For many years, 2 Iranian hackers infiltrated systems & targeted intellectual property & national security data.
The US has charged 2 Iranian hackers who supposedly broke into companies, sometimes for the Iranian government, & stole data, with much being classified.
An indictment outlining the charges was unsealed on Wednesday.
100s of Terabytes
The 2 men allegedly stole 100s of terabytes of “highly protected & extremely sensitive” data pertaining to national security, foreign policy intelligence, non-military nuclear information, aerospace data, human rights activist information, victim financial information & personally identifiable information, & intellectual property, including unpublished scientific research, according to New Jersey’s US Attorney’s Office, which announced the charges.
“They brazenly infiltrated computer systems & targeted intellectual property & often sought to intimidate perceived enemies of Iran, including dissidents fighting for human rights in Iran & worldwide. This threatens our national security, & as a result, these defendants are wanted by the FBI & are considered ‘fugitives from justice’,” US Attorney Craig Carpenito explained this week.
Descriptions of Firms
No companies were publicly named in the indictment, but descriptions of firms were. The victims included a ‘university in New Jersey’, ‘a telecom in Israel’, ‘a defence contractor in California’, ‘an aerospace firm in Saudi Arabia’, in addition to various other govt. agencies & non-profits.
From some of the dates in the indictment, it is clear that this investigation has been going on for a long time.
The 2 men, Hooman Heidarian & Mehdi Farhadi, 1st carried out the hacks as early as Jan. 2010. They used session hijacking, SQL injection, & malware to secure access to systems, then key loggers & remote access trojans to maintain access. To help the operation the 2 developed a botnet that spread malware, DDoS attacks, & spam.
They put together some of the stolen data – names of users of victim networks, access credentials, addresses, phone numbers, social security numbers – & shared, advertised, & priced their privileged access to customers.
The 2 did not just steal intellectual property & other data, they caused trouble as well, vandalising websites, posting things that “appeared to signal the purported demise of Iran’s internal opposition.”
Messages were mainly pro-Iran, other defacements included images of burning Israeli flags & “threats forecasting the death or demise of citizens in the US, Israel, & elsewhere.”
In total the 2 are charged with 10 counts – 1 count each of conspiracy to commit fraud & related activity in connection with computers & access devices; computer fraud – unauthorised access to protected computers: computer fraud, unauthorised damage to protected computers; conspiracy to commit wire fraud; & access device fraud; & 5 counts of aggravated identity theft.