The US Department of State’s Rewards for Justice program intends to award $10 million to individuals whose information leads to the identification and location of anyone linked to the cybercrime gang CyberAv3ngers.
This cybercrime group, also known as CyberAveng3rs and Cyber Avengers, is an Iranian IRGC (Islamic Revolutionary Guard Corps) “cyber persona” that has taken responsibility for various attacks against US critical infrastructure, according to the Cybersecurity and Infrastructure Security Agency (CISA).
This cybercrime group mainly targets Israeli-made Unitronics Vision series programmable logic controllers (PLCs), which are ruggedized devices used for industrial automation.
These devices are often used in the water and waste system sector and other industries, including energy, healthcare, and food and beverage manufacturing.
Since these attacks, the US government agency has named six Iranian men as members linked to the CyberAv3ngers group’s malicious activities.
Time to avenge CyberAv3ngers’ hacking activities!
undefined Rewards for Justice (@RFJ_USA) August 7, 2024
This group, linked to Iranian military officials, has hacked into industrial control systems used by U.S. industries and public utilities.
Got info on CyberAv3ngers or these officials? Text us today via our Tor tip line. pic.twitter.com/9wRCsP23Ye
Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashwgarian, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian are said to be Iranian security officials who are affiliated with malicious cyber activities of Iran’s IRGC.
Hamid Reza Lashgarian has been identified as the leader of “the IRGC’s Cyber-Electronic Command (IRGC-CEC) and is also a commander in the IRGC-Qods Force.”
The IRGC-Qods Force is one of the five branches of the IRGC, which specializes in unconventional warfare and military operations overseas.
According to US government agencies, Reza Lashgarian has been involved in multiple IRGC-related cyber and intelligence operations.
The other five men are purported to be senior officials of the IRGC-CEC, which is the IRGC's branch responsible for cyber warfare and cyber security within the Islamic Revolutionary Guard Corps.
The IRGC-CEC has been responsible for various cyberattacks on critical infrastructure across the US and other countries, said the US Department of State.
Since at least November 22nd, 2023, these threat actors have leveraged default credentials in Unitronics devices used in critical infrastructure to compromise the devices.
“The IRGC-affiliated cyber actors left a defacement image stating, “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.” The victims span multiple US states,” CISA said.
However, the US Department of State’s Rewards for Justice claims that this group has been initiating attacks for months earlier.
“In October 2023, CyberAv3ngers actors claimed credit for cyberattacks against Israeli PLCs on their Telegram channel.”
However, these cybercriminals didn’t get off scot-free. On February 2nd, 2024, the US Department of the Treasury announced the sanctioning of these Iranian cyber actors.
The sanctions were imposed on “two Iranian companies and four individuals involved in malicious cyber activity on behalf of, directly or indirectly, the IRGC-CEC, a US-designated entity,” the US Department of State said.
The aforementioned members were named “Specially Designated Nationals pursuant to the Counterterrorism Authority Executive Order (E.O.) 13224, as amended for being leaders or officials of the IRGC-CEC,” said the US Department of State’s Rewards for Justice.
These sanctions resulted in the blocking of all property belonging to the IRGC-CEC officials that is present within the US or under the control of US persons.
The US Department of State’s Rewards for Justice program urges anyone with information to come forward via the Tor-based tips-reporting channel. Otherwise, individuals with information can leave a tip directly through the website.
Your email address will not be published. Required fields are markedmarked