{
	"id": "eeea98e7-e4bd-44ab-8b81-d1578697ea80",
	"created_at": "2026-04-06T00:10:04.922572Z",
	"updated_at": "2026-04-10T03:34:24.789437Z",
	"deleted_at": null,
	"sha1_hash": "a1c4d7bba11b2030e8f1010cbeb058691d752d86",
	"title": "Shahid Hemmat Hackers: $10M Reward Offered by US",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 363773,
	"plain_text": "Shahid Hemmat Hackers: $10M Reward Offered by US\r\nBy Ddos\r\nPublished: 2024-10-28 · Archived: 2026-04-05 16:04:00 UTC\r\nThe US Department of State has announced a reward of up to $10 million for information leading to the\r\nidentification or location of individuals engaged in malicious cyber activities against US critical infrastructure\r\nunder the direction of foreign governments. This initiative falls under the purview of the “Rewards for Justice”\r\nprogram, a division of the State Department tasked with pursuing individuals who pose a threat to US national\r\nsecurity.\r\nCentral to this announcement is the identification of the Shahid Hemmat group, which, according to the State\r\nDepartment, operates under the control of the Islamic Revolutionary Guard Corps (IRGC). Four Iranian hackers –\r\nManouchehr Akbari, Amir Hossein Hoseini, Mohammad Hossein Moradi, and Mohammad Reza Rafatnejad –\r\nhave been designated as key figures within this group.\r\nThe State Department asserts that these individuals orchestrated extensive cyberattacks targeting the US defense\r\nsector and international transportation networks. Their actions are classified as violations of the Computer Fraud\r\nand Abuse Act.\r\nFurthermore, it has been determined that the Shahid Hemmat group collaborates with other individuals and\r\nentities affiliated with the IRGC, including Mohammad Bagher Shirinkar, Mahdi Lashgarian, and Alireza Shafie\r\nNasab. Among the front companies employed in these operations are Emennet Pasargad, Dadeh Afzar Arman\r\n(DAA), and Mehrsam Andisheh Saz Nik (MASN).\r\nhttps://securityonline.info/shahid-hemmat-hackers-10m-reward-offered-by-us/\r\nPage 1 of 2\n\nRelated Posts:\r\nFrom Espionage to Ransomware: Iran’s Strategic Assault on the West Revealed\r\nPyPI Poisoned: 116 Malicious Packages Target Windows and Linux\r\n600 Million Daily Cyberattacks: Microsoft’s Alarming Report\r\nSupport Our Threat Intelligence\r\nIf you find our CVE report and cybersecurity news helpful, consider supporting our work.\r\nPost navigation\r\nSource: https://securityonline.info/shahid-hemmat-hackers-10m-reward-offered-by-us/\r\nhttps://securityonline.info/shahid-hemmat-hackers-10m-reward-offered-by-us/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"Malpedia"
	],
	"references": [
		"https://securityonline.info/shahid-hemmat-hackers-10m-reward-offered-by-us/"
	],
	"report_names": [
		"shahid-hemmat-hackers-10m-reward-offered-by-us"
	],
	"threat_actors": [
		{
			"id": "e2f791e7-a926-437b-baea-8fd8cc7fca2d",
			"created_at": "2024-11-03T02:00:03.63401Z",
			"updated_at": "2026-04-10T02:00:03.730211Z",
			"deleted_at": null,
			"main_name": "Shahid Hemmat",
			"aliases": [],
			"source_name": "MISPGALAXY:Shahid Hemmat",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "b07fec96-80cd-4d92-aa52-a26a0b25b7c2",
			"created_at": "2022-10-25T16:07:23.826594Z",
			"updated_at": "2026-04-10T02:00:04.760416Z",
			"deleted_at": null,
			"main_name": "Madi",
			"aliases": [
				"Mahdi"
			],
			"source_name": "ETDA:Madi",
			"tools": [
				"Madi"
			],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "07131850-5161-48b8-98be-6b0271d44d0e",
			"created_at": "2024-01-23T13:22:35.085803Z",
			"updated_at": "2026-04-10T02:00:03.521854Z",
			"deleted_at": null,
			"main_name": "Cotton Sandstorm",
			"aliases": [
				"Emennet Pasargad",
				"Holy Souls",
				"MARNANBRIDGE",
				"NEPTUNIUM",
				"HAYWIRE KITTEN"
			],
			"source_name": "MISPGALAXY:Cotton Sandstorm",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434204,
	"ts_updated_at": 1775792064,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a1c4d7bba11b2030e8f1010cbeb058691d752d86.pdf",
		"text": "https://archive.orkl.eu/a1c4d7bba11b2030e8f1010cbeb058691d752d86.txt",
		"img": "https://archive.orkl.eu/a1c4d7bba11b2030e8f1010cbeb058691d752d86.jpg"
	}
}