Security News > 2024 > March > Iranian charged over attacks against US defense contractors, government agencies
The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies.
"Nasab participated in a cyber campaign using spear phishing and other hacking techniques to infect more than 200,000 victim devices, many of which contained sensitive or classified defense information," said Damian Williams, US Attorney for the Southern District of New York.
According to [PDF] the DoJ, Nasab and his accomplices primarily targeted US contractors cleared to work with the Department of Defense, though not exclusively.
It's claimed that Nasab's crew compromised an administrator email account belonging to a defense contractor, which was used to register a pair of fake accounts used to target employees at another contractor, as well as a consulting firm.
If convicted on all counts, Nasab could face up to 47 years in prison, though the US might have trouble finding him.
Nasab, a citizen of Iran, remains at large and the Department of State's Rewards for Justice Program is offering $10 million for information leading to identification or Nasab's whereabouts.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/01/iranian_cyberattack_charges/
Related news
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- US warns of last-minute Iranian and Russian election influence ops (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)