The U.S. Department of Justice (DoJ) has unveiled an indictment against Alireza Shafie Nasab, a 39-year-old Iranian national, for his role in a cyber-espionage campaign targeting U.S. government and defense entities.
The campaign was active from at least 2016 until April 2021 and targeted over a dozen American organizations, including the Departments of the Treasury and State, various defense contractors, and New York-based accounting and hospitality companies.
The defendant and his co-conspirators reportedly used specialized tools to launch phishing attacks against American organizations while working as an IT specialist for Iranian firm Mahak Rayan Afraz, compromising at least 200,000 computers.
The U.S. DoJ announcement says Nasab’s job with Mahak Rayan Afraz was merely a front for the hacker’s malicious operations.
“While purporting to work as a cybersecurity specialist for Iran-based clients, Mr. Nasab allegedly participated in a persistent campaign to compromise U.S. private sector and government computer systems,” stated Matthew G. Olsen, DoJ’s Assistant Attorney General.
“Alireza Shafie Nasab [allegedly] participated in a cyber campaign using spear phishing and other hacking techniques to infect more than 200,000 victim devices, many of which contained sensitive or classified defense information,” added U.S. Attorney Damian Williams.
In addition to the phishing attacks, the Iranian hackers employed social engineering tactics, primarily by impersonating women to trick targets into installing malware on their devices.
The U.S. authorities say Nasab had a significant involvement in these schemes, procuring infrastructure and registering servers and email accounts to be used in the cyber-espionage campaign using stolen identities.
The Iranian hacker now faces charges relating to conspiracy to commit computer and wire fraud, wire fraud, and aggravated identity theft, which incur between 5 and 20 years in prison, plus a mandatory two-year sentence for identity theft.
The U.S. Department of State’s Rewards for Justice Program now offers up to $10 million for information leading to Nasab’s identification or location.
Anyone with information on Nasab’s whereabouts is requested to submit their tips to the following Tor address: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion.