Iranian Hackers Used Victims’ Printers to Issue Ransom Demands, DOJ Says
source link: https://www.vice.com/en/article/v7vzmx/iranian-hackers-used-victims-printers-to-issue-ransom-demands-doj-says
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Iranian Hackers Used Victims’ Printers to Issue Ransom Demands, DOJ Says
Prolific Iranian hackers put a new twist on an old format: The ransom note.
Last year, three alleged Iranian hackers used their victims’ printers to deliver ransom notes, according to an indictment published today by the Department of Justice. According to the DOJ, the hackers put ransomware on victims' computers, then used their printers to issue demands.
On Wednesday, prosecutors accused Iranian citizens Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nickaein Ravari of hacking several companies and governmental organizations in the United States, the UK, and Iran.
“By publicly naming them we are stripping the anonymity away. They cannot operate anonymously from the shadows anymore,” U.S. Attorney Philip R. Sellinger said in a press conference.
Do you track ransomware hackers and their activities? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email [email protected]
The victims that received the printed out ransom demands were only identified as an accounting firm, a power company, a domestic violence shelter, and a construction company, according to the indictment.
Ahmadi and Khatibi are owners of two respective technology companies in Iran, while Nickaein was an employee of Khatibi’s company, according to the indictment. The three are accused of hacking 10 or more computers during a one-year period to try to extort victims with ransomware, and to steal victims’ data threatening them to publish it.
According to the indictment, the three alleged hackers don’t appear to be particularly sophisticated, as they exploited known vulnerabilities, and created domains that were designed to look like the websites of “legitimate, well-known,” tech companies. In some cases, the hackers used Microsoft’s own encryption technology, BitLocker, to encrypt victims’ networks and computers.
In at least one case, the one affecting the domestic violence shelter, the hackers were able to collect a ransom of $13,000 in Bitcoin, the feds said.
Sign up for Motherboard’s daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories.
ORIGINAL REPORTING ON EVERYTHING THAT MATTERS IN YOUR INBOX.
By signing up, you agree to the Terms of Use and Privacy Policy & to receive electronic communications from Vice Media Group, which may include marketing promotions, advertisements and sponsored content.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK