US charges, sanctions Iranians linked to Revolutionary Guard cyber command

By Thomson Reuters Apr 23, 2024 | 2:02 PM

By Paul Grant and Jonathan Stempel

WASHINGTON/NEW YORK (Reuters) – The U.S. government on Tuesday announced criminal charges and sanctions against four Iranians over an alleged multi-year cyber campaign targeting more than one dozen American companies, the Treasury Department and the State Department said.

Sanctions were also announced against two companies, Mehrsam Andisheh Saz Nik and Dadeh Afzar Arman, that according to the Treasury Department employed the individual defendants and were front companies for Iran’s Revolutionary Guard cyber command.

Federal prosecutors in Manhattan said the corporate targets were primarily defense contractors that had access to classified information, while other targets included a New York-based accounting firm and New York-based hospitality company.

Prosecutors said the defendants infected computers with malware by using spearfishing, which involves tricking email recipients into clicking malicious links, and impersonating women to gain people’s confidence.

More than 200,000 employee accounts were compromised at the accounting firm, and more than 2,000 were compromised at the hospitality company, prosecutors said. The alleged wrongdoing occurred between 2016 and 2021.

“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” U.S. Attorney General Merrick Garland said in a statement.

The individual defendants Hossein Harooni, Reza Kazemifar, Alireza Nasab and Komeil Salmani are all in their mid- to late-30s and at large, prosecutors said.

Each was charged with wire fraud, wire fraud conspiracy and conspiracy to commit computer intrusions. Harooni was also charged with damaging a protected computer, and Harooni and Nasab were charged with aggravated identity theft.

(Reporting by Paul Grant and Jonathan Stempel; Additional writing by Caitlin Webber; Editing by Jonathan Oatis and Leslie Adler)