The Government of the United States Has Found Ten Iranian Sanctioned Links to the Attack of Ransom ware
                     The Government of the United States Has Found Ten  
Iranian Sanctioned Links to the Attack of Ransom ware
Hello, friends welcome to the world of “the hacker newz” in today’s news we  
are going to have an insight about research made by cyber security researchers  
the government of the United States has been able to find the ten Iranian  
sanctioned links having the linkage thus being with the attack of ransom ware.
On announcing the sanctions which were made by The Treasury Department's  
Office of Foreign Assets Control (OFAC) against the ten individuals and along  
with the affiliation of the entities with Islamic Revolutionary Guard Corps  
(IRGC) of Iran for having them found involved in the ransomware attacks.
Throughout the last two years, the linkages are being found by the threat  
actors thus having the linkage to the incidents of the ransomware where the  
compromisation is made to the networks which are found having them
belonging to the organizations present in the United States and all over the  
world.
Proof Providing Base to Evidence thus proving of the 
 Fact through the means of Malicious Activity Made  
Such as Attack of Ransom ware
Their malicious activity is thus being found to have an overlap made with that  
of the hacking groups which are being sponsored which are being on track thus  
made by the vendors of the cybersecurity acting under different names some  
of the most common ones included are as follows:
1. APT35
2. Charming Kitten
3.Phosphorus  
4. DEV-0270
5. Tunnel 
Vision
6. Nemesis 
Kitten.
"The determination has been made by the several firms having the relation  
with the cybersecurity firms having the association these intrusion sets with  
the Government of Iran, and having made the identification of them as going  
to have the conduction of a varied range of activities which are enabled  
through malicious means along with the ransomware and cyber espionage  
being included as said by the Department of Treasury.
"The launch of the extensive campaigns was made by the group which was  
made against the organizations and the officials present across the globe,  
having the target, particularly on the U.S. along with the defense of the Middle  
Eastern also that personnel is both diplomatic, and government as well as the
private industries being included such as media, energy, business services, and  
the telecommunications."
The IRGC-affiliated group is having the employees and associates of Iran-based  
Najee Technology Hooshmand Fater LLC (Najee Technology) and Afkar System  
Yazd Company (Afkar System):
Mansour Ahmadi who is the owner, managing director, and chairman of the  
board of Najee Technology
Ahmad Khatibi Aghda who is the managing director and member of the board  
of Afkar System along with it included are additional employees and  
associates: such as Ali Agha-Ahmadi, Mohammad Agha Ahmadi, Mo'in  
Mahdavi, Ali Akbar Rashidi-Barjini, Amir Hossein Nikaeen Ravari, Mostafa Haji  
Hosseini, Mojtaba Haji Hosseini, and Mohammad Shakeri-Ashtijeh.
The sanction was also made by the U.S. Department of the Treasury along with  
the linkage of individuals to the Net Peygard Samavat Company for making the  
work done with the IRGC and the Ministry of Intelligence and Security (MOIS)  
of Iran in 2019.
Sanction Sequence of Us Treasury Made to the 
 Ransomware Attacks Group
One year later, the sanction was made to the Rana Intelligence which was  
made to the Treasury of the U.S. Treasury sanctioned along with Computing  
Company and some of its employees for making an act as a front company that  
made the coordination of cyber-attackers on behalf of MOIS.
The offer for $10 million was made by the U.S. State Department for  
information on Mansour Ahmadi, Ahmad Khatibi Aghda, and HosseinNikaeen  
Ravari, three of the sanctioned Iranians were being charged were quiet
indictment by the Department of Justice today having their involvement found  
in the ransomware attacks which were made against the U.S. critical  
infrastructure orgs.
This description of the malicious activity of the threat group was given with  
added technical details in a joint advisory whose issuance was made by cyber
security agencies in the U.S., Canada, the UK, and Australia.
The publication was made by the Cybersecurity firm Secure works thus giving a  
report having the confirmation mentioning the release of the information  
today which was made by the U.S. Treasury. It was said by the Secure works  
that it was able to make out the successful linkage with the Nemesis Kitten  
group thus being tracked as Cobalt Mirage to the company of Iran Najee  
Technology, Afkar System along with a third entity whose named is Secnerd  
after the advantage of several OPSEC was taken of thus which was made  
during a ransomware incidence made in June 2022.
Similar to the linkage of the malicious activity that was having the linkage to  
Cobalt Mirage which has elements thus making the overlap of the Phosphorus  
APT group) whose reporting was made by the Secure Works' Counter Threat  
Unit (CTU) in May.
Last week, It was said by the Microsoft that same threat group thus being  
tracked asDEV-0270 has been making moonlighting "for the revenue  
generation of personal or company-specific as a sub-group of the cyber
espionage based in Iran (thus being acknowledged as Charming Kitten and
APT35)
The Redmond was also found to have the linkages to several Iranian  
companies, including Najee Technology, Second, and Life web.
In addition, it is said by Microsoft that
this group is being found typically opportunistic in its targeting: the internet is  
made to be scanned initially by the actors thus for finding up the vulnerable  
servers and devices, thus making the servers of organizations vulnerable and  
discoverable servers along with devices susceptible to these attacks
Thanks for reading. Hope you must have enjoyed reading the article.
Follow The Hacker news on our social platforms “Twitter (thehackernewz) and LinkedIn  
(The Hacker Newz) “for reading more exclusive content posted daily.
Source Link:
https://thehackernewz.com/the-government-of-the-united-states-has-  
found-ten-iranian-sanctioned-links-to-the-attack-of-ransom-ware/