The U.S. has indicted two alleged computer hackers on charges of damaging several American websites in response for the assassination of Iran’s Quds Force commander Qassim Soleimani earlier this year.
In a statement released on September 15, the U.S. Attorney’s Office in District of Massachusetts identified the alleged hackers as 19-year old Iranian national Behzad Mohammadzadeh, aka “Mrb3hz4d,” and 25-year old Palestinian national Marwan Abusrour, aka “Mrwn007.”
Iranian hackers ‘Behzad Mohammadzadeh’ and ‘Marwan Abusrour’ have been indicted on charges that they defaced websites across the U.S. in retaliation to the killing of General Qassem Soleimani.https://t.co/07akXMp4IP pic.twitter.com/pXfmJWjXVP
— Cassandra33 (@Cassandra3366) September 16, 2020
Mohammadzadeh defaced more than 1,100 websites around the world with pro-Iranian and pro-hacker messages, while Abusrour hacked at least 337 website worldwide.
“The hackers victimized innocent third parties in a campaign to retaliate for the military action that killed Soleimani, a man behind countless acts of terror against Americans and others that the Iranian regime opposed,” said Assistant Attorney General for National Security John C. Demers. “Their misguided, illegal actions in support of a rogue, destabilizing regime will come back to haunt them, as they are now fugitives from justice.”
The two hackers allegedly started working together in December 2019. Abusrour reportedly provided Mahammadzadeh with access to a number of compromised websites.
“These hackers are accused of orchestrating a brazen cyber-assault that defaced scores of websites across the country as a way of protesting and retaliating against the United States for killing the leader of a foreign terrorist organization. Now, they are wanted by the FBI and are no longer free to travel outside Iran or Palestine without risk of arrest,” said Joseph R. Bonavolonta, Special Agent in Charge of the FBI Boston Division. “Today’s indictment should send a powerful message that we will not hesitate to go after anyone who commits malicious cyber intrusions against innocent Americans in order to cause chaos, fear, and economic harm.”
Following the January 3 U.S. drone strike that killed Soleimani and Iraqi commander, Abu Mahdi al-Muhandis, Mohammadzadeh and Abusrour launched a cyber-attack on U.S.-hosted websites.
According to the indictment, two men hacked 51 websites, and replaced their content with pictures of the late commander Soleimani against a background of the Iranian flag along with the message, in English, “Down with America”.
On September 16, the U.S. indicted two other Iranian hackers Mehdi Farhadi and Hooman Heidarian. The two allegedly stole hundreds of terabytes of valuable data.
Two Iranian Nationals Charged in Cyber Theft Campaign Targeting Computer Systems in United States, Europe, and the Middle East https://t.co/TcMYbmP0rs pic.twitter.com/6ZqRl9R6LP
— FBI (@FBI) September 16, 2020
On September 17, the Treasury Department sanctioned the Iran-linked group Advanced Persistent Threat 39 (APT39) along with 45 “associated individuals” and a front group called Rana Intelligence Computing Co.
On September 18, three other hackers Said Pourkarim Arabi, Mohammad Reza Espargham and Mohammad Bayati were indicated by the U.S.
Iranian Hackers Indicted for Stealing Data from Aerospace and Satellite Tracking Companies https://t.co/VaBmnSb2vy pic.twitter.com/JvecIRCQHO
— FBI (@FBI) September 17, 2020
The charges against Iranian hackers as well as the sanctions on APT-39 are most likely a part of the U.S. maximum pressure campaign against Iran. The campaign has been so far a total failure.