The US Department of State announced on Wednesday that it’s offering a reward of up to $10 million for information on several Iranian nationals accused of hacking industrial control systems (ICS).
The targets are Hamid Homayunfal, Hamid Reza Lashgarian, Mahdi Lashgarian, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who have been linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), specifically the Cyber-Electronic Command unit.
These individuals are believed to be behind a hacker group named Cyber Av3ngers, which in the fall of 2023 targeted a Unitronics Vision programmable logic controller (PLC) belonging to the Municipal Water Authority of Aliquippa in Pennsylvania. The hackers also targeted ICS at other water utilities in the United States.
The targeted PLCs were exposed to the internet and protected by only a weak default password.
Cyber Av3ngers claims to be a hacktivist group, but the US believes it’s a persona used by the Iranian government to conduct malicious cyber activities.
The members of the Cyber Av3ngers group for which the US government has now announced offering a $10 million reward were previously sanctioned by the Treasury Department.
The US recently also announced $10 million rewards for information on Alphv/BlackCat ransomware operators and affiliates, and a member of the North Korean hacking group APT45.
Related: Over 40,000 Internet-Exposed ICS Devices Found in US: Censys
Related: US Offering $10 Million Reward for Information on Change Healthcare Hackers
Related: States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities
