
![]() |
Brian Sims
Editor |
Home> | Security | >Cyber Crime | >FBI & NCA to charge alleged cyber criminals |
FBI & NCA to charge alleged cyber criminals
29 November 2018
AMERICAN PROSECUTORS have announced criminal charges against two Iranian nationals accused of carrying out a ransomware campaign which affected hundreds of networks worldwide, following an investigation involving the FBI and the UK’s National Crime Agency.
The two men, Mohammad Mehdi Shah Mansouri, aged 27, and Faramarz Shahi Savandi, 34, are alleged to have infected over 200 victims, largely in the US and Canada, with the SamSam ransomware virus.
Among those affected were healthcare providers, public transportation bodies, shipping and local government services.
Since the beginning of their campaign in December 2015 they are believed to have taken over US$6m in victim payments, laundering the money through bitcoin exchanges. Two such exchanges now face sanctions from the US Treasury.
The men are accused of using either brute force attacks or stolen login credentials to place malware onto the servers, the seemingly legitimate login to the network making the malware far more difficult to detect. Some of the stolen login details were bought on darknet marketplaces.
Once infected, users would find their computer encrypted, receiving a note instructing them to make bitcoin payments through a Tor hidden site. After paying, they would receive cryptographic tools to decrypt their network.
Both men are now wanted by the US authorities.
Mark Stirling, from the NCA’s National Cyber Crime Unit said, “NCA investigators working with our US colleagues were able to determine that this crime group used UK infrastructure to carry out some of their criminality.
“Because of that we were able to providing the US with digital forensic evidence that was crucial to these charges being laid and the identification of those accused of running the SamSam ransomware campaign.
“It demonstrates once again that this form of crime does not recognise international borders, so it takes an international law enforcement response to bring the perpetrators to justice.”
- Staffordshire Fire and Rescue Service prosecuted in wake of HSE investigation
- Crown Prosecution Service warns general public to guard against COVID-related fraud
- Brutal cuts to Fire and Rescue Services being rushed through asserts FBU
- 22 dead in Manchester bomb attack
- New sprinkler system contains fire
- Government takes action to block online criminal gateways
- Fire Safety Matters signs partnership extension with Nineteen Group
- Tall Building Fire Safety Network to run high-rise fire safety conference
- Firefighters’ risk of exposure to carcinogens tackled with packaged solutions
- “Still work to be done on reducing automated gate accidents” urges Gate Safe founder