cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

US Treasury sanctions Iranian cyber actors over government attacks

Four Iranian individuals were sanctioned and indicted and two companies sanctioned over attacks on more than a dozen US government agencies and companies.

user icon David Hollingworth
Wed, 24 Apr 2024
US Treasury sanctions Iranian cyber actors over government attacks
expand image

The US Department of the Treasury’s Office of Foreign Assets Control has announced sweeping sanctions against four Iranian citizens and two companies over their role in cyber attacks against US targets.

At the same time, the FBI and Department of Justice have unsealed an indictment charging the four individuals – Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab – over their role in the cyber attacks.

“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” said US Attorney General Merrick B. Garland in a DOJ statement.


“These defendants are alleged to have engaged in a coordinated, multi-year hacking campaign from Iran targeting more than a dozen American companies and the US Treasury and state departments. This case represents just one part of the US government’s effort to counter the range of threats originating from Iran that endanger the American people.”

The two Iranian companies targeted for sanctions are Mehrsam Andisheh Saz Nik and Dadeh Afzar Arman, both considered fronts for the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC). Mehrsam Andisheh Saz Nik, or MASN, has links to “multiple Iranian advanced persistent threat (APT) groups” and, along with Dadeh Afzar Arman (DAA), has engaged in several malicious campaigns against US targets on the IRGC-CEC’s behalf.

Two individuals – Nasab and Kazemifar – are affiliated with the IRGC-CEC, while a third, Salmani, has been linked to multiple IRGC-CEC front companies. The fourth, Haruni, worked with DAA on several social engineering and spear phishing campaigns.

The sanctions mean that all US assets belonging to the accused are blocked, and no persons or entities in the US may do business with them.

“Iranian malicious cyber actors continue to target US companies and government entities in a coordinated, multi-pronged campaign intended to destabilise our critical infrastructure and cause harm to our citizens,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson in a Treasury statement.

“The United States will continue to leverage our whole-of-government approach to expose and disrupt these networks’ operations.”

The four Iranian men are charged with “conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud”.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.