New Threat Research: Analyzing CryptoJS Encrypted Phishing Attempt 

Read Threat Research


U.S. Department of Justice Indicts Two Iranians for Ransomware Attack on City of Atlanta

The FBI announced yesterday the indictment of two Iranian citizens for a number of cyber-attacks, including the ransomware attack on the city of Atlanta in March.  The two Iranian citizens have been identified as 34-year-old Faramarz Shahi Savandi, and 27-year-old Shah Mansouri.  The pair are believed to have been behind the SamSam ransomware campaign which began in 2015 and inflicted damage to over 200 different victims around the United States.  Over that three-year period the two Iranians collected approximately $6 million USD. However, the campaign caused an estimated $30 million in damages around the country.  The damage caused to the city of Atlanta alone was believed to have cost approximately $17 million.  Neither of the two men have been taken into custody. U.S. officials are confident that the pair will be able to be captured through their travels, similar to how the FBI was able to capture Chinese spy Yanjun Xu in Belgium in late October.

Analyst Notes

Like China, Iran has no extradition agreement with the U.S., making it unlikely that the pair will be apprehended any other way than while traveling outside of Iran, though now that they have been indicted it is unlikely that they will be apprehended in the near term.