Justice Department Indicts Two Iranians Over SamSam Ransomware Attacks

Two Iranian officials have been indicted by U.S. federal prosecutors for creating and deploying the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. TechCrunch reports: Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, were indicted by a federal grand jury in New Jersey on Monday on several counts of computer hacking and fraud charges. The case was unsealed Wednesday, shortly before a press conference announcing the charges by U.S. deputy attorney general Rod Rosenstein. In total, SamSam has generated some $6 million in proceeds to date -- or 1,430 bitcoin at today's value. In a separate announcement, the Treasury said it had imposed sanctions against two bitcoin addresses associated with the ransomware. The department said the two addresses processed more than 7,000 transactions used to collect ransom demands from victims. "The Iranian defendants allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims," said Rosenstein. "According to the indictment, the hackers infiltrated computer systems in ten states and Canada and then demanded payment. The criminal activity harmed state agencies, city governments, hospitals, and countless innocent victims."

One of the victims was the City of Atlanta, which was knocked offline earlier this year and spent a projected $2.6 million in recovery. "It was later discovered that the city's computers had long been vulnerable to leaked exploits developed by the National Security Agency -- later stolen and leaked online for anyone to use," reports TechCrunch.

Re: "...cause more than $30 million in losses"

The tax payer was saved the cost resulting from Israel being nuked

What about indicting the NSA?

[orzetto]

It was later discovered that the city’s computers had long been vulnerable to leaked exploits developed by the National Security Agency — later stolen and leaked online for anyone to use.

Any indictment coming soon for those in a taxpayer-funded federal agency who did not report security holes in critical US infrastructure, but instead developed tools to exploit them, which were later "lost" and ended up in the hands of anyone with an Internet connection? These guys probably reside on US territory and can actually be arrested.

These Iranians are two small-time thugs. What about the Chinese government—do you think they did not duly download the tools and put them to good use?

Stolen from NSA

[gnasher719]

Let's just remember this the next time some politician screams that encryption keys should somehow be made available to the FBI: If the NSA cannot protect malware that it developed (for nefarious but presumably legal in the USA purposes) from being stolen and used for nefarious purposes that are illegal everywhere, then what chance does the FBI have to protect keys that would allow them to crack my phone from being stolen by some hacker?