U.S. prosecutors say they have indicted two Iranians on allegations they were hackers connected with a “coordinated cyberintrusion campaign” that targeted American and foreign universities, a Washington-based think tank, and other organizations in the United States, Europe and the Middle East.
Hooman Heidarian, 30, and Mehdi Farhadi, 34, stole hundreds of terabytes of data, including national security intelligence, aerospace data, unpublished scientific research, and "non-military nuclear information," the Department of Justice alleged in a statement on September 16.
It said the defendants, both from the western Iranian city of Hamedan, conducted “many of these intrusions on behalf of the Iranian government.”
They also “often vandalized websites…and posted messages that appeared to signal the demise of Iran’s internal opposition, foreign adversaries, and countries identified as rivals to Iran, including Israel and Saudi Arabia.”
In some cases, the hackers privately sold the stolen data on the digital black market, the department said.
“These Iranian nationals allegedly conducted a wide-ranging campaign on computers here in New Jersey and around the world,” said Craig Carpenito, the U.S. Attorney for the district of New Jersey.
“They brazenly infiltrated computer systems and targeted intellectual property and often sought to intimidate perceived enemies of Iran, including dissidents fighting for human rights in Iran and around the world,” he said.
Carpenito added that their conduct “threatens our national security, and as a result, these defendants are wanted by the FBI and are considered fugitives from justice.”
Both suspects were charged in a 10-count indictment that included computer hacking, fraud, and aggravated identity theft.
None of their alleged targets were identified by name, but the statement said they included “several American and foreign universities, a Washington, D.C.-based think tank, a defense contractor, an aerospace company, a foreign policy organization, non-governmental organizations (NGOs), non-profits, and foreign government and other entities identified as rivals or adversaries to Iran around the world.”
U.S. Assistant Attorney General for National Security John Demers said that recent cases "demonstrate that at least four nations — Iran, China, Russia and North Korea — will allow criminal hackers to victimize individuals and companies from around the world, as long as these hackers will also work for that country's government — gathering information on human rights activists, dissidents and others of intelligence interest."
Iranian, Chinese, Russian, and North Korean authorities have denied such accusations in the past.