On Mar. 23, Treasury OFAC designated Iran cyber actors of colleges.
- Sanctioned Iranian cyber actors for activities targeting hundreds of universities.
Mabna Institute
- Engaged in theft of personal identifiers and resources for private financial gain.
- Contracted with Iran government and private entities, to do hacking activities.
- Conducted coordinated intrusions, into systems belonging to 144 US colleges.
- Also related activity in countries, including Australia, Canada, China, Denmark,
Finland, Germany, Ireland, Israel, Italy, UK, Japan, Malaysia, the Netherlands,
Norway, Poland,Singapore, S Korea, Spain, Sweden, Switzerland, and Turkey. - Stolen data used to benefit Revolutionary Guard and sold through 2 websites.
- University professors credentials used to access online university library systems.
Individuals
- Gholamreza Rafatnejad founding Mabna member, organized hacking campaign.
- Ehsan Mohammadi also founding member helped organize the hacking campaign.
- Seyed Ali Mirkarimi hacker tested, spear-phishing, organized stolen credentials.
- Mostafa Sadeghi hacker and affiliate compromised over 1,000 professor accounts.
- Sajjad Tahmasebi facilitated the spearphishing and conducted online surveillance.
- Abdollah Karima businessman whose company sold, access to stolen materials.
- Abuzar Moqadam professor exchanged stolen credentials, compromised accounts.
- Roozbeh Sabahi contractor assisted in execution of certain Mabna hack activities.
- Mohammed Sabahi contractor conducted email spearphishing certain universities.
OFAC added
- Behzad Mesri repeatedly compromised US media and entertainment company, for
access to documents, employee contact information and attempt to extort $6mn.