Seven Iranian Hackers indicted by the US government for hacking

US authorities announced charges against seven Iranian hackers for attacking computer systems at banks and a dam in New York.

A couple of days after the US DoJ announced that three components of the Syrian Electronic Army were inserted by the FBI in the Most Wanted list, today the US authorities announced charges against seven Iranian nationals for hacking computer systems at banks and a dam in New York.

The Iranian hacker Hamid Firoozi, has been charged with hacking attacks on the Bowman Dam in New York, its computer systems were breached several times between August and September 2013.

The attackers hacked a Windows XP machine at the Dam that was located by using the Shodan search engine. Andre McGregor, director of security at Tanium, explained that the hackers gained access to the XP machine by guessing its simple password (“666666”) with a brute-force attack.

“At the time of his alleged intrusion, the dam was undergoing maintenance and had been disconnected from the system. But for that fact, that access would have given him the ability to control water levels and flow rates – an outcome that could have posed a clear danger to the public health and safety of Americans,” said Attorney General Loretta E. Lynch.

The hackers managed a number of distributed denial-of-service (DDoS) attacks launched against 46 U.S. banks between 2011 and 2013.

The investigators believe the seven men, which are still at large, are skilled hackers working for two security firms close to the Government of Teheran and the Islamic Revolutionary Guard Corps.

The activity of Iranian hackers is increased in a significant way in the last couple of years, in December 2015 Symantec has uncovered the Cadelle and Chafer groups, two Iran-based hacker teams that were tracking dissidents and activists, in November 2015, Facebook first discovered spear phishing attacks of Iranian hackers on State Department employees, in December 2014 hackers used a Visual Basic malware to wipe out data of corporate systems at Las Vegas Sands Corp.

Probably the most blatant operation conducted by Iranian hackers is the one that hit computer systems at the oil company Saudi Aramco.

Security experts believe that Iranian Hackers will represent a serious threat, at least like Chinese and North Korean peers, because Teheran is spending a huge effort to improve its cyber capabilities, consider that Iran increased cyber-security spending 12-fold since 2013.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Iranian hackers,  hacking)

[adrotate banner=”12″]