Skip to main content

Justice Department indicts two Iranians over SamSam ransomware attacks

An example of the SamSam ransom note. (Image: SecureWorks)

U.S. federal prosecutors have indicted two Iranian nationals for creating and deploying the notorious SamSam ransomware.

Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, were indicted by a federal grand jury in New Jersey on Monday on several counts of computer hacking and fraud charges. The case was unsealed Wednesday, shortly before a press conference announcing the charges by U.S. deputy attorney general Rod Rosenstein.

“The Iranian defendants allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims,” said Rosenstein. “According to the indictment, the hackers infiltrated computer systems in ten states and Canada and then demanded payment. The criminal activity harmed state agencies, city governments, hospitals, and countless innocent victims.”

Among those victims included the City of Atlanta, which was knocked offline earlier this year, and projected to spent at least $2.6 million in recovery following a SamSam infection. It was later discovered that the city’s computers had long been vulnerable to leaked exploits developed by the National Security Agency — later stolen and leaked online for anyone to use.

Other victims included clinical lab testing giant LabCorp, the City of Newark, New Jersey, and the Port of San Diego, attacked in late-September — which prosecutors said was the most recent attack.

Several city municipalities, hospitals and medical centers were also hit by the ransomware.

In total, SamSam has generated some $6 million in proceeds to date — or 1,430 bitcoin at today’s value.

Prosecutors said that nearly every U.S. state had at least one victim — some, including most of the eastern seaboard, had more than six victims.

According to the indictment, Savandi and Mansouri created SamSam in late-2015 and refined it over the following two years. The two allegedly conducted reconnaissance to try to determine potential victims, and launched attacks outside business hours to maximize the damage by preventing mitigations.

Justice Dept. prosecutors say that the SamSam infections caused $30 million in losses and damages.

As Iranian nationals and residents, it’s unlikely that the two will ever face justice in the U.S., but the indictments serve as a “name and shame” effort employed by the Justice Dept. in recent years.

The indictments likely won’t result in extraditions or convictions, but does make it difficult for the alleged ransomware authors to travel freely — running the risk of being detained in a country that has an extradition policy with the U.S.

Savandi and Mansouri remain wanted by the FBI.

In its first cyberoperation against Russian trolls, U.S. takes a gentle approach



from TechCrunch https://ift.tt/2RhqJre
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

The Silent Revolution of On-Device AI: Why the Cloud Is No Longer King

Introduction For years, artificial intelligence has meant one thing: the cloud. Whether you’re asking ChatGPT a question, editing a photo with AI tools, or getting recommendations on Netflix — those decisions happen on distant servers, not your device. But that’s changing. Thanks to major advances in silicon, model compression, and memory architecture, AI is quietly migrating from giant data centres to the palm of your hand. Your phone, your laptop, your smartwatch — all are becoming AI engines in their own right. It’s a shift that redefines not just how AI works, but who controls it, how private it is, and what it can do for you. This article explores the rise of on-device AI — how it works, why it matters, and why the cloud’s days as the centre of the AI universe might be numbered. What Is On-Device AI? On-device AI refers to machine learning models that run locally on your smartphone, tablet, laptop, or edge device — without needing constant access to the cloud. In practi...
1 comment
Read more

Apple’s AI Push: Everything We Know About Apple Intelligence So Far

Apple’s WWDC 2025 confirmed what many suspected: Apple is finally making a serious leap into artificial intelligence. Dubbed “Apple Intelligence,” the suite of AI-powered tools, enhancements, and integrations marks the company’s biggest software evolution in a decade. But unlike competitors racing to plug AI into everything, Apple is taking a slower, more deliberate approach — one rooted in privacy, on-device processing, and ecosystem synergy. If you’re wondering what Apple Intelligence actually is, how it works, and what it means for your iPhone, iPad, or Mac, you’re in the right place. This article breaks it all down.   What Is Apple Intelligence? Let’s get the terminology clear first. Apple Intelligence isn’t a product — it’s a platform. It’s not just a chatbot. It’s a system-wide integration of generative AI, machine learning, and personal context awareness, embedded across Apple’s OS platforms. Think of it as a foundational AI layer stitched into iOS 18, iPadOS 18, and m...
Post a Comment
Read more

Max Q: Anomalous

Hello and welcome back to Max Q! Last week wasn’t the most successful for spaceflight missions. We’ll get into that a bit more below. In this issue: First up, a botched launch from Virgin Orbit… …followed by one from ABL Space Systems News from Rocket Lab, World View and more Virgin Orbit’s botched launch highlights shaky financial future After Virgin Orbit’s launch failure last Monday, during which the mission experienced an  “anomaly” that prevented the rocket from reaching orbit, I went back over the company’s financials — and things aren’t looking good. For Virgin Orbit, this year has likely been completely turned on its head. The company was aiming for three launches this year, but everything will remain grounded until the cause of the anomaly has been identified and resolved. It’s unclear how long that will take, but likely at least three months. Add this delay to Virgin’s dwindling cash reserves and you have a foundation that’s suddenly much shakier than before. ...
Post a Comment
Read more