2 indicted in $30M ransomware scheme targeting municipalities, public institutions
The attack began in 2015, when the pair began installing ransomware on computers of more than 200 victims to extort money
WASHINGTON — A federal grand jury indicted two men on counts related to a three-year-long international hacking scheme that caused over $30 million in victim losses, the Department of Justice announced this morning.
Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri of Iran allegedly used a malware program known as SamSam Ransomware to encrypt data on victims’ computers and extort them for ransom in exchange for their information back.
According to the indictment, Savandi and Mansouri collected over $6 million in ransom payments, with victims including hospitals, healthcare companies, universities and municipalities incurring over $30 million in losses.
“The allegations in the indictment unsealed today—the first of its kind—outline an Iran-based international computer hacking and extortion scheme that engaged in 21st-century digital blackmail,” said Assistant Attorney General Brian A. Benczkowski. “As today’s charges demonstrate, the [Justice Department’s] Criminal Division and its law enforcement partners will relentlessly pursue cybercriminals who harm American citizens, businesses, and institutions, regardless of where those criminals may reside.”
Savandi and Mansouri are charged with six counts including conspiracy to commit wire fraud, conspiracy to commit fraud and related activity in connection with computers, two counts of intentional damage to a protected computer and two counts of transmitting a demand in relation to damaging a protected computer.