The US State Department has announced a reward of up to $10 million for information leading to the identification or location of members of the Iranian hacker group known as “CyberAv3ngers.” The group, which believed to have ties to the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), has been involved in a series of cyberattacks targeting Israeli technology and critical infrastructure across the globe.
The identified individuals include Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashgarian, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian - Iranian security officials linked to the cyber activities of Iran’s Islamic Revolutionary Guard Corps (IRGC) hacking groups.
Hamid Reza Lashgarian is the head of the IRGC’s Cyber-Electronic Command (IRGC-CEC) and also serves as a commander in the IRGC-Qods Force, which plays a key role in supporting terrorist groups abroad. The other individuals, including Homayunfal, Mahdi Lashgarian, Mansuri, Saberian, and Shirinkar, hold senior positions within the IRGC-CEC, contributing to its cyber and intelligence operations.
In October 2023, CyberAv3ngers claimed responsibility for cyberattacks against Israeli-based Unitronics equipment, specifically programmable logic controllers (PLCs). Said controllers are being used in various industries, including water and wastewater management, energy, manufacturing, healthcare, and food and beverage production.
The group's cyber campaign escalated in November 2023, when CyberAv3ngers actors breached PLCs across the United States.
The US Department of the Treasury slapped sanctions in February 2024, on six key officials associated with the IRGC-CEC: Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashgarian, Milad Mansuri, Reza Mohammad Amin Saberian, and Mohammad Bagher Shirinkar.
These individuals, identified as key players in IRGC-affiliated hacking groups, have been designated as Specially Designated Nationals (SDNs). As a result, any property they hold within US jurisdiction has been frozen, and US persons are generally prohibited from engaging in transactions with them.