Monday, October 19, 14:50
Home security US: Sanctions on a company linked to the Iranian regime for hacking ...

US: Sanctions on a company linked to the Iranian regime for hacking operations

The US government today imposed sanctions on a company that covered a massive hacking operation organized and executed by the Iranian regime against its own citizens as well as companies and governments of other countries. Sanctions were imposed on Rana Intelligence Computing Company, also known as Rana Institute or Rana. However, the sanctions were imposed not only on the company itself but also on 45 current and former employees, including managers, developers and hacking experts. U.S. officials said Rana was acting as a "front" for the Iranian Ministry of Information and Security (MOIS). Its main tasks were to conduct hacking campaigns both locally and internationally.

US imposes sanctions on Iranian company for hacking operations

Through its local activities, Rana helped the Iranian regime monitor Iranian citizens, dissidents, journalists, former government officials, environmentalists, refugees, students, teachers, and anyone else it considered a threat to the regime.

In addition, Rana violated government networks neighboring countries of Iran, but also foreign Companies operating in various fields such as telecommunications, travel and education. According to officials, Rana, by violating companies from other countries, could identify individuals whom MOIS considered threatening.

At times, Rana's hacking companies left traces through which companies cybersecurity managed to link them to the Iranian regime.

Rana company affiliated with the Iranian regime

Investigations into these hacking companies, behind which Rana is located, can be found in cybersecurity reports on the activities of a hacking group known as APT39, Chafer, Cadelspy, Remexi or ITG07. Each of these names has been attributed by different cybersecurity companies, but they all refer to the same threat, which in this case is Rana.

However, for a long time, no one knew of Rana's existence, let alone that she was a company working with the APT39 group and the Iranian regime. The first time people heard about it was in a ZDNet article published in May 2019 that referred to information leaks related to Iranian hacking groups. At that time, strangers leaked the source code of malware of the APT34 team, data on MuddyWater server backends and excerpts from Rana internal documents labeled "secret".

US sanctions VS Iranian regime

The Israeli cybersecurity company ClearSky stated in a report published in May 2019 that these Rana documents are included victim lists, strategies for cyber attacks, areas access, a list of employees and screenshots from sites related to espionage systems. In addition, at the time, cybersecurity companies suspected that Rana was an Iranian APT, but no one could link her to a known hacking group.

This mystery, however, is now solved. In press releases from the US Treasury Department and the Federal Bureau of Investigation, the US government has formally linked Rana with APT39 and MOIS. According to US officials, some of Rana's hacking companies they may not have limited themselves to gathering information, but they have also moved on violations human rights, with unjustified arrests, which were followed by physical and psychological intimidation by MOIS agents.

The sanctions now ban US companies from working with Rana and her 45 current or former employees. Simultaneously with the current sanctions, the FBI issued one notice, which includes eight separate sets of malware used by Rana (MOIS) to invade computers.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


The Windows 10 Calculator has been ported to Linux

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. The ...

System breach exposes Kleenheat customer data

Australian-based gas company Kleenheat has warned some of its customers of data breaches, which may ...

US Election: Candidates manipulate voters via email!

The politicians who are candidates for the upcoming US elections use psychological tricks and "dark" patterns in their emails to ...

Google Chrome and Edge create random debug.log logs

An error in the latest version of Chrome and other Chromium-based browsers causes random debug.log files to be created ...

TikTok: Announced bug bounty program to detect vulnerabilities

The company behind the popular video sharing application TikTok announced last week that it has launched a public bug bounty program, ...

Windows 10: Unlock God Mode and see all Settings

Windows 10 comes with the Control Panel and Settings, but the modern application of Settings has a peculiarity, the basic ...

Microsoft: Releases emergency updates to fix RCE vulnerabilities

Microsoft has released emergency security updates to address two vulnerabilities that allow remote code execution (RCE) and affect Microsoft ...

Ransomware: Your business will never be the same again after an attack

A ransomware attack can harm an organization in many ways - from stopping being able to function ...

Foxtons suffered data breach, according to a newspaper

According to a newspaper report, Foxtons allegedly fell victim to data breach, which led to the deactivation of the MyFoxtons website ...

Google: Warned of 33.000 attacks by state hackers

During the first three quarters of 2020, Google sent over 33.000 alerts to users to warn them about phishing ...