OFAC Iran Cyber US Colleges

• Sanctioned Iranian cyber actors for activities targeting hundreds of universities.

Mabna Institute

• Engaged in theft of personal identifiers and resources for private financial gain.
• Contracted with Iran government and private entities, to do hacking activities.
• Conducted coordinated intrusions, into systems belonging to 144 US colleges.
• Also related activity in countries, including Australia, Canada, China, Denmark,
  Finland, Germany, Ireland, Israel, Italy, UK, Japan, Malaysia, the Netherlands,
  Norway, Poland,Singapore, S Korea, Spain, Sweden, Switzerland, and Turkey.
• Stolen data used to benefit Revolutionary Guard and sold through 2 websites.
• University professors credentials used to access online university library systems.

Individuals

• Gholamreza Rafatnejad founding Mabna member, organized hacking campaign.
• Ehsan Mohammadi also founding member helped organize the hacking campaign.
• Seyed Ali Mirkarimi hacker tested, spear-phishing, organized stolen credentials.
• Mostafa Sadeghi hacker and affiliate compromised over 1,000 professor accounts.
• Sajjad Tahmasebi facilitated the spearphishing and conducted online surveillance.
• Abdollah Karima businessman whose company sold, access to stolen materials.
• Abuzar Moqadam professor exchanged stolen credentials, compromised accounts.
• Roozbeh Sabahi contractor assisted in execution of certain Mabna hack activities.
• Mohammed Sabahi contractor conducted email spearphishing certain universities.

OFAC added

• Behzad Mesri repeatedly compromised US media and entertainment company, for
  access to documents, employee contact information and attempt to extort $6mn.