google-site-verification: google30a059f9a075f398.html

DOJ Indicts 9 Iranians For Brazen University on Iran cyber activity

CyberWisdom Safe Harbor Commentary on Iran cyber activity

I couldn’t believe this story from wired.com that analyzes the truth about Iranian cyber activity, the U.S. government accused nine Iranian hackers on Friday for a three-year large-scale operation to infiltrate and steal more than 31 TB of information – a total of more than 3 billion U.S. dollars in intellectual property rights – over 300 U.S. and Foreign universities.


Jeffrey Berman, the U.S. attorney in the southern United States, said that this effort was detailed in a 21-page indictment opened on Friday as “one of the largest state-sponsored hacking activities prosecuted by the Department of Justice.” It brought the case. This effort captured a large list of victims, including 144 universities in the United States and 176 in 21 countries. The group also founded 47 private companies, including several ministry goals such as the US Department of Labor, the Federal Energy Administration Board, Hawaii and Indiana, and the United Nations.

The hacking activities are concentrated in a Tehran organization called the Mabna Institute, which acts as a clearinghouse for contractors and hackers and is responsible for infiltrating and stealing data, intellectual property, and teaching email inbox content.According to the FBI survey, two defendants Gholamreza Rafatnejad and Ehsan Mohammadi created the Mabna Institute around 2013. “Although the company name sounds reasonable, there is only one reason for the establishment of the so-called institute: stealing scientific resources from other countries around the world,” said Berman.

The Rafatnejad organization hacked and coordinated with the Islamic Revolutionary Guard in Iran, and Mohammadi served as the managing director of Mabna.

“This case is very important because it will disrupt the Institute’s activities and will prevent similar crimes committed by other perpetrators. The indictment publicly identifies the conspirators. In this era of public recognition, it deprives hackers’ anonymity and imposes The practical consequence was to prevent state-backed computer intrusions, “Deputy Chief Prosecutor Rod Steinstein said in Washington’s morning announcement. “Disclosing the evil activities of the Mabana Institute made it difficult for them to conduct business.”

“It helps prevent computer intrusions supported by the state by depriving hackers of anonymity and imposing actual consequences.”

According to the Ministry of Justice, many cyber intrusions began with cutting-edge spear phishing campaigns, and e-mail target professors seem to have come from other scholars in other schools. The link in the email will point the professor to the page, causing them to appear to have accidentally exited their university account and need to re-enter their user credentials. All in all, the campaign targeted more than 100,000 professors, and Iranian hackers successfully penetrated about 8,000 accounts, including 3,768 accounts in American schools. One of the defendants, Mostafa Sadeghi, was indicted as a “prolific Iranian computer hacker”. One person was responsible for compromises over 1,000 accounts and helped train others to use hacking techniques.

The stolen data was used by IRGC and sold through two websites, Megapaper.ir and Gigapaper.ir, which are partially owned by Sadeghi. According to the indictment, Gigapaper offers a theft university certificate to allow customers to directly access online library resources of universities in the United States and abroad, such as e-books and the LEXIS-NEXIS database.

Hackers also target private companies, including media and entertainment companies, a law firm, two banks and investment companies, a healthcare company, and even a stock image company. The indictment stated that hackers used “password spraying” to collect publicly available user e-mail lists and then tried to access them using universal passwords; this method allowed them to visit 36 U.S. companies and the other 11 in Europe. Once hackers gain access to an account, they will both leak existing content and set forwarding rules to pass future e-mail directly to them.

Rosenstein said: “For many of these intrusions, the defendants have been doing things at the request of the Iranian government, especially the Iranian Revolutionary Guard.”

The hacking movement relied on the practice of China rather than official military hackers in line with the Iran-focused prosecution filed by the Ministry of Justice in recent years.

Read more…

A new indictment asserts a long string of attacks against hundreds of universities and private companies, in which Iran pilfered more than $3 billion worth of intellectual property. Engaging post, Read More…

thumbnail courtesy of wired.com

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » DOJ Indicts 9 Iranians For Brazen University on Iran cyber activity