Justice Department Charges Four Iranian Nationals for Multi-Year Cyber Campaign Targeting U.S. Companies

 

During the Course of the Conspiracy, One Defendant Also Worked for an IRGC Electronic Warfare and Cyber Defense Unit

An indictment was unsealed today in Manhattan federal court charging Iranian nationals Hossein Harooni (حسین هارونی), Reza Kazemifar (رضا کاظمی فر), Komeil Baradaran Salmani (کمیل برادران سلمانی), and Alireza Shafie Nasab (علیرضا شفیعی نسب) for their involvement in a cyber-enabled campaign to compromise U.S. government and private entities, including the U.S. Departments of Treasury and State, defense contractors, and two New York-based companies. Nasab was charged for the same conduct in a previous indictment that was unsealed on Feb. 29. The defendants remain at large.

Concurrent with today’s unsealing, the U.S. Department of State’s Rewards for Justice program (RFJ) is offering a reward of up to $10 million for information leading to the identification or location of the group and the defendants. The RFJ program seeks information on any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities in violation of the Computer Fraud and Abuse Act (CFAA). Additionally, the Treasury Department announced sanctions against the four defendants, among other malicious cyber actors.

“Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability,” said Attorney General Merrick B. Garland. “These defendants are alleged to have engaged in a coordinated, multi-year hacking campaign from Iran targeting more than a dozen American companies and the U.S. Treasury and State Departments. This case represents just one part of the U.S. government’s effort to counter the range of threats originating from Iran that endanger the American people.”

“The FBI is constantly working to detect and counter cyber campaigns like the one described in today’s indictment. From enabling lethal plots and repressing our citizens and residents to targeting our critical infrastructure, we’ve often seen the trail of dangerous cyber-criminal activity lead back to Iran,” said FBI Director Christopher Wray. “Today’s announcement demonstrates the FBI’s commitment to using every lawful tool at our disposal, together with our domestic and international partners, to disrupt the threats posed from Iran to American businesses and citizens.”

“Today’s charges pull back the curtain on an Iran-based company that purported to provide ‘cybersecurity services’ while in actuality scheming to compromise U.S. private and public sector computer systems, including through spearphishing and social engineering attacks,” said Assistant Attorney General Matthew G. Olsen of the Department of Justice’s National Security Division. “The Department is committed to using a whole of government approach to disrupt such malicious activities and impose consequences on the individuals that carry them out.  Employees that continue to work at these companies risk arrest and prosecution or a lifetime as an international fugitive from justice.”  

“As alleged, the defendants participated in a cyber campaign using spearphishing and other hacking techniques in an attempt to compromise private companies with access to defense-related information,” said U.S. Attorney Damian Williams for the Southern District of New York. “Cyber intrusion schemes such as the one alleged threaten our national security, and I’m proud of our law enforcement partners and the career prosecutors of this office for continuing to use innovative technologies and investigative measures to disrupt and track down these cybercriminals. If you have information leading to the to the identification or location of Harooni, Kazemifar, Salmani, or Nasab, please reach out to the Department of State at rewardsforjustice.net.”

According to court documents, from at least in or about 2016 through at least in or about April 2021, Harooni, Kazemifar, Salmani, Nasab, and other conspirators were members of a hacking organization that participated in a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions. These intrusions targeted more than a dozen U.S. companies and the U.S. Departments of Treasury and State.

During the conspiracy, Kazemifar, Salmani, and Nasab were employed by Mahak Rayan Afraz (محک رایان افراز), an Iran-based company that purported to provide cybersecurity services, but which was, in fact, a front for the conspirators’ operations.

The hacking group’s private sector victims were primarily cleared defense contractors, which are companies that have been granted security clearances by the U.S. Department of Defense to access, receive, and store classified information for the purpose of conducting activities in support of U.S. Department of Defense programs. In addition, the group targeted a New York-based accounting firm and a New York-based hospitality company.

In conducting their hacking campaigns, the group used spearphishing — tricking an email recipient into clicking on a malicious link — to infect victim computers with malware. During their campaigns against one victim, the group compromised more than 200,000 employee accounts. In another campaign, the conspirators targeted 2,000 employee accounts. In order to manage their spearphishing operations, the group created and used a particular computer application that enabled the conspirators to organize and deploy their spearphishing attacks.

In the course of these spearphishing attacks, the conspirators compromised an administrator email account belonging to a defense contractor (Defense Contractor-1). Access to this administrator account empowered the conspirators to create unauthorized Defense Contractor-1 accounts, which the conspirators then used to send spearphishing campaigns to employees of a different defense contractor and a consulting firm.

In addition to spearphishing, the conspirators utilized social engineering, which involved impersonating others, generally women, to obtain the confidence of victims. These social engineering contacts were another means the conspiracy used to deploy malware onto victim computers and compromise those devices and accounts.

Kazemifar was responsible for testing the tools utilized by the conspiracy to execute its cyber campaigns. For example, Kazemifar was involved in testing spearphishing emails used to target victim companies and was involved in developing malware utilized by the conspiracy in social engineering initiatives. During the course of his involvement in the conspiracy, from at least in or about 2014 through at least in or about 2020, Kazemifar also worked for the Iranian Organization for Electronic Warfare and Cyber Defense (EWCD). EWCD is a component of the Islamic Revolutionary Guard Corps (IRGC), which is itself a component of the Iranian Armed Forces. Among other things, the IRGC is responsible for Iran’s offensive cyber capabilities. The United States has designated the IRGC as a foreign terrorist organization.

Harooni was responsible for procuring, administering, and managing the online network infrastructure, including computer servers and customized software used to facilitate the computer intrusions. Harooni also fraudulently used the identity of a real person (Individual-1), including his use of a copy of Individual-1’s true passport, to conceal his role in procuring online infrastructure used by the conspiracy to facilitate the computer intrusion campaign.

Salmani was responsible for testing tools utilized by the conspiracy to execute spearphishing campaigns, including the campaign against a hospitality company. Salmani was also involved in maintaining infrastructure used by the conspirators.

Nasab was responsible for procuring infrastructure used by the conspiracy, particularly infrastructure used in furtherance of social engineering campaigns. Nasab also used Individual-1’s identity, including Individual-1’s name and passport, to register server and email accounts that were used during malicious cyber campaigns.           

The defendants are each charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud. If convicted, they face up to five years in prison for the computer fraud conspiracy, and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud. Harooni is additionally charged with knowingly damaging a protected computer, which carries a maximum penalty of 10 years in prison. Harooni, Salamani, and Nasab are additionally charged with aggravated identity theft, which carries a mandatory consecutive term of two years in prison. A federal district judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Cyber Division is investigating the case.

Assistant U.S. Attorneys Ryan B. Finkel, Dina McLeod, and Daniel G. Nessim for the Southern District of New York are prosecuting the case, with assistance from Trial Attorney Matthew Chang of the National Security Division’s National Security Cyber Section.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

City Employee Pleads Guilty To Check Theft Scheme

 

Damian Williams, the United States Attorney for the Southern District of New York, and Jocelyn E. Strauber, the Commissioner of the New York City Department of Investigation (“DOI”), announced that BRANDON SANTANOO, an employee of the New York City Law Department (the “Law Department”), pled guilty to conspiracy to commit bank fraud in connection with his participation in a scheme to steal checks mailed to the Law Department and then to deposit or attempt to deposit forged, altered, and fraudulently endorsed versions of those checks into bank accounts not associated with the Law Department.  SANTANOO pled guilty before U.S. Magistrate Judge Jennifer E. Willis. 

U.S. Attorney Damian Williams said: “Brandon Santanoo abused his position of trust as a city employee.  As he admitted in federal court, he stole hundreds of thousands of dollars’ worth of checks made payable to the Law Department and passed them along to others to fraudulently deposit.  We will not tolerate any breach of trust or corruption within city agencies.” 

DOI Commissioner Jocelyn E. Strauber said: “Brandon Santanoo used his position at the City Law Department to steal approximately 40 checks payable to the City – and valued at approximately $600,000 – and then handed them out to acquaintances to forge, alter, or fraudulently endorse the checks and then deposit into private bank accounts.  I thank the Law Department for the referral to DOI that prompted this investigation and our law enforcement partners in the United States Attorney’s Office for the Southern District of New York for their commitment to hold accountable City employees who exploit their access to engage in criminal conduct, and to protect valuable City resources from theft.”

According to the allegations in the Information and the Complaint, the plea agreement, and statements made in court:

Beginning in 2017, SANTANOO worked as a clerk in the mail room at the Law Department’s office in Brooklyn.  By virtue of his position, SANTANOO had access to mail that was sent to the Law Department. 

From at least in or about June 2021 through at least in or about May 2023, SANTANOO stole checks that had been mailed to the Law Department, including checks made payable to the Law Department’s Worker’s Compensation Division, which is responsible for administering claims of city employees who are injured on the job.  SANTANOO then passed those checks onto other people, who deposited or attempted to deposit forged, altered, and fraudulently endorsed versions of those checks into third parties’ bank accounts.  Approximately 40 checks, totaling approximately $600,000, were stolen and deposited or attempted to be deposited as part of the scheme.

SANTANOO, 27, of Queens Village, New York, pled guilty to one count of conspiracy to commit bank fraud, which carries a maximum potential sentence of 30 years in prison. 

The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by a judge.  Sentencing is scheduled for September 4, 2024, at 10:00 a.m. before U.S. District Judge Richard M. Berman.

Mr. Williams praised the outstanding investigative work of the DOI.  Mr. Williams also thanked the Special Agents from the U.S. Attorney’s Office for the Southern District of New York for their assistance on this matter.

Bronx Chamber of Commerce - April 24th Webinar: Proposed Changes to NYC Vending

 

ATTENTION: Citywide Storefront Businesses

If you own or operate a storefront business in NYC, you don’t want to miss this.

This Wednesday April 24th from 1:00-2:00pm, the Bronx Chamber of Commerce is hosting an important policy briefing on Zoom regarding proposed changes to street vending legislation.

CLICK HERE TO REGISTER

There is no cost to attend and the webinar is open to storefront business representatives from throughout the 5 boroughs, so please feel free to share this email, and visit the Bronx Chamber website's Legislative Info Page for more information in advance.

Register For The Webinar

Full Bronx Chamber Calendar of Events

Become a Bronx Chamber Member Today - Click Here

Permits Filed For 1848 Vyse Avenue In Crotona Park East, The Bronx

 

Permits have been filed for an 11-story residential building at 1848 Vyse Avenue in Crotona Park East, The Bronx. Located between East 174th Street and Boston Road, the lot is near the 174th Street subway station, serviced by the 2 and 5 trains. Martin Dunn of Bronx Affordable Holdings LLC is listed as the owner behind the applications.

The proposed 110-foot-tall development will yield 78,623 square feet designated for residential space. The building will have 120 residences, most likely rentals based on the average unit scope of 655 square feet. The masonry-based structure will also have a 30-foot-long rear yard.

Dattner Architects is listed as the architect of record.

Demolition permits will likely not be needed as the lot is vacant. An estimated completion date has not been announced.

News, updates and more from NYC Council Member Rafael Salamanca, Jr.

 

THE WEEK IN REVIEW

ASPCA HEROES IN HUMAN SERVICE AWARD

Thank you to the ASPCA for presenting me with your Heroes in Human Service Award - and congratulations to all of the other honorees! 

As an animal lover, I’m always looking for ways we can help our friends who don’t have a voice of their own. With the ASPCA’s new office in District 17, I look forward to a strengthening of our partnership as we continue our collective advocacy rights for our furry friends. 

BRONX ZOO’S 125TH BIRTHDAY CELEBRATION!

Happy 125th Birthday Bronx Zoo!
Here’s to many more years of providing our Bronx community with exceptional conservation and educational experiences!

BRONXNET STUDIO TOUR

Had a great time stopping by BronxNet Community Television’s state-of-the-art multimedia facility!   

Stay tuned for details on how you can catch my interview with Jonathan Calixto where we discussed all things District 17.

UPCOMING EVENTS

DOT HELMET FITTING AND DISTRIBUTION

My office will be partnering with NYC DOT to host a FREE helmet-fitting and giveaway event on Sunday, April 28th. 

*Please note that helmets will only be distributed to those present, and a parent or legal guardians must be present with children under 18*

2024 MOTHER’S DAY CELEBRATION  Thank you to everyone who RSVP’d for our 2024 Mother’s Day Celebration!  Due to overwhelming popularity, we have already reached maximum capacity and will no longer be accepting reservations for this event. Visit our District Office at:  1070 Southern Boulevard Bronx, New York 10459 (718) 402-6130 salamanca@council.nyc.gov

MAYOR ADAMS, SPEAKER ADAMS INVEST OVER $22 MILLION IN CULTURAL ORGANIZATIONS AS ADMINISTRATION’S STRONG FISCAL MANAGEMENT IMPROVES CITY’S BUDGET OUTLOOK

 

$18.3 Million Allocated Over Next Three Fiscal Years to Cultural Institutions Group, Supporting 34 Cultural Organizations Operated on City-Owned Property 

$4.3 Million Allocated Over Next Two Fiscal Years to Cultural Development Fund,

Supporting Over 1,000 Cultural Nonprofits Across the City

New York City Mayor Eric Adams and New York City Council Speaker Adrienne Adams today announced that, thanks to strong fiscal management, the city will make multiple investments in New York City’s cultural sector by allocating more than $22 million over the next three fiscal years for the New York City Department of Cultural Affairs (DCLA) as part of the city’s Fiscal Year (FY) 2025 Executive Budget. The investment includes $18.3 million over the next three fiscal years for the 34 members of the Cultural Institutions Group (CIG). These institutions — including museums, performing arts centers, historical societies, zoos, and botanical gardens — operate on city-owned property and serve as community anchors and economic engines for neighborhoods in all five boroughs. Over the next two fiscal years, the FY25 Executive Budget will also allocate $4.3 million to the Cultural Development Fund (CDF), which supports over 1,000 cultural nonprofits across the city annually, investing in a wide range of groups that represent the backbone of the city’s remarkable cultural community.

“Our people, arts, and culture are the heart and soul of New York City, and they are the cornerstone of our economic rebound,” said Mayor Adams. “New Yorkers, alongside tourists from every corner of the globe, enjoy our world-class museums, theaters, performing arts centers, and more. Our strong fiscal management has enabled us to put money back into the cultural organizations that do so much for us, and with this investment of more than $22 million we are reaffirming our commitment to this vital sector.”

“New York City must invest in the success of our cultural institutions if we are to remain the cultural capital of the world — continuing to benefit from the estimated $110 billion in annual activity the cultural economy generates for our city,” said Speaker Adams. “Today’s joint announcement with Mayor Adams is an important down payment for our cultural sector in the Executive Budget that establishes a foundation to build upon for the final city budget. Our arts and cultural institutions are essential pillars of our city's communities that the Council has consistently championed adequate funding to support. We look forward to our continued work with the administration and all stakeholders to deliver a budget that invests the necessary funds for a healthy and robust cultural sector.”

“Thanks to our city’s sound fiscal management, we are able to invest in our city’s invaluable cultural groups, ensuring that New York City remains a vibrant hub of creativity, diversity, and expression for all New Yorkers,” said First Deputy Mayor Sheena Wright. “Our cultural institutions are the lifeblood of New York City, reflecting our city’s diversity and we are proud to continue to support these organizations with a $22 million investment.”

“Art and culture are what make our city unique, driving our economy and strengthening our communities,” said Deputy Mayor for Housing, Economic Development, and Workforce Maria Torres-Springer. “Thanks to strong fiscal stewardship across city government through the unprecedented challenges we've faced, I'm thrilled to announce an investment of more than $22 million for the thousands of creative organizations across the five boroughs. This funding will strengthen organizations of all sizes and will ensure that our vibrant artistic community continues to thrive, inspire, and unite us all.”

“Culture is the heartbeat of New York City, and the cultural institutions that my agency supports across the city are where the real work happens — incubating artists, engaging audiences, and creating community,” said DCLA Commissioner Laurie Cumbo. “We had to tighten our belts along with our fellow agencies in light of the fiscal challenges our city has faced, but we're overjoyed for today's announcement that we'll be able to invest a significant portion of this funding in this year's budget, and in the upcoming years. Culture in New York City is a public-private partnership, and we're proud to remain the largest funder of art and culture in America. We look forward to continuing to work with and investing in our remarkable cultural organizations.”

By stabilizing the city’s budget and fiscal outlook, the Adams administration has been able to invest city and state recurring dollars and protect $22.6 million for cultural institutions. Cultural organizations continue to engage New Yorkers and attract visitors to New York City, as the city boasted its fourth highest year for tourism in 2023 and projects even more visitors in 2024. According to the Mayor’s Management Report, attendance at CIG-member institutions increased more than 60 percent in FY23 over FY21.

Mayor Adams, DCLA Commissioner Cumbo, and other members of the administration have collaborated on many new initiatives to support the city’s vibrant cultural sector and bring the arts to all New Yorkers. In February, DCLA announced more than $52 million in grants for 1,031 nonprofits through the CDF, which is part of this budget investment for FY25 and FY26. With support from Mayor Adams, the City Council, and borough presidents, DCLA also announced more than $222 million in new funding for cultural capital projects across the city, in the Bronx, Brooklyn, Manhattan, Queens, and Staten Island.

Under the Adams administration, the city has also announced new initiatives to support artists and bring arts programming to residents in every corner of the city. Mayor Adams convened the city’s first-ever Live Performance Industry Council to address issues facing this industry. The new City Canvas program will transform unsightly sidewalks sheds, construction sheds, and scaffolding into platforms for creative expression. The revived She Built NYC program will honor remarkable women from New York City history with monuments in all five boroughs. A new, interactive map launched as part of the 40^th anniversary of the city’s Percent for Art program makes the city’s public art collection more accessible than ever before. And efforts to bring temporary art installations into City Hall and other public buildings have, most recently, included an exhibition at City Hall that explores “the Greatest Day in Hip-Hop.” Today’s announcement also aligns with the “‘New’ New York: Making New York Work for Everyone” plan, which includes recommendations to invest in culture, as well as supporting artists, artist spaces, and artist organizations — including through increased support for cultural organizations.

NYC Cultural Affairs Commissioner Laurie Cumbo joined community and cultural leaders from across the Bronx to announce new capital funding for cultural capital projects across the borough, including $2 million in new funding for The New York Botanical Garden’s (NYBG) state-of-the-art Site Operations Center, which will be among the first “net-positive energy” facilities in the Bronx when it’s complete. With this allocation, the City has contributed over $15 million to the NYBG project to date. As part of an ongoing five borough tour, Commissioner Cumbo also highlighted critical capital investments for cultural groups across the Bronx, including funding for projects at the Bronx County Historical Society, Bronx Museum, The Point, Pregones / PRTT Traveling Theater, Wave Hill, and the Bronx Zoo. These awards are part of Mayor Adams’ $117 million investment for FY 2024 in cultural capital projects across all five boroughs.

The New York Botanical Garden (NYBG) will completely rebuild its outdated operations yard into a 21st century Site Operations Center. The City of New York is the lead funder for this innovative and sustainable project, which also meets the daily work needs of the Garden's core DC37 workforce—the building service employees, engineers, carpenters, and administrative staff who maintain NYBG as an open, accessible, and safe sanctuary for the hundreds of thousands of New Yorkers and their families who visit NYBG each year. The operations center is also designed to be energy net positive; feature innovative building techniques such as mass timber construction, geothermal wells, and a solar photovoltaic system; targets LEED Platinum certification; and will likely be one of the most sustainable public buildings yet constructed with City funding.

“Our cultural institutions highlight the very best of the Bronx and highlight the rich beauty and diversity of our great borough,” said Bronx Borough President Vanessa L. Gibson. “Today’s announcement ensures our cultural gems such as the New York Botanical Garden receive the necessary funding to upgrade their facilities with state-of-the-art equipment and demonstrates Mayor Adams’ commitment to equitably support arts and culture throughout our city. Thank you to Mayor Eric Adams, Department of Cultural Affairs Commissioner Laurie Cumbo, the New York City Council, advocates, and everyone else who was involved in making this announcement possible. When our cultural groups are supported, our residents, visitors, youth, and families win.”