US offers $10M for tips on Iranian 'CyberAv3ngers' hackers

US offers $10M for tips on Iranian 'CyberAv3ngers' hackers

The US State Department has announced a reward of up to $10 million for information leading to the identification or location of members of the Iranian hacker group known as “CyberAv3ngers.” The group, which believed to have ties to the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), has been involved in a series of cyberattacks targeting Israeli technology and critical infrastructure across the globe.

The identified individuals include Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashgarian, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian - Iranian security officials linked to the cyber activities of Iran’s Islamic Revolutionary Guard Corps (IRGC) hacking groups.

Hamid Reza Lashgarian is the head of the IRGC’s Cyber-Electronic Command (IRGC-CEC) and also serves as a commander in the IRGC-Qods Force, which plays a key role in supporting terrorist groups abroad. The other individuals, including Homayunfal, Mahdi Lashgarian, Mansuri, Saberian, and Shirinkar, hold senior positions within the IRGC-CEC, contributing to its cyber and intelligence operations.

In October 2023, CyberAv3ngers claimed responsibility for cyberattacks against Israeli-based Unitronics equipment, specifically programmable logic controllers (PLCs). Said controllers are being used in various industries, including water and wastewater management, energy, manufacturing, healthcare, and food and beverage production.

The group's cyber campaign escalated in November 2023, when CyberAv3ngers actors breached PLCs across the United States.

The US Department of the Treasury slapped sanctions in February 2024, on six key officials associated with the IRGC-CEC: Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashgarian, Milad Mansuri, Reza Mohammad Amin Saberian, and Mohammad Bagher Shirinkar.

These individuals, identified as key players in IRGC-affiliated hacking groups, have been designated as Specially Designated Nationals (SDNs). As a result, any property they hold within US jurisdiction has been frozen, and US persons are generally prohibited from engaging in transactions with them.

Back to the list

Latest Posts

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

As a result of the operation, 79 arrests were made, 1,393 suspects identified, and over 3,000 electronic devices seized.
2 April 2025
Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

The campaign could involve over 1,500 compromised systems.
2 April 2025
DPRK IT worker threat expands beyond the US, focuses on Europe

DPRK IT worker threat expands beyond the US, focuses on Europe

The schemes come with new tactics, including extortion campaigns and corporate virtualized infrastructure compromises.
2 April 2025