Cyberheist suspects charged for selling hacked weapons software to Iranian government
Mohammed Ajily reportedly hired 'crackers' to break into stolen computer software.
Two suspects accused of orchestrating a cybercrime heist against a US software firm were named this week (17 July) in an indictment by the US Department of Justice (DoJ) after allegedly hacking into private computer networks and selling stolen weapons software to Iran.
Mohammed Saeed Ajily, 35, and Mohammed Reza Rezakhah, 39, are being sought for their role in cyberattacks against US company Arrow Tech in 2012. Stolen computer software was later sold to a number of Iranian customers in violation of US export sanctions, the DoJ said.
Ajily, a businessman who employed a group of hackers, would allegedly task Rezakhah with breaking into computers and unlawfully "cracking" locked software.
Under the name Dongle Labs, Ajily would then allegedly sell the software to a number of Iranian customers.
These included a slew of universities, however also namechecked were military and government entities. Others highlighted were Malek Ashtar Defense University, Tehran University, Sharif Technical University and Khvajeh Nasir University.
The DoJ said that, in addition to payment, Ajily also received "certificates of appreciation" for his work from several officials linked to Iran's government and military. As some documents remain sealed, it remains unclear how much money was netted by the illicit scheme.
The release noted the involvement of "a third actor" who had already pleaded guilty in the District of Vermont for related conduct, named in the indictment as Nima Golestaneh. As noted by Politico, Golestaneh was granted clemency by US President Obama in 2016.
The seven-person clemency agreement with Iran was closely linked to a prisoner swap which led to the release of four Americans including Washington Post journalist Jason Rezaian alongside Amir Hekmati, Saeed Abedini and Nosratollah Khosravi-Roodsari.
Stolen weapons technology
The main allegation in the indictment stems from an incident in October 2012 when Rezakhah allegedly hacked into Arrow Tech, which is best known for selling software that "supports aerodynamics analysis" and the design of projectiles.
The firm's primary focus is a password-locked type of proprietary computer software known as the "Projectile Rocket Ordnance Design and Analysis System", or PRODAS, which helps users analyse and design everything from bullets to GPS-guided artillery shells.
The software was designated as a "defence article" on the United States Munitions List under the International Traffic in Arms Regulations (ITAR). PRODAS is typically sold for between $40,000 and $800,000, depending on a number of available customisation options, the DoJ said.
According to the indictment, Ajily had been advertising his hackers' ability to crack such software and circumvent strict Western sanctions against Iran. The Vermont court has issued arrest warrants for both suspects, who are believed to currently be living in Iran.
The full scheme dates as far back as 2007, the Justice Department revealed.
The most wanted men
This unsealed indictment was initially filed by the court in April last year but only announced this week (17 July 2017). US officials said updates to the long-running case were withheld for a number of months as law enforcement attempted to locate and detain the suspects.
Politico reported that similar indictments in the past have worked to limit the travel of those named. Both Ajily and Rezakhah are now on the FBI's Most Wanted list. The notifications warn that both men should be considered an international flight risk.
A statement on Arrow Tech website's homepage now reads: "Please inform us immediately if you feel that someone is fraudulently representing Arrow Tech or offering PRODAS as this would be illegal under the export laws of the United States."
© Copyright IBTimes 2024. All rights reserved.