{
	"id": "5bda3a5f-31b7-4d8c-bd08-30a09ca4421b",
	"created_at": "2026-04-29T08:21:36.500017Z",
	"updated_at": "2026-04-29T10:41:41.648457Z",
	"deleted_at": null,
	"sha1_hash": "257b96c925d621209c49968588b1a0e5cfedcb63",
	"title": "U.S. Accuses 7 Iranians Of Cyberattacks On Banks And Dam",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 82754,
	"plain_text": "U.S. Accuses 7 Iranians Of Cyberattacks On Banks And Dam\r\nBy Thomas Brewster\r\nPublished: 2016-03-24 · Archived: 2026-04-29 07:56:25 UTC\r\nThe U.S. has unsealed charges against seven Iranian hackers, accused of attacks on a range of American banks and\r\na dam just outside New York City. Attorney General Loretta Lynch and FBI director James Comey announced the\r\nindictments, naming Iranian residents who worked for computer security companies linked with the Iranian\r\ngovernment: ITSecTeam (ITSEC) and Mersad Company (MERSAD).\r\nThe named individuals are: Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid\r\nGhaffarinia, Sina Keissar and Nader Saedi. The men have been charged with distributed denial of service (DDoS)\r\nattacks on major U.S. banks, under an operation that was later dubbed Op Ababil, perpetrated by a group going by\r\nthe name of the Izz ad-Din al-Qassam Cyber Fighters. The attacks, which generated a sizeable 140Gbps, were\r\nlaunched in across 2011 and 2013, taking a slew of major American commercial banks offline, including Bank of\r\nAmerica and J.P. Morgan Chase , as well as the Nasdaq stock exchange. As far back as mid-2014, U.S. security\r\nresearchers had linked Iran to the group. More than 46 companies were said to have been targeted.\r\nLynch said the attacks cost victims \"tens of millions of dollars\"over 176 days. Hundreds of thousands of\r\nAmericans could not get onto online accounts.\r\nOne defendant, Firoozi, was accused of breaking into a small dam in Bowman Avenue Dam in Rye Brook, New\r\nYork. That attack did not see any physical damage caused, but could have controlled flow rates and posed a clear\r\ndanger to Americans, Lynch said. As with many previous attacks on critical infrastructure, as detailed by FORBES\r\nthis week, the hackers sought to carry out surveillance rather than wreak destruction.\r\nhttps://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/\r\nPage 1 of 3\n\nWASHINGTON, DC - MARCH 09: U.S. Attorney General Loretta Lynch testifies during a hearing before the\r\nSenate Judiciary Committee March 9, 2016 on Capitol Hill in Washington, DC. Lynch announced charges against\r\nIranian hackers, alongside FBI director James Comey. (Photo by Alex Wong/Getty Images)\r\n\"They threatened our financial wellbeing,\" Lynch said. \"We will not allow any group or nation... to undermine fair\r\ncompetition in the international market.\"\r\nComey, in talking about how the individuals might be detained, said there \"is no place safe in this increasingly\r\nsmall world\". \"We will continue to pursue hackers affiliated with terrorists and nation states... more charges, more\r\nsanctions, anything we can do to make these attacks more accountable,\" added John Carlin, assistant attorney\r\ngeneral.\r\nIranian hackers have been an increasing menace to U.S. businesses and public bodies in recent years. Since the US\r\nand Israel reportedly combined forces to launch the Stuxnet attacks on Iranian infrastructure, setting the nation’s\r\ndevelopment of nuclear weapons back at least two years, Iran has been keen to build a strong digital warfare\r\ncapability. Economic sanctions imposed by the west are also believed to have played a part in increasing\r\naggression from Iran’s digital sleuths.\r\nAmerica, meanwhile, has been increasingly keen to name nation state hackers targeting U.S. companies.\r\nYesterday, Chinese national Su Bin pled guilty to working with two accomplices to pilfer data a number of major\r\ndefense contractors, including Boeing . In 2014, American officials openly blamed North Korea for a devastating\r\nattack on Sony Pictures. A number of Chinese hackers also remain on the FBI Cyber Most Wanted for their\r\nhttps://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/\r\nPage 2 of 3\n\nalleged roles in cyber espionage on U.S. businesses, as do individuals linked with the Syrian Electronic Army\r\nthanks to indictments unsealed this week.\r\nSource: https://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/\r\nhttps://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/"
	],
	"report_names": [
		"iran-hackers-charged-bank-ddos-attacks-banks"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-29T10:39:55.496618Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "76fc6d92-0710-4640-bfa7-3000fe3940a5",
			"created_at": "2022-10-25T16:07:24.251595Z",
			"updated_at": "2026-04-29T10:39:55.544132Z",
			"deleted_at": null,
			"main_name": "Syrian Electronic Army (SEA)",
			"aliases": [
				"ATK 196",
				"Deadeye Jackal",
				"Syria Malware Team",
				"Syrian Electronic Army",
				"TAG-CT2"
			],
			"source_name": "ETDA:Syrian Electronic Army (SEA)",
			"tools": [
				"AndoServer",
				"CypherRat",
				"SLRat",
				"SandroRAT",
				"SilverHawk",
				"SpyNote",
				"SpyNote RAT"
			],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "bb08058c-a744-4129-aa80-10aa34ed8766",
			"created_at": "2022-10-25T16:07:24.474826Z",
			"updated_at": "2026-04-29T10:39:55.668303Z",
			"deleted_at": null,
			"main_name": "Cyber fighters of Izz Ad-Din Al Qassam",
			"aliases": [
				"Cyber fighters of Izz Ad-Din Al Qassam",
				"Fraternal Jackal",
				"QCF",
				"Qassam Cyber Fighters"
			],
			"source_name": "ETDA:Cyber fighters of Izz Ad-Din Al Qassam",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "9663cdbf-646e-4579-881a-a8ebc3aabf63",
			"created_at": "2023-01-06T13:46:38.360862Z",
			"updated_at": "2026-04-29T10:39:53.046207Z",
			"deleted_at": null,
			"main_name": "Cutting Kitten",
			"aliases": [
				"ITsecTeam"
			],
			"source_name": "MISPGALAXY:Cutting Kitten",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1777450896,
	"ts_updated_at": 1777459301,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/257b96c925d621209c49968588b1a0e5cfedcb63.pdf",
		"text": "https://archive.orkl.eu/257b96c925d621209c49968588b1a0e5cfedcb63.txt",
		"img": "https://archive.orkl.eu/257b96c925d621209c49968588b1a0e5cfedcb63.jpg"
	}
}