(NEWARK, N.J.) — Three Iranian nationals attempted to hack into hundreds of computers in the U.S. and around the world, demanding, and sometimes getting, a ransom, according to an indictment unsealed Wednesday.
The four-count grand jury indictment returned in Newark federal court charged the trio with hacking conspiracy, two counts of computer hacking and a count of computer extortion over an alleged ransomware conspiracy that targeted a range of organizations and critical infrastructure sectors such as healthcare centers, power companies and transportation services inside the U.S. and abroad.
Mansour Ahmadi, Ahmad Aghda, and Amir Ravari hacked into hundreds of computers inside the U.S. and around the world by often exploiting known vulnerabilities in network devices or software programs, the indictment said.
Once they gained access to an organization or company’s software, they would use a program known as BitLocker to encrypt data on their victims’ systems and demand a ransom either by threatening to release stolen data or keeping the data encrypted unless they were paid — at times making demands for hundreds of thousands of dollars, according to the court filing.
The three men would often send their demands to office printers. Prosecutors detailed some of the correspondence they had with their victims. Some of those targeted include a domestic violence center, which Khatibi is alleged to have extorted $13,000 from, a housing authority, which he demanded $500,000 ransom from, and the computer systems of a U.S. township and county, the indictment said.
The indictment did not allege involvement by the government of Iran. Instead, the three demanded the money be paid to themselves, it said, although a U.S. official told reporters the Iranian government’s lax laws could share the blame for failing go after actors who engage in this type of alleged conspiracy. The official said all three men are still believed to be within Iran and have not been arrested, and acknowledged it’s unlikely any will see the inside of a U.S. courtroom.
Accompanying the announcement of the indictment, the FBI will release a new joint cybersecurity bulletin…