Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

Mabna Institute Hackers Penetrated Systems Belonging to Hundreds of Universities, Companies, and Other Victims to Steal Research, Academic and Proprietary Data, and Intellectual Property

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps
Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

An Indictment charging Gholamreza Rafatnejad, 38; Ehsan Mohammadi, 37; Abdollah Karima, aka Vahid Karima, 39; Mostafa Sadeghi, 28; Seyed Ali Mirkarimi, 34; Mohammed Reza Sabahi, 26; Roozbeh Sabahi, 24; Abuzar Gohari Moqadam, 37; and Sajjad Tahmasebi, 30, all citizens and residents of Iran, was unsealed today.  The defendants were each leaders, contractors, associates, hackers-for-hire or affiliates of the Mabna Institute, an Iran-based company that, since at least 2013, conducted a coordinated campaign of cyber intrusions into computer systems belonging to 144 U.S. universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund.  Through the defendants’ activities, the Mabna Institute stole more than 31 terabytes of academic data and intellectual property from universities, and email accounts of employees at private sector companies, government agencies, and non-governmental organizations.  The defendants conducted many of these intrusions on behalf of the Islamic Republic of Iran’s (Iran) Islamic Revolutionary Guard Corps (IRGC), one of several entities within the government of Iran responsible for gathering intelligence, as well as other Iranian government and university clients.  In addition to these criminal charges, today the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated the Mabna Institute and the nine defendants for sanctions for the malicious cyber-enabled activity outlined in the Indictment.

The charges were announced by Deputy Attorney General Rod J. Rosenstein; Assistant Attorney General for National Security John C. Demers; U.S. Attorney Geoffrey S. Berman for the Southern District of New York; FBI Director Christopher A. Wray; Assistant Director in Charge William F. Sweeney Jr. of the FBI’s New York Field Division; and Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker.

“These nine Iranian nationals allegedly stole more than 31 terabytes of documents and data from more than 140 American universities, 30 American companies, five American government agencies, and also more than 176 universities in 21 foreign countries,” said Deputy Attorney General Rosenstein.  “For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps.  The Department of Justice will aggressively investigate and prosecute hostile actors who attempt to profit from America’s ideas by infiltrating our computer systems and stealing intellectual property.  This case is important because it will disrupt the defendants’ hacking operations and deter similar crimes.”

“Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code,” said U.S. Attorney Berman.  “As alleged, this massive and brazen cyber-assault on the computer systems of hundreds of universities in 22 countries and dozens of private sector companies and governmental organizations was conducted on behalf of Iran’s Islamic Revolutionary Guard.  The hackers targeted innovations and intellectual property from our country’s greatest minds.  These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest.  The only way they will see the outside world is through their computer screens, but stripped of their greatest asset – anonymity.”

“This investigation involved a complex threat in a dynamic landscape, but today’s announcement highlights the commitment of the FBI and our partners to vigorously pursue those that threaten U.S. property and security,” said Director Wray.  “Today, not only are we publicly identifying the foreign hackers who committed these malicious cyber intrusions, but we are also sending a powerful message to their backers, the Government of the Islamic Republic of Iran: your acts do not go unnoticed.  We will protect our innovation, ideas and information, and we will use every tool in our toolbox to expose those who commit these cyber crimes.  Our memory is long; we will hold them accountable under the law, no matter where they attempt to hide.”

Read More: US Department of Justice – Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights

Latest news
Related news