Iranians Charged in Cyberattack on City of Atlanta

A federal grand jury charged two Iranian nationals with creating and deploying the “SamSam” ransomware that attacked vital Atlanta city computer systems this year in an unsuccessful attempt to extort tens of thousands of dollars from the local government.

A federal grand jury in Atlanta charged two Iranian nationals with creating and deploying the “SamSam” ransomware that attacked vital Atlanta city computer systems this year in an attempt to extort tens of thousands of dollars from the local government, NPR reports. Faramarz Savandi and Mohammed Mansouri were accused in a cyberattack that violated the Computer Fraud and Abuse Act and threatened public health and safety, the U.S. Attorney’s office said. The SamSam malware crippled several city online services for more than a week. After becoming infected, municipal court computers were unable to pull up cases; residents were blocked from paying bills online; and police officers were forced to write reports and book inmates by hand.

The indictment alleges Savandi and Mansouri held 3,789 of the city’s computers hostage, demanding a six bitcoin ransom payment — valued at about $51,000 at the time — in exchange for delivering an encryption key that would restore access to the data. the attack caused the city “to incur substantial expenses” and inflicted “millions of dollars in losses,” the U.S. Attorney said. The city did not pay the ransom. The same two men were charged last week by a federal grand jury indictment in New Jersey with six counts of computer hacking and fraud. The men “allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims,” said Deputy Attorney General Rod Rosenstein. DOJ says they have more than $6 million in ransom payments since they launched SamSam in 2015.

from https://thecrimereport.org