A trio of Iranian nationals hacked into the computer systems of hundreds of victims in the U.S. and around the world, shaking down utility companies, local governments and even a shelter for victims of domestic violence, federal prosecutors said Wednesday.
Since October 2020, Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari have “engaged in a scheme to gain unauthorized access to the computer systems of hundreds of victims in the United States, the United Kingdom, Israel, Iran, Russia and elsewhere, causing damage and loss,” the Justice Department alleged in an indictment filed in federal court in New Jersey.
The three preyed upon organizations in the critical infrastructure sector, including health care centers, transportation services and utility providers, as well as “small businesses, government agencies, non-profit programs, and educational and religious institutions,” said the indictment, which was unsealed Wednesday.
Using commercially available encryption software known as BitLocker, they locked up the computer systems of some victims with ransomware and demanded money to unlock them, prosecutors said.
Victims listed in the indictment include a township municipality in Union County, New Jersey, accounting firms in Illinois and New Jersey, power companies based in Mississippi and Indiana, a housing authority in Washington state, a county government in Wyoming and a domestic violence shelter in Pennsylvania.
The shelter wound up paying $13,000 in ransom to recover its data, the indictment said. It doesn’t specify how many other victims paid.
