Tag Archive for: charged

Three Iranian nationals charged with hacking New Jersey targets

/in


The U.S. Department of Justice unsealed an indictment Sept. 14 charging three Iranian nationals with allegedly running a massive, global ransomware operation that hacked into the computer networks of multiple U.S. victims, including several in the Garden State.

The indictment charges Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari of engaging in the scheme. The three, who are residents of Iran, are each charged with one count of conspiring to commit computer fraud and related activity, one count of intentionally damaging a protected computer, and one count of transmitting a demand in relation to damaging a protected computer.

“The Government of Iran has created a safe haven where cyber criminals acting for personal gain flourish and defendants like these are able to hack and extort victims, including critical infrastructure providers,” said Assistant Attorney General Matthew Olsen of the Justice Department’s National Security Division. “This indictment makes clear that even other Iranians are less safe because their own government fails to follow international norms and stop Iranian cyber criminals.”

Staying safe

cybersecurity

The hacking allegedly exploited vulnerabilities in software and networks to gain access and exfiltrate data and information from victims’ computer systems. The indictment also accuses the trio of denying victims access to their systems and data unless a ransom payment was made.

The three men are accused of victimizing a broad range of organizations, including small businesses, government agencies, nonprofit programs and institutions, as well as critical infrastructure sectors such as health care centers, transportation services and utility providers.

Here in New Jersey, according to court documents, the defendants targeted a township in Union County in February 2021, gaining control and access to the township’s network and data and using a hacking tool to establish persistent remote access to a particular domain that was registered to one of the men.

They are also accused of targeting a Morris County-based accounting firm in or before February 2022, using a hacking tool to establish a connection to a server registered to one of…

Source…

Three Iranian Nationals Charged with Engaging in Computer Intrusions and Ransomware-Style Extortion Against U.S. Critical Infrastructure

/in


An indictment was unsealed today charging three Iranian nationals with allegedly orchestrating a scheme to hack into the computer networks of multiple U.S. victims.

As alleged in the indictment, from October 2020 through the present, Mansour Ahmadi, aka Mansur Ahmadi, 34; Ahmad Khatibi Aghda, aka Ahmad Khatibi, 45; and Amir Hossein Nickaein Ravari, aka Amir Hossein Nikaeen, aka Amir Hossein Nickaein, aka Amir Nikayin, 30, engaged in a scheme to gain unauthorized access to the computer systems of hundreds of victims in the United States, the United Kingdom, Israel, Iran, and elsewhere, causing damage and losses to the victims.

“The Government of Iran has created a safe haven where cyber criminals acting for personal gain flourish and defendants like these are able to hack and extort victims, including critical infrastructure providers,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “This indictment makes clear that even other Iranians are less safe because their own government fails to follow international norms and stop Iranian cyber criminals.”

The defendants’ hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims’ computer systems. Ahmadi, Khatibi, Nickaein and others also conducted encryption attacks against victims’ computer systems, denying victims access to their systems and data unless a ransom payment was made.

The defendants victimized a broad range of organizations, including small businesses, government agencies, nonprofit programs and educational and religious institutions. Their victims also included multiple critical infrastructure sectors, including health care centers, transportation services and utility providers.

“Ransom-related cyberattacks — like what happened here — are a particularly destructive form of cybercrime,” said U.S. Attorney Philip R. Sellinger for the District of New Jersey. “No form of cyberattack is acceptable, but ransomware attacks that target critical infrastructure services, such as health care facilities and government agencies, are a threat to…

Source…

Iranian nationals charged in alleged ransomware conspiracy | WKHM-AM

/in


Witthaya Prasongsin/Getty Images

(NEWARK, N.J.) — Three Iranian nationals attempted to hack into hundreds of computers in the U.S. and around the world, demanding, and sometimes getting, a ransom, according to an indictment unsealed Wednesday.

The four-count grand jury indictment returned in Newark federal court charged the trio with hacking conspiracy, two counts of computer hacking and a count of computer extortion over an alleged ransomware conspiracy that targeted a range of organizations and critical infrastructure sectors such as healthcare centers, power companies and transportation services inside the U.S. and abroad.

Mansour Ahmadi, Ahmad Aghda, and Amir Ravari hacked into hundreds of computers inside the U.S. and around the world by often exploiting known vulnerabilities in network devices or software programs, the indictment said.

Once they gained access to an organization or company’s software, they would use a program known as BitLocker to encrypt data on their victims’ systems and demand a ransom either by threatening to release stolen data or keeping the data encrypted unless they were paid — at times making demands for hundreds of thousands of dollars, according to the court filing.

The three men would often send their demands to office printers. Prosecutors detailed some of the correspondence they had with their victims. Some of those targeted include a domestic violence center, which Khatibi is alleged to have extorted $13,000 from, a housing authority, which he demanded $500,000 ransom from, and the computer systems of a U.S. township and county, the indictment said.

The indictment did not allege involvement by the government of Iran. Instead, the three demanded the money be paid to themselves, it said, although a U.S. official told reporters the Iranian government’s lax laws could share the blame for failing go after actors who engage in this type of alleged conspiracy. The official said all three men are still believed to be within Iran and have not been arrested, and acknowledged it’s unlikely any will see the inside of a U.S. courtroom.

Accompanying the announcement of the indictment, the FBI will release a new joint cybersecurity bulletin…

Source…

Former Ontario bureaucrats charged in alleged $11M COVID-19 fraud are headed back to court

/in


The Ontario bureaucrats fired after the alleged theft of $11 million in provincial COVID-19 relief funds are headed back to court this week as criminal proceedings continue.

Sanjay and Shalini Madan, a married Toronto couple terminated from the public service in 2020 after the alleged fraud, will be in long trial assignment court on Wednesday.

They were charged last September by the Ontario Provincial Police, but their criminal trial might not begin in earnest until September 2023.

Police charged Sanjay Madan with two counts of fraud and two counts of breach of trust. He and Shalini Madan were also charged with laundering the proceeds of crime and possession of stolen property.

Two other men have also been charged in the case.

Toronto’s Vidhan Singh was charged with money laundering, fraud and possession of stolen property. Manish Gambhir of Brampton was charged with possession of stolen property and possession of an identity document related — or purported to relate — to another person.

Chris Sewrattan, Sanjay Madan’s defence lawyer, declined to comment Monday.

In separate Ontario Superior Court filings, the province alleges that “some or all of” the Madans, their adult sons, Chinmaya and Ujjawal, and Singh, funneled millions to thousands of TD, Bank of Montreal, Royal Bank of Canada, Tangerine, and India’s ICICI bank accounts in spring 2020.

Chinmaya and Ujjawal do not face any criminal charges, but the parallel civil court case is ongoing.

The province’s allegations against the Madans and Singh have not been proven in civil court.

The criminal charges have also not been proven in court.

Sanjay Madan was fired in November 2020 from a $176,608-a-year job as the Ministry of Education’s information technology leader on the Support for Families program.

That pandemic fund — later enriched and renamed the Ontario COVID-19 Child Benefit before being wound down a year ago — gave parents $200 per child under age 12 and $250 per child and youth under 21 with special needs to offset online educational expenses.

In civil court testimony, which may not be used against him in the criminal action if it violates his charter-protected rights against self-incrimination, Sanjay Madan…

Source…