Three Iranian nationals charged with hacking New Jersey targets
The U.S. Department of Justice unsealed an indictment Sept. 14 charging three Iranian nationals with allegedly running a massive, global ransomware operation that hacked into the computer networks of multiple U.S. victims, including several in the Garden State.
The indictment charges Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari of engaging in the scheme. The three, who are residents of Iran, are each charged with one count of conspiring to commit computer fraud and related activity, one count of intentionally damaging a protected computer, and one count of transmitting a demand in relation to damaging a protected computer.
“The Government of Iran has created a safe haven where cyber criminals acting for personal gain flourish and defendants like these are able to hack and extort victims, including critical infrastructure providers,” said Assistant Attorney General Matthew Olsen of the Justice Department’s National Security Division. “This indictment makes clear that even other Iranians are less safe because their own government fails to follow international norms and stop Iranian cyber criminals.”
Staying safe
The hacking allegedly exploited vulnerabilities in software and networks to gain access and exfiltrate data and information from victims’ computer systems. The indictment also accuses the trio of denying victims access to their systems and data unless a ransom payment was made.
The three men are accused of victimizing a broad range of organizations, including small businesses, government agencies, nonprofit programs and institutions, as well as critical infrastructure sectors such as health care centers, transportation services and utility providers.
Here in New Jersey, according to court documents, the defendants targeted a township in Union County in February 2021, gaining control and access to the township’s network and data and using a hacking tool to establish persistent remote access to a particular domain that was registered to one of the men.
They are also accused of targeting a Morris County-based accounting firm in or before February 2022, using a hacking tool to establish a connection to a server registered to one of…