US arranged nine Iranians in Massive Hacking Crackdown
Nine Iranian citizens charged in a massive computer hacking
London, March 28, 2018 (AltAfrika)-Nine Iranian citizens have been charged in a massive computer hacking campaign that compromised U.S. and foreign universities
Also affected were private companies, and U.S. government entities, including the Department of Labor and the Federal Energy Regulatory Commission.
According to a release by FBI made available to AltAfrika.com the hackers were affiliated with the Mabna Institute, an Iran-based company created in 2013 for the express purpose of illegally gaining access to non-Iranian scientific resources through computer intrusions.
During a more than four-year campaign, these state-sponsored hackers “compromised approximately 144 U.S.-based universities and 176 foreign universities in 21 countries,” said FBI Deputy Director David Bowdich during a press conference at the Department of Justice in Washington to announce the indictments.
Initially, FBI said, the cyber criminals used an elaborate spearphishing campaign to target the e-mail accounts and computer systems of their victims, which in addition to the universities included nearly 50 domestic and foreign private-sector companies, the states of Hawaii and Indiana, and the United Nations.
According to the indictments unsealed on Friday in a Manhattan federal court, the hackers stole more than 30 terabytes of academic data and intellectual property—roughly three times the amount of data contained in the print collection of the Library of Congress.
“Their primary goal was to obtain user names and passwords for the accounts of professors so they could gain unauthorized access and steal whatever kind of proprietary academic information they could get their hands on,” said a special agent who investigated the case from the FBI’s New York Division.
Mabna Institute targeted more than 100,000 accounts of professors around the world and successfully compromised approximately 8,000 of those accounts. The campaign continued through at least December 2017.
“The hackers did their homework,” the cyber agent said, adding, they conducted online reconnaissance of professors to determine the individuals’ research interests and the academic articles they had published. Armed with that information, they sent spearphishing e-mails to their targets—messages that appeared to be from professors at other universities.
Victim professors believed they were dealing with colleagues who had expressed an interest in academic articles.
The Iranians targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields.
In addition to targeting universities, the hackers gained access to employee e-mail accounts at nearly 50 private companies around the world—the majority of them U.S. firms. Among the U.S.-based victims were academic publishers, media and entertainment companies, technology companies, and investment firms.