of Justice in early 2016, the US authorities charged seven Iranian hackers for attacking computer systems at banks and a dam in New York.

Now the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a total of 11 Iranian entities and individuals for alleged support of hacking activities as well as two Iran-based networks that were involved in a massive distributed denial-of-service attacks that targeted the US financial institutions in 2012.

“OFAC designated private Iranian computer security company ITSec Team pursuant to E.O. 13694 for causing a significant disruption to the availability of a computer or network of computers.  Between approximately December 2011 and December 2012, ITSec Team planned and executed distributed denial of service (DDoS) attacks against at least nine large U.S. financial institutions, including top U.S. banks and U.S. stock exchanges.  During that time, ITSec Team performed work on behalf of the Iranian Government, including the IRGC.” states the press release issued by the US Treasury.

“OFAC also designated three Iranian nationals for acting for or on behalf of ITSec Team.  Ahmad Fathi was responsible for supervising and coordinating ITSec Team’s DDoS attacks against the U.S. financial sector.  Amin Shokohi, a computer hacker who worked for ITSec Team, helped build the botnet that ITSec Team used in its DDoS attacks against U.S. financial institutions.  Hamid Firoozi, a network manager at ITSec Team, procured computer servers for the botnet that ITSec Team used in its DDoS activities targeting the U.S. financial sector.”

Iranian nationals sanctioned

Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitr0jen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26; were charged to have launched DDoS attacks against 46 organizations, most of which US financial institutions from late 2011 to mid-2013.

Firoozi was also charged with hacking into a server at a New York dam between August and September 2013.

“Hamid Firoozi, a network manager at ITSec Team, procured computer servers for the botnet that ITSec Team used in its DDoS activities targeting the U.S. financial sector.” continues the press release.

The Treasury Department’s has decided to block all property and interests in property of the Iranians entities and U.S. citizens are generally prohibited from engaging in transactions with them.

“As a result of today’s actions, all property and interests in property of those designated subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them.” states the press release. “In addition, foreign financial institutions that facilitate significant transactions for, or persons that provide material or certain other support to, the entities and individuals designated today risk exposure to sanctions that could sever their access to the U.S. financial system or block their property and interests in property under U.S. jurisdiction.”

Of course, any foreign financial institutions will support the sanctioned individuals or entities will also face possible sanctions.




http://securityaffairs.co/wordpress/63126/cyber-warfare-2/iranian-nationals-sanctions.html

Tagged