3 Iranian citizens charged in broad hacking campaign in US

Iranian cyber actors Khatibi, Mansour Ahmadi, and Amir Hossein Nickaein Ravari wanted for their alleged involvement. (AFP/State Department)
1 / 2
Iranian cyber actors Khatibi, Mansour Ahmadi, and Amir Hossein Nickaein Ravari wanted for their alleged involvement. (AFP/State Department)
The flags of Iran flutter during a sandstorm in the south of the capital Tehran on July 4, 2022. (AFP)
2 / 2
The flags of Iran flutter during a sandstorm in the south of the capital Tehran on July 4, 2022. (AFP)
Short Url
Updated 15 September 2022

3 Iranian citizens charged in broad hacking campaign in US

The flags of Iran flutter during a sandstorm in the south of the capital Tehran on July 4, 2022. (AFP)
  • Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nikaein are citizens of Iran who own or are employed by private technology companies in the country
  • Treasury Department also sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard

WASHINGTON: The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter.
The charges accuse the hacking suspects of targeting hundreds of entities in the US and around the world, including inside Britain, Australia, Iran, Russia and the US, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said.
But a separate US Treasury announcement of sanctions said the three were part of a larger hacking group tied to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC), and the US State Department has offered a $10 million reward for information on them.
The indictment identified the three as Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nikaeen Ravari.
It said that between October 2020 and August 2022, the men used known vulnerabilities in computer systems to attack multiple targets in the United States, stealing their data and demanding up to hundreds of thousands of dollars to have it returned.
Those included local governments, a shelter for victims of domestic violence, a children’s hospital in Boston, accounting firms and electricity generating companies.
The victims were not methodically chosen but were “targets of opportunity” whose computer systems were vulnerable to hacking, officials said.
“The indictment does not allege that these actors undertook these actions on behalf of the Government of Iran,” a senior Justice Department official told reporters.
The three “engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain,” FBI Director Chris Wray said in a separate statement.
But a concurrent announcement by the US Treasury said the three were part of a group of 10 Iranian hackers targeted with sanctions that was backed by the Revolutionary Guards.
“This IRGC-affiliated group is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities,” the Treasury said.
Their actions align with those of known Iranian cyberattack operations which private cybersecurity groups have dubbed “APT35,” “Charming Kitten” and “Phosphorous,” Treasury added.
The Biden administration has tried to go after hackers who have held US targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast.
Iran-based hackers have also been a focus over the last year, with the FBI last year thwarting a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government.
“The cyber threat facing our nation is growing more dangerous and complex every day,” FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. “Today’s announcement makes clear the threat is both local and global. It’s one we can’t ignore and it’s one we can’t fight on our own, either.”
the Treasury Department’s Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of a technology firm it says is affiliated with the Revolutionary Guard.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers.
The actions come amid an apparent stalemate in talks between the US and Iran over the possible revival of a 2015 nuclear deal. Israel and some US lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran’s nuclear program a failure.
The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it “functionally impossible” for them to leave the country.
(With AFP and AP)


Egyptian fighter plane crashes in training accident

Egyptian fighter plane crashes in training accident
Updated 56 min 42 sec ago

Egyptian fighter plane crashes in training accident

Egyptian fighter plane crashes in training accident
  • Crew survived and no damage caused on the ground after technical malfunction
  • Another technical malfunction caused a fighter plane to crash during training in June

CAIRO: An Egyptian fighter plane crashed on Sunday while training, the Egyptian army said.

Gharib Abdel-Hafez, a military spokesman, said on Facebook that the crew survived and that no damage was caused on the ground. He did not identify the location of the crash, which he said was caused by a technical malfunction.

Another technical malfunction caused a fighter plane to crash during training in June. The pilot survived that accident, the spokesman added.

Separately, the British Red Arrows arrived at an air base in southern Egypt to take part in the Hurghada Air Show 2022 over the city of Sahl Hasheesh on Wednesday.

According to the spokesman, the Red Arrows will join the Egyptian Silver Stars team for the event.


Region’s first successful bone marrow transplant on MS patient performed in Abu Dhabi

Region’s first successful bone marrow transplant on MS patient performed in Abu Dhabi
Updated 27 November 2022

Region’s first successful bone marrow transplant on MS patient performed in Abu Dhabi

Region’s first successful bone marrow transplant on MS patient performed in Abu Dhabi
  • Center also performed region’s first autologous hematopoietic stem cell transplantation on an MS patient, who has reported an improvement in her overall condition

ABU DHABI: The Abu Dhabi Stem Cells Center has performed the region’s first successful bone marrow transplant on a patient suffering from multiple sclerosis, Emirates News Agency reported. 

This achievement marks a major advance in cell therapy and regenerative medicine capabilities to treat a range of diseases, including cancer and immune disorders.

Doctors at ADSCC performed the region’s first autologous hematopoietic stem cell transplantation on a patient with MS earlier this month and the patient has since reported an improvement in her overall condition. The treatment aims to “reset” a person’s immune system and can be used for those with relapsing forms of MS.

“We are extremely proud of our achievement at the Abu Dhabi Stem Cells Center to become the first centre in the region to perform the BMT on a MS patient. It fills us with great pride to make such a life-saving treatment here in Abu Dhabi,” said ADSCC’s CEO Dr Yendry Ventura. 

The AHSCT procedure carried out by ADSCC is a “standard of care” and not just a “clinical option” under the updated European Group for Blood & Marrow Transplantation and American Society for Blood and Marrow Transplantation guidelines from 2019, which reviewed the clinical evidence of AHSCT on MS patients. 

The transplant success follows ADSCC’s ground-breaking work on COVID-19 treatments during the pandemic. These included UAECell19, which was used as a stem cell therapy to help regenerate lung capacity in thousands of COVID-19 patients.

 


Niece of Iran’s Supreme Leader urges world to cut ties with Tehran over unrest: Online video

Niece of Iran’s Supreme Leader urges world to cut ties with Tehran over unrest: Online video
Updated 27 November 2022

Niece of Iran’s Supreme Leader urges world to cut ties with Tehran over unrest: Online video

Niece of Iran’s Supreme Leader urges world to cut ties with Tehran over unrest: Online video
  • “O free people, be with us and tell your governments to stop supporting this murderous and child-killing regime,” Moradkhani said in the video
  • “This regime is not loyal to any of its religious principles and does not know any rules except force and maintaining power,” she said

DUBAI: Iranian Supreme Leader Ayatollah Ali Khamenei’s niece, a well known rights activist, has called on foreign governments to cut all ties with Tehran over its violent crackdown on popular unrest kindled by the death in police custody of a young woman.
A video of a statement by Farideh Moradkhani, an engineer whose late father was a prominent opposition figure married to Khamenei’s sister, was being widely shared online after what activist news agency HRANA said was her arrest on Nov. 23.
“O free people, be with us and tell your governments to stop supporting this murderous and child-killing regime,” Moradkhani said in the video. “This regime is not loyal to any of its religious principles and does not know any rules except force and maintaining power.”
Khamenei’s office did not immediately respond to a Reuters request for comment.
HRANA said 450 protesters had been killed in more than two months of nationwide unrest as of Nov. 26, including 63 minors. It said 60 members of the security forces had been killed, and 18,173 protesters detained.
The protests, sparked by the death of 22-year-old Kurdish Iranian woman Mahsa Amini after her arrest for “inappropriate attire,” pose one of the strongest challenges to the country’s clerical establishment since the 1979 Islamic Revolution.
Jalal Mahmoudzadeh, a member of parliament from the mainly Kurdish city of Mahabad, said on Sunday that as many as 105 people had been killed in Kurdish-populated areas during the protests. He was speaking in a debate in parliament as quoted by the Entekhan website.
Widespread opposition 
Challenging the Islamic Republic’s legitimacy, protesters from all walks of life have burned pictures of Khamenei and called for the downfall of Iran’s Shiite Muslim theocracy.
The video was shared on YouTube on Friday by her brother, France-based Mahmoud Moradkhani, who presents himself as “an opponent of the Islamic Republic” on his Twitter account, and then by prominent Iranian rights activists.
On Nov. 23, Mahmoud Moradkhani reported her sister’s arrest as she was heeding a court order to appear at the Tehran prosecutor’s office. Farideh had been arrested earlier this year by Iran’s Intelligence Ministry and later released on bail.
HRANA said she was in Tehran’s Evin security prison. Moradkhani, it said, had earlier faced a 15-year prison sentence on unspecified charges.
Her father, Ali Moradkhani Arangeh, was a Shiite cleric married to Khamenei’s sister and recently passed away in Tehran following years of isolation due to his stance against the Islamic Republic, according to his website.
Farideh Moradkhani added in her video: “Now is the time for all free and democratic countries to recall their representatives from Iran as a symbolic gesture and to expel the representatives of this brutal regime from their countries.”
On Thursday, the United Nations’ top human rights body decided by a comfortable margin to establish a new investigative mission to look into Tehran’s violent security crackdown on the anti-government protests.
Criticism of the Islamic Republic by relatives of top officials is not unprecedented. In 2012, Faezeh Hashemi Rafsanjani, the daughter of late former president Akbar Hashemi Rafsanjani, was sentenced to jail for “anti-state propaganda.”
Iranian authorities released on bail the activist and blogger Hossein Ronaghi on Nov. 26 to undergo medical treatment, according to his brother writing on Twitter.
Concerns had been growing about Ronaghi’s health after he went on a hunger strike last month. 


Yemen FM: Houthis must be classified as ‘terrorist group’

Yemen FM: Houthis must be classified as ‘terrorist group’
Updated 27 November 2022

Yemen FM: Houthis must be classified as ‘terrorist group’

Yemen FM: Houthis must be classified as ‘terrorist group’
  • US ambassador renewed his country's condemnation of the Houthi terrorist attacks on oil facilities
  • Saudi Arabia’s ambassador to Yemen said the Houthi attacks on oil ports are “terrorist operations”

The Houthis must be classified as a terrorist group, Yemen’s Minister of Foreign Affairs, Ahmed Awad bin Mubarak, told on Sunday the US Ambassador to Yemen, Steven Fagin. 

The Yemeni government is planning on designate the Houthis as a terrorist organization, Mubarak said, stressing the importance of the international community's support for those decisions.

The two sides discussed the challenges that face the peace process, and the Houthis threat to international navigation and international peace and security, state news agency SABA reported.

Mubarak said that the Houthis aimed to “brainwash society” and impose a “racist identity” instead of the national one, the report said.

The US ambassador renewed his country's condemnation of the Houthi terrorist attacks on oil facilities, stressing the United States’ support for the security, stability and unity of Yemen.

Meanwhile, Saudi Arabia’s ambassador to Yemen, Mohammed bin Saeed al-Jaber, said that the Houthi attacks, using Iranian weapons, on oil ports are “terrorist operations.”  He added that Houthi attacks on civilian facilities harm the interests of Yemeni people.

“The international community is working to support the truce, and we encourage those efforts,” the ambassador said.

“We hope that international efforts will contribute to pushing the Houthis to support the peace process.”

He also the Arab Monetary Fund will help the Central Bank of Yemen to stabilize the economy.


Syrian Kurds warn Washington against any Turkish ground operation

Syrian Kurds warn Washington against any Turkish ground operation
Updated 27 November 2022

Syrian Kurds warn Washington against any Turkish ground operation

Syrian Kurds warn Washington against any Turkish ground operation
  • Threat of Daesh resurgence ‘is being used as pressure tactic on US to convince Ankara to de-escalate situation’
  • Turkiye considers the SDF and its leading Kurdish group, the People’s Protection Units, as terror groups due to their links with the PKK

ANKARA: Commander of the Syrian Democratic Forces Mazloum Abdi has told reporters that his troops have halted operations against Daesh following Turkiye’s aerial attacks on northern Syria over the past week. 

Four Turkish soldiers were killed on Saturday during Turkiye’s anti-terror operation in northern Iraq to clear the area of terrorists.

Amid signs that Ankara is now preparing for a ground offensive with the help of Turkiye-backed opposition fighters, Abdi’s statement from the US-backed Kurdish forces is considered a message to Washington to put pressure on Turkiye to prevent any military move in the region.

At a time when the US is attempting to assess its relations with its NATO ally and its Kurdish partners in Syria, Turkiye’s recent air attacks have drawn some criticism from Washington regarding their close proximity to adjacent coalition bases where US soldiers are stationed.

Ankara blames Syrian offshoots of the outlawed Kurdistan Workers’ Party for the deadly Nov. 13 bombing in Istanbul’s Istiklal Street that killed six Turkish citizens and injured more than 80.

Turkiye considers the SDF and its leading Kurdish group, the People’s Protection Units, as terror groups due to their links with the PKK.

Soner Cagaptay, of the Washington Institute, believes that the US will not oppose Ankara as it has done in the past.

He told Arab News: “The importance of Syria is fast retreating for the US government in favor of Ukraine, and the relative significance of the YPG is diminishing.

“Turkiye’s support for the Ukraine militarily against the Russian invasion, and Ankara’s critical position as a broker for the grain corridor deal, have also added to their value for the US in the strategic picture.”

According to Cagaptay, Turkiye has also used its leverage in the wake of supporting Swedish and Finnish bids to join NATO.

He added: “NATO’s allies have voiced support for Turkiye and did not criticize their arguments against the YPG.”

Samuel Ramani, an associate fellow at the Royal United Services Institute, says “the Syrian Kurds are using the threat of a Daesh resurgence as a pressure tactic on the US to convince Turkiye to de-escalate the situation.”

He told Arab News: “This is very similar to what unfolded during the 2019 Operation Peace Spring offensive in which former US President Donald Trump was heavily criticized for green-lighting Turkiye’s offensive and allowing Daesh to experience a potential recovery."

The SDF’s strategy is unlikely to work, according to Ramani, and he says it is difficult to see Washington now facing the same kind of blowback as Trump received in 2019. 

He said that Turkiye “has emerged as a critical mediator in the Ukraine war and the US has refrained from sanctions against the country over the continued use of S-400 systems for this reason.”

He added: “If it is not objecting to the procurement of Russian military technology, the US certainly will not crack down very hard on Turkiye over an escalation in northern Syria or Iraq.

“SDF officials have admitted their concern that the US will not do enough, and perceive the US as being disengaged from the Syrian conflict overall.”

SDF’s Abdi said that Turkish airstrikes over the past week had damaged the region’s infrastructure.

He added: “The forces that work symbolically with the international coalition in the fight against Daesh are now targets for the Turkish state and therefore (military) operations have stopped.”

Cagaptay believes that the SDF and YPG were once important partners for the US in beating Daesh, which is now defeated.

The SDF, which is the key US partner in combating Daesh in Syria, has also warned about the importance of retaining intact the security of the Al-Hol camp, which is home to Daesh family members, while the Kurdish authorities operate several detention facilities in northeastern Syria that host thousands of opposition fighters.

Cagaptay said: “YPG’s main role is now reduced to prison-keeper of the locations holding relatives of the extremists, mostly Iraqi and Syrians, that no Western country wants to take back.”

SDF’s comments came at the time of fresh reports that bases hosting US-led coalition forces in the northeastern Syrian town of Shaddadeh had been targeted by two rockets. The attacks were believed to have been perpetrated by militias backed by Iran.

In a short statement on Wednesday, US Central Command announced that American troops were put at risk, but no service members were injured in the strike.

Turkiye’s Defense Minister Hulusi Akar said on Friday that his forces would never harm coalition forces or civilians, after being questioned over allegations that warplanes hit targets near a US base in northern Syria.

Akar also held a meeting on Saturday with Chief of Turkish General Staff Yasar Guler and authorities from Turkish Land Forces Command in Ankara.

Cagaptay said: “Diminishing the security of the camps as a retaliation for Turkiye’s airstrikes will only end US support to the YPG and reduce the significance of the Syrian Kurds in the eyes of US policymakers.”

Turkiye has continued airstrikes — using fighter jets and drones — against Kurdish rebels in northern Iraq and Syria to remove militants from the border.

Experts believe that SDF statements will not alter Turkiye’s plans to pursue a potential ground operation, the fourth of its kind since 2016, in the west of the Euphrates River in the coming weeks.

Ankara and Moscow agreed in 2019 to pull YPG forces back 30 km to the south of the Turkish border. 

President Recep Tayyip Erdogan said on Saturday that Turkiye “is determined to make its borders safe against terrorism.”

He added: “Hopefully, with these operations, we show our determination to gradually make every inch of our country safe, starting from beyond the border.”