Justice Department Indicts Two Iranians Over SamSam Ransomware Attacks

Two Iranian officials have been indicted by U.S. federal prosecutors for creating and deploying the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. TechCrunch reports: Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, were indicted by a federal grand jury in New Jersey on Monday on several counts of computer hacking and fraud charges. The case was unsealed Wednesday, shortly before a press conference announcing the charges by U.S. deputy attorney general Rod Rosenstein. In total, SamSam has generated some $6 million in proceeds to date -- or 1,430 bitcoin at today's value. In a separate announcement, the Treasury said it had imposed sanctions against two bitcoin addresses associated with the ransomware. The department said the two addresses processed more than 7,000 transactions used to collect ransom demands from victims. "The Iranian defendants allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims," said Rosenstein. "According to the indictment, the hackers infiltrated computer systems in ten states and Canada and then demanded payment. The criminal activity harmed state agencies, city governments, hospitals, and countless innocent victims."

One of the victims was the City of Atlanta, which was knocked offline earlier this year and spent a projected $2.6 million in recovery. "It was later discovered that the city's computers had long been vulnerable to leaked exploits developed by the National Security Agency -- later stolen and leaked online for anyone to use," reports TechCrunch.

Re: "...cause more than $30 million in losses"

[Anonymous Coward]

The tax payer was saved the cost resulting from Israel being nuked

Re:

[Uberbah]

The tax payer was saved the cost resulting from Israel being nuked

By who, the United States? The only country to use nuclear weapons. For it to be another country in the region, like oh, say Iran, first they would need a nuclear weapons program. Which even the CIA and Mossad have admitted Iran doesn't have.

Re:

[Uberbah]

As long as you're ignoring the fact that Israel started the '69 war, and had the '73 war coming to them as they were illegally squatting on land acquired in a war they started, sure.

Re:

[Uberbah]

1969? Your ignorance is telling.

As is your harping over a typo.

BTW, If Islam is "the Religion of Peace", why is it busy killing fellow Muslims in Syria, Iraq, Afghanistan, Yemen, Egypt, Lebanon, Algeria, Sudan, Somalia, Iran, Pakistan ...?

Your dumbfuck whattabouttery aside, because of a century of western imperialism.

Why is it killing Infidels all over the World?

Why are you ignoring the fact that all the "jihadist violence" you're whining about is 1) directly sponsored by western imperialism 2) backlash to

Re:

[Uberbah]

The original poster specified 1969. That ain't a typo. It's IGNORANCE of history.

As the original poster, I'm perfectly aware of the fact that Israel started the 1967 war by first claiming that they were defending themselves from an Arab attack, and when that turned out to be total BS, switched to claiming it was about the blockade of the Straits of Tiran. Which, according to Zionist reasoning, means that any and all Palestinian attacks in response to the blockade of Gaza are completely justified.

Socialism t

Re:

[gnasher719]

As long as you're ignoring the fact that Israel's neighbours intentionally refused to integrate any Palestinians to have some population that will continue to try to attack Israel, and ignoring the fact that Israel's neighbours wanted to exterminate everyone in Israel, and ignoring the fact that this land was given to them by European countries.

Re:

[jabuzz]

Firstly the Six Day War occured in 1967 not 1969. At this point it is hard to take anything you say seriously.

Note that the precursor to the war was Egypt closing the Straits of Tiran something that Israel had said repeatedly since 1957 would constitute an act of war.

Sure Israel made the first military strike, but only after Egypt (in response to false reports from the Soviet Union that Israel was massing on the Syrian border) massed troops in the Sinai on Israel's border, expelled the UNEF force from Gaza

Re:

[Uberbah]

Firstly the Six Day War occured in 1967 not 1969.

Congratulations on catching a typo. Here's your gold star.

At this point it is hard to take anything you say seriously.

Any excuse to avoid dealing with the fact that all the wars were started by Zionists, save the '73 Yom Kippur war, which they had coming as they were illegally squatting on land they stole during the 1967 war, which the Zionists started.

but only after Egypt (in response to false reports from the Soviet Union that Israel was massing on the S

Re:

[Uberbah]

Iran HAS a nuclear weapons program.

As much as Obama was born in Kenya, sure. As long as you're pretending.

Re:

[Uberbah]

If Iran doesn't have a nuclear weapons program, what were those hundreds of centrifuges making? Cotton Candy?

Nuclear power, grasshopper. Same reason the United States started giving the Shah nuclear power technology before his regime was overthrown - Iran is an oil producing country, and nuclear power allows them to export more oil. Any more remedial questions?

Re:

[Uberbah]

Well, seeing that you need a nuclear power program for a modern nuclear weapons program....

So where's the bedwetting over Japan's nuclear power program? All Iran wants is the same nuclear power generation enjoyed by other countries that aren't threatened with total genocide [reuters.com] for possessing.

if it's a nuclear program and not working on thorium reactors

You mean the vaporware that no one is building, including nuclear weapon possessing countries like the US, the UK, France and Russia?

LOL! Iran has hundreds of

Re:

[Uberbah]

Los Alamos is a highly secured facility, does that mean the US plans to nuke other countries? The dipshit force is strong with you, AC.

Re:

[Uberbah]

You say that like your blather is supposed to mean something. It doesn't mean anything.

small world

[Anonymous Coward]

I actually went to college with Mehdi Mansouri. I can't say I remember much about him, he wasn't a friend of mine and we didn't hang out so he was rather forgettable (no offense!). Just another face in the crowd, really. Anyhow, one time I was at brazilian spa having my crotch, taint, and ass defoliated. I looked over the the table next to me and it was Mehdi. I believe in the bro code so we just nodded and that was the end of it.

Officials does not equal Nationals

[rtb61]

Weird headline, WTF? I think name and shame is idiotic bait and capture is the only thing that makes any sense in countries without extradition. Of course the priority should be to establish good enough ties for extradition from countries but of course YOU CANT DO THAT IF YOU ARE COMMITTING CRIMES IN THE COUNTRY CAN YOU.

be cheeky and offer exchange for Stuxnet officials

[Uberbah]

...from the United States. Cuz is not like the United States wouldn't be at war with somebody by the end of the week if someone sabotaged Los Alamos.

Re:

[Uberbah]

Foreigners have no choice but to park their wealth in US assets

FTFY. Good luck being an international investor without being linked to the petrodollar, or a banking system that the USG can ban you from/seize your assets on a whim.

What about indicting the NSA?

[orzetto]

It was later discovered that the city’s computers had long been vulnerable to leaked exploits developed by the National Security Agency — later stolen and leaked online for anyone to use.

Any indictment coming soon for those in a taxpayer-funded federal agency who did not report security holes in critical US infrastructure, but instead developed tools to exploit them, which were later "lost" and ended up in the hands of anyone with an Internet connection? These guys probably reside on US territory and can actually be arrested.

These Iranians are two small-time thugs. What about the Chinese government—do you think they did not duly download the tools and put them to good use?

Re:

[orzetto]

Is it illegal to make a break-in tool like that? Or merely to use it?

Not sure if making is illegal, but I am pretty sure that if I find out that my neighbour's door has a faulty lock, make a tool with instructions on how to break in, lose it to some thief and my neighbour gets robbed by said thief with the method I developed, I would be liable to a lawsuit at the very least, if not criminal facilitation by gross negligence.

In addition to not telling my neighbour for years that his lock was faulty, which is

Stolen from NSA

[gnasher719]

Let's just remember this the next time some politician screams that encryption keys should somehow be made available to the FBI: If the NSA cannot protect malware that it developed (for nefarious but presumably legal in the USA purposes) from being stolen and used for nefarious purposes that are illegal everywhere, then what chance does the FBI have to protect keys that would allow them to crack my phone from being stolen by some hacker?