The U.S. Treasury Department has announced sanctions against an Iranian hacking group, a front company, and more than 45 individuals accused of carrying out a years-long campaign targeting Iranian dissidents, journalists, and international travel companies on behalf of Iran’s Ministry of Intelligence and Security (MOIS).
The September 17 announcement said that the ministry used the hacking group, Advanced Persistent Threat 39 (APT39), and the front company, Rana, to monitor “dissidents, Iranian journalists, former government employees, environmentalists, refugees, university students and faculty, and employees at international nongovernmental organizations.”
Some of the individuals targeted by the campaign had been “subjected to arrest and physical and psychological intimidation” by Iranian intelligence for targeting hundreds of individuals and entities in 30 countries across Africa, Asia, Europe, and North America.
“The United States is determined to counter offensive cybercampaigns designed to jeopardize security and inflict damage on the international travel sector,” U.S. Treasury Secretary Steven Mnuchin said in a statement.
The Treasury Department said that an FBI advisory, also being released on September 17, detailed eight separate and distinct sets of malware used by MOIS through Rana to conduct their computer intrusion activities.
Tensions between Tehran and Washington have risen since President Donald Trump withdrew from a landmark nuclear deal in 2018 between Iran and world powers under which the Islamic republic pledged to curb its atomic ambitions in exchange for sanctions relief.
In addition to reimposing sanctions that were dropped under the deal, Washington has accused Iran of financing extremism in the Middle East, which Iran denies.