Feds indict Iranian hacking duo for extorting millions in bitcoin

DOJ: Russian hackers used spear phishing, bitcoin

The Justice Department charged two Iranian men on Wednesday in a six-count indictment that detailed a sophisticated international hacking scheme that cost public institutions in the U.S. more than $30 million in losses. 

From inside Iran, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri hacked into computers of hospitals, municipal offices and other public entities in Canada and various America cities, including Atlanta and Newark, and installed malware to encrypt data, according to prosecutors. The duo then demanded a ransom from their victims in exchange for decryption keys for the hacked systems. 

Prosecutors added that Savandi and Shah, who are currently fugitives, asked their victims to pay them in bitcoin, a virtual currency, which they exchanged for Iranian rials. The Justice Department said the two men collected $6 million in ransoms. 

Mohammad Mehdi Shah Mansouri and Faramarz Shahi Savandi are wanted by the FBI. Provided by FBI

"Every sector of our economy is a target of malicious cyber activity. But the events described in this indictment highlight the urgent need for municipalities, public utilities, health care institutions, universities and other public organizations to enhance their cyber security," Deputy Attorney General Rod Rosenstein told reporters on Wednesday. 

The Justice Department's second-in-command stressed that this case demonstrates that federal investigators can track Bitcoin when it's used to carry out criminal activities. 

In July, when special counsel Robert Mueller accused 12 Russian intelligence officers of hacking computers used by Hillary Clinton's campaign, the Democratic National Committee and other American political organizations, the Justice Department said the hackers relied on bitcoin to finance their operation.

On Wednesday, the Treasury Department announced sanctions against two other Iranian men who allegedly helped Shah and Savandi exchange bitcoin ransom payments into Iranian rials. 

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.