The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against Iran-based cyber threat actor APT39, associated individuals, and a front company named Rana Intelligence Computing Company.
Active since at least 2014, APT39 is also known as Chafer, Cadelspy, ITG07, and Remexi, and some of its operations also align with the activity of the OilRig group.
Last year, a series of documents supposedly leaked from the Iranian Ministry of Intelligence and Security (MOIS) revealed information on the activities of Rana, which was tracking individuals both in Iran and outside the country, and on its members.
Rana, the Department of the Treasury says, has been operating for years on behalf of the government of Iran to target Iranian dissidents, journalists, and global firms from the travel sector. Both APT39 and Rana are owned and controlled by Iran’s Ministry of Intelligence and Security.
“Rana advances Iranian national security objectives and the strategic goals of [MOIS] by conducting computer intrusions and malware campaigns against perceived adversaries, including foreign governments and other individuals the MOIS considers a threat,” the Treasury Department says.
In addition to Rana, the U.S. sanctioned 45 individuals “for having materially assisted, sponsored, or providing financial, material, or technological support for, or goods or services to or in support of the MOIS.”
These individuals, the U.S. says, were employed at Rana as managers, programmers, and experts ..
Support the originator by clicking the read the rest link below.
