US prosecutors have charged two Iranians of a cyber – attack that lasted for 34 months and held several schools, hospitals, universities and nations to ransom forcing them to pay ransom for the same. The prosecutors from FBI have alleged that though these criminals are in Iran and out of US law they will be apprehended if they travel out of the country and others avenues are being explored to bring them to justice. The group is accused of carrying out a ransomware attack in which malicious software is used to lock down an organization’s systems and files after which a hefty fee is extracted to unlock them.
US assistant attorney general Brian Benczowski stated that as per allegations listed in the indictment an international computer hacking and extortion scheme based in Iran engaged in an extensive blackmail using 21st-century technology. Two men Mohammad Mehdi Shah Mansouri and Faramarz Shah Savandi from Iran have been accused of deploying the ransomware while two others Ali Khorashadizadeh and Mohammad Ghorbaniyan for exchanging the ransom amount received in crypto-currency Bitcoin to Iranian currency Rial. This ransomware hack attack affected 230 victims and extracted $30 million out of them leaving them struggling to work around their stalled systems and attend to their work.
Court documents have names of 12 entities that were affected by the attack that included a hospital in Hollywood that had to turn away patients during 2016. In Atlanta the ransomware nicknamed “SamSam” affected five government departments forcing people to pay their utility bills at the counter instead of online. The attack was not limited to the US as individuals and companies in UK and Canada too were affected and the attackers targeted computers that were poorly maintained and had weak firewalls. The treasury office said that this is the first time that digital currency was linked to sanctioned individuals as it was able to identify two Bitcoin wallets associated with the accused.