The US government has announced rewards of up to $10 million for information leading to the identification or location of members of an Iranian hacking group now known as Shahid Shushtari. This reward offer comes approximately one year after a joint advisory by the US and Israel described the group’s activities, which were then identified under the name of its front company, Aria Sepehr Ayandehsazan (ASA). The group has been known by several previous names, including Emennet Pasargad, Ayandeh Sazan Sepehr Arya (ASSA), Eeleyanet Gostar, and Net Peygard Samavat Company, and in the private sector, it has been tracked as Cotton Sandstorm, Marnanbridge, and Haywire Kitten.

According to the US, which has been monitoring the group’s activities since 2020, Shahid Shushtari operates under the command of Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC). This designation places the group directly under a major branch of the Iranian military responsible for cyber operations. This high-level affiliation underscores the serious and state-sponsored nature of the threat group’s activities against international targets.

In the past year, the group has been accused of conducting cyberattacks, including those targeting the 2024 Summer Olympics and the systems of a US-based IPTV streaming company. Furthermore, Shahid Shushtari, or its earlier iterations, was previously sanctioned by the US for its involvement in influence operations aimed at disrupting the 2020 US presidential election. These activities demonstrate a pattern of sophisticated operations targeting both critical infrastructure and democratic processes.

GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025

The US has now formally identified Mohammad Bagher Shirinkar as the leader of the Shahid Shushtari group. Additionally, Fatemeh Sedighian Kashi has been named as a long-time employee of the front company who maintains a close relationship with Shirinkar and works directly with him in planning and executing cyber operations. Identifying these key individuals is part of the broader US strategy to disrupt the group’s operations and hold its members accountable for their actions.

The hackers are reported to be operating out of Tehran, from where they launch cyberattacks and influence operations against a wide array of critical infrastructure sectors across the US, Europe, and the Middle East. The targeted sectors include news organizations, shipping, travel, energy, financial services, and telecommunications companies. The US is urging anyone with information on Mohammad Bagher Shirinkar, Fatemeh Sedighian Kashi, Shahid Shushtari, or associated entities involved in malicious cyber activities or foreign interference in US elections to contact the Rewards for Justice program through its secure Tor-based reporting channel.

Source: United States Posts 10 Million Dollar Bounty Targeting Iranian Hackers