OFAC sanctions Iranian cyber threat group
On September 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned an Iranian cyber threat group, 45 associated individuals, and one additional “front company” for allegedly being involved in a Government of Iran (GOI) malware campaign targeting international travel companies, Iranian dissidents, and journalists. Specifically, OFAC alleges that the front company “advances Iranian national security objectives and the strategic goals of Iran’s Ministry of Intelligence and Security (MOIS) by conducting computer intrusions and malware campaigns against perceived adversaries.” OFAC asserts that the 45 individuals provided support for MOIS cyber intrusions by serving as managers, programmers, and hacking experts. The front company has allegedly targeted hundreds of individuals and entities from more than 30 different countries, including using “malicious cyber intrusion tools” to target approximately 15 U.S. companies primarily in the travel sector.
As a result, all property and interests in property belonging to, or owned by, the identified individuals subject to U.S. jurisdiction are blocked, and “any entities 50 percent or more owned by one or more designated persons are also blocked.” U.S. persons are also generally prohibited from engaging in transactions with the designated individuals.
The FBI also issued a Public Intelligence Alert on the Iranian cyber threat group.