3 Iranians Indicted for Allegedly Hacking US Targets

The indictment unsealed Wednesday says the men attempted to extort hundreds of millions of dollars from their victims.

Bree Fowler Senior Writer
Bree Fowler writes about cybersecurity and digital privacy. Before joining CNET she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, wannabe runner and champion baker of over-the-top birthday cakes and all-things sourdough.
Expertise cybersecurity, digital privacy, IoT, consumer tech, smartphones, wearables
Bree Fowler
2 min read
An image of lock in front of the Iranian fglag.

The Justice Department says the trio attacked a domestic violence shelter, municipal governments and a public housing corporation.


The Justice Department has indicted three Iranian men, accusing them of ransomware and other cyber attacks against US targets, including municipal governments, regional utilities and a domestic violence shelter.

The indictment unsealed Wednesday accuses Mansour Ahmadi, 34, Ahmad Khatibi Aghda, 45, and Amir Hossein Nickaein Ravari, 30, of hacking the computer systems of hundreds of victims in the US, UK, Israel, Iran and other countries. 

In a statement announcing the charges, Assistant Attorney General Matthew Olsen of the Justice Department's National Security Division accused Iran's government of creating a "safe haven" for cybercriminals.

"Even other Iranians are less safe because their own government fails to follow international norms and stop Iranian cyber criminals," Olsen said.

All three men are charged with multiple federal computer crimes but are at large and aboard, the Justice department said, making it unlikely they will be brought to justice anytime soon.

According to the indictment, the trio hacked and stole data from their targets' computer systems. They also used ransomware to lock up some of their targets' systems, refusing to give them access to it unless they paid ransoms. In some cases, ransoms were paid.

Their victims included small businesses, government agencies, nonprofit programs, and educational and religious institutions, the Justice Department said. The three men also hit critical infrastructure targets including health care, transportation and utility providers.

Specifically, the Justice Department said the three men hacked and stole data from a township and an accounting firm, both located in New Jersey. They also hit the accounting firm with ransomware, demanding a payment of $50,000 in cryptocurrency to unlock its systems and threatening to sell the data on the black market.

The men are also accused of ransoming hundreds of other victims, including an Illinois-based accounting firm, regional electric utilities in Mississippi and Indiana, a public housing corporation in Washington state, a domestic violence shelter in Pennsylvania, and a state bar association.