ALEXANDRIA, VA. (KVOA) – According to the FBI, three computer hackers from Iran were charged Thursday with engaging in a coordinated campaign of identity theft and hacking on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC) in order to steal critical information related to the United States aerospace and satellite technology and resources.
IRGC is a designated foreign terrorist organization.
“This case highlights the Islamic Revolutionary Guard Corps’ efforts to infiltrate the networks of American companies in search of valuable commercial information and intellectual property,” John C. Demers, Assistant Attorney General for National Security said in an FBI news release. “It is yet another effort by a rogue foreign nation to steal the fruits of this country’s hard work and expertise.”
According to allegations in the indictment, the defendants’ hacking campaign, which targeted numerous companies and organizations in the United States and abroad, began in approximately July 2015 and continued until at least February 2019.
The FBI said the defendants at one time possessed a target list of over 1,800 online accounts, including accounts belonging to organizations and companies involved in aerospace or satellite technology and international government organizations in Australia, Israel, Singapore, the United States, and the United Kingdom.
According to the FBI, Said Pourkarim Arabi, 34, Mohammad Reza Espargham, 25, and Mohammad Bayati, 34, all Iranian nationals residing in Iran were charged in the indictment.
“…The defendants targeted thousands of individuals in an attempt to steal critical information related to United States aerospace and satellite technology,” James A. Dawson, Assistant Director in Charge of the FBI’s Washington Field Office said in an FBI news release.
According to the FBI, the defendants used social engineering to identify real United States citizens working in the satellite and aerospace fields whose identities the defendants could assume online. They then impersonated those individuals and used their stolen identities to register email addresses and fraudulently purchase domains and hacking tools for use in the scheme. Then they created customized phishing emails that claimed to be from the individuals whose identities they stole, in an attempt to entice the recipients to click on malicious links embedded in the emails.
According to the FBI, once a recipient clicked on a malicious link, malware would be downloaded to the individual’s computer, giving the defendants unauthorized access to the recipient’s computer and network. The defendants then used additional hacking tools to maintain unauthorized access, escalate their privileges, and steal data sought by the IRGC. Using these methods, the defendants successfully compromised multiple victim networks, resulting in the theft of sensitive commercial information, intellectual property, and personal data from victim companies, including a satellite-tracking company and a satellite voice and data communication company.
The FBI said, Arabi has been charged with conspiracy to commit computer intrusions, obtaining information by unauthorized access to protected computers, intentional damage to protected computers, aggravated identity theft, and conspiracy to commit wire fraud. If convicted, Arabi faces a maximum penalty of 20 years in prison.
The FBI said, Esphargham has been charged with conspiracy to commit computer intrusions, obtaining information by unauthorized access to protected computers, intentional damage to protected computers, and conspiracy to commit wire fraud. If convicted, Esphargham faces a maximum penalty of 20 years in prison.
The FBI said, Bayati has been charged with conspiracy to commit computer intrusions, and conspiracy to commit wire fraud. If convicted, Bayati faces a maximum penalty of 20 years in prison.
However, the actual sentences for federal crimes are typically less than the maximum penalties. A federal district court judge will determine any sentence after taking into account the U.S. Sentencing Guidelines and other statutory factors.