The US State Department has announced a reward for 6 Iranian hackers who were responsible for a series of cyber infrastructure attacks on the United States in 2023. These hackers are reportedly employees of Iranian security services associated with the hacker groups of the Islamic Revolutionary Corps (Xir), specifically the Cyberav3NGERS group. One of the hackers, identified as Mahdi Lashgarian, is believed to lead the forces of Ksir and KUDS.
The Cyberav3ngers hackers, linked to Xir and Mahdi Lashgarian, targeted programmable logical controllers (PLC) manufactured by the Israeli company Unitronics that are used in various critical industries such as water treatment, energy, food, and healthcare.
In February 2024, the US Department of Treasury imposed sanctions on 6 Xir officials, which involve freezing all their assets and properties within the United States or under the control of American citizens. Additionally, any transactions involving the assets of these sanctioned individuals in the US are prohibited.
Earlier in January, Recorded Future released a report providing evidence of Iranian military reconnaissance structures being involved in cyber attacks against Western countries. The report highlighted the close connections between various organizations associated with CSIR and private contracting firms engaged in cyber warfare.