cageymaru
Fully [H]
- Joined
- Apr 10, 2003
- Messages
- 22,087
The U.S. Department of Justice has unsealed an indictment of two Iranians for computer hacking and deploying a crippling style of ransomware called "SamSam Ransomware" onto American and Canadian public institutions such as hospitals and municipalities. Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, are accused of writing and installing the malware on various mission critical systems over a period of 34 months by exploiting vulnerabilities in the computer networks. They face charges consisting of "one count of conspiracy to commit wire fraud, one count of conspiracy to commit fraud and related activity in connection with computers, two substantive counts of intentional damage to a protected computer, and two substantive counts of transmitting a demand in relation to damaging a protected computer."
The malware encrypted the data and files on the computer systems of the victims. They maximized the damage to systems by launching attacks outside of business hours and encrypting the backups of the victim's computers first. More than 200 public and private institutions were affected by the malware and the duo used extortion tactics to demand that a ransom be paid in Bitcoin. They converted the Bitcoin into Iranian rial using Iran-based Bitcoin exchangers. The criminals bilked more than $6 million USD from the institutions and caused over $30 million in damages. "Although the alleged criminal actors are in Iran and currently out of the reach of U.S. law enforcement, they can be apprehended if they travel, and the United States is exploring other avenues of recourse."
Victims were infected with the ransomware through vulnerabilities found in common software and network accesses points. Hess stressed the importance of computer security and hygiene for individuals and corporations. "We all need to do our part to make sure that our systems are as strong and secure and protected as possible," she said.
The malware encrypted the data and files on the computer systems of the victims. They maximized the damage to systems by launching attacks outside of business hours and encrypting the backups of the victim's computers first. More than 200 public and private institutions were affected by the malware and the duo used extortion tactics to demand that a ransom be paid in Bitcoin. They converted the Bitcoin into Iranian rial using Iran-based Bitcoin exchangers. The criminals bilked more than $6 million USD from the institutions and caused over $30 million in damages. "Although the alleged criminal actors are in Iran and currently out of the reach of U.S. law enforcement, they can be apprehended if they travel, and the United States is exploring other avenues of recourse."
Victims were infected with the ransomware through vulnerabilities found in common software and network accesses points. Hess stressed the importance of computer security and hygiene for individuals and corporations. "We all need to do our part to make sure that our systems are as strong and secure and protected as possible," she said.