18 September 2020

Three Iranians charged for attacks on US aerospace and satellite companies


Three Iranians charged for attacks on US aerospace and satellite companies

The US Department of Justice has unsealed an indictment charging three Iranian nationals for conducting cyberattacks on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC) aimed at stealing critical information related to U.S. aerospace and satellite technology and resources.

The suspects are Said Pourkarim Arabi, 34, Mohammad Reza Espargham, 25, and Mohammad Bayati, 34. The DoJ alleges that from approximately July 2015 and until at least February 2019 the defendants were conducting hacking campaigns against numerous companies and organizations in the United States and abroad.

“The defendants at one time possessed a target list of over 1,800 online accounts, including accounts belonging to organizations and companies involved in aerospace or satellite technology and international government organizations in Australia, Israel, Singapore, the United States, and the United Kingdom,” according to the DoJ’s press release.

The accused allegedly used social engineering to identify real United States citizens working in the satellite and aerospace fields and then using stolen identities of those individuals registered mail addresses and used them to purchase domains and hacking tools for use in the their attacks.

The men targeted victims with spear phishing emails that were disguised as messages coming from the individuals whose identities the defendants had stolen that contained malicious links which when clicked downloaded malware on a victim’s machine.

The hackers used additional tools to maintain access to compromised systems, elevate their privileges and steal valuable data.

“Using these methods, the defendants successfully compromised multiple victim networks, resulting in the theft of sensitive commercial information, intellectual property, and personal data from victim companies, including a satellite-tracking company and a satellite voice and data communication company,” the DoJ said.

The Iranians face various charges, including conspiracy to commit computer intrusions, obtaining information by unauthorized access to protected computers, intentional damage to protected computers, aggravated identity theft, and conspiracy to commit wire fraud.


Back to the list

Latest Posts

Maze ransomware gang prepares for shut down

Maze ransomware gang prepares for shut down

The Maze group had stopped encrypting new victims in September 2020, and is now trying to get the last payments from their victims.
29 October 2020
Iranian hackers targeted “high profile” security conference attendees

Iranian hackers targeted “high profile” security conference attendees

The attacks involved spoofed emails with invitations ostensibly sent from organizers of the Munich Security Conference and the Think 20 Summit in Saudi Arabia.
29 October 2020
US authorities warn of a global North Korean cyber espionage operation

US authorities warn of a global North Korean cyber espionage operation

The group is focused on gathering intelligence on foreign policy and national security issues related to the Korean peninsula.
29 October 2020