$10 Million Bounty for Info on Iranian Hackers Targeting U.S.

The U.S. Department of State has announced a reward of up to $10 million for information regarding the whereabouts of six Iranian hackers responsible for a series of cyberattacks on critical U.S. infrastructure in 2023.

According to the State Department, the individuals in question are employees of Iranian security services linked to the hacking groups of the Islamic Revolutionary Guard Corps (IRGC), particularly the CyberAv3ngers group. One of the cybercriminals, Mahdi Lashgarian, is allegedly the head of the IRGC and the commander of the Qods Force. The other five individuals hold high-ranking positions within the IRGC.

The CyberAv3ngers group, affiliated with the IRGC and Mahdi Lashgarian, targeted programmable logic controllers (PLCs) from the Israeli company Unitronics, which are used in water treatment facilities, energy, food processing, healthcare, and other industries.

In February 2024, the U.S. Department of the Treasury announced sanctions against six IRGC officials. The sanctions include the freezing of all assets and property of individuals within the U.S. or under the control of U.S. citizens. Any transactions involving the assets or property of these sanctioned individuals in the U.S. are also prohibited.

In January, Recorded Future presented evidence of the involvement of Iranian military intelligence structures in cyberattacks against Western countries. The report revealed close ties between several organizations associated with the IRGC and contractor companies engaged in cyberattacks.