The cyberattacks were in retaliation for the death of Maj. Gen. Qassim Suleimani of Iran in a U.S. military airstrike in January, according to a federal indictment unsealed Tuesday.
Andrew E. Lelling, the U.S. attorney for the District of Massachusetts. His office announced the indictments of two men in connection with a cyberattack that disrupted dozens of websites.Credit…Cj Gunther/EPA, via Shutterstock
- Sept. 15, 2020
Two men have been indicted on charges stemming from the hacking of dozens of websites based in the United States, actions that the federal authorities said were taken in retaliation for the death in an American drone strike of Maj. Gen. Qassim Suleimani of Iran.
The men, Behzad Mohammadzadeh and Marwan Abusrour, were charged with conspiracy to commit intentional damage to a protected computer and intentional damage to a protected computer, according to the indictment, which was dated Sept. 3 and unsealed on Tuesday.
Mr. Mohammadzadeh, a citizen of Iran who the authorities believe is about 19 years old, and Mr. Abusrour, who is about 25 and whom the indictment identifies as “a stateless national of the Palestinian Authority,” are believed to be in their home countries.
The indictment, announced by the U.S. Attorney’s Office for the District of Massachusetts, did not identify or describe the approximately 51 websites that were attacked. The attacks began days after American officials announced the death of General Suleimani, Iran’s most powerful security and intelligence commander, in a drone strike at Baghdad International Airport on Jan. 2, according to the indictment.
General Suleimani was the longtime head of the Islamic Revolutionary Guards Corps’ Quds Force, the foreign-facing branch of Iran’s powerful security apparatus. Shortly after his death was announced, Mr. Mohammadzadeh transmitted codes to 51 websites in the United States, making them display pictures of General Suleimani against an Iranian flag and messages including “Down with America,” according to the indictment.
“These hackers are accused of orchestrating a brazen cyber-assault that defaced scores of websites across the country as a way of protesting and retaliating against the United States for killing the leader of a foreign terrorist organization,” Joseph R. Bonavolonta, special agent in charge of the F.B.I.’s Boston Division, said in a statement. “Now, they are wanted by the F.B.I. and are no longer free to travel outside Iran or Palestine without risk of arrest.”
It was not immediately clear if Mr. Mohammadzadeh or Mr. Abusrour had a lawyer.
According to the indictment, Mr. Mohammadzadeh had publicly claimed that he had hacked more than 1,100 websites around the world to display pro-Iranian messages since September 2018.
Mr. Abusrour had publicly claimed he had defaced more than 300 websites with pro-Islamic and pro-Palestinian messages, the indictment says. He was also a known hacker who had sent unsolicited emails for profit and traded stolen credit cards, according to the indictment.
The two men began working together in December 2019, the indictment said.
On Jan. 2, the Defense Department released a statement claiming responsibility for the airstrike that killed General Suleimani, stating that it was “aimed at deterring future Iranian attack plans.” The killing prompted worldwide political upheaval.
In addition to displaying images of General Suleimani and anti-American slogans, the hacked sites directed visitors to Mr. Mohammadzadeh’s public Instagram page, which included a link to a website where he had posted 400 times, bragging about his hacking activities, the indictment says.
One post to Mr. Mohammadzadeh’s Instagram account showed messages he exchanged with Mr. Abusrour that listed several of the websites they had defaced, according to court documents.
General Suleimani had long been designated a terrorist by the United States and Israel, but many in Iran lauded him as a hero. A New York Times analysis described the strike, which also killed several officials from Iraqi militias backed by Iran, as “the riskiest move made by the United States in the Middle East since the invasion of Iraq in 2003” given the likelihood of an Iranian military response.
After General Suleimani was killed, the chief of cybersecurity at the Department of Homeland Security warned the public to be on alert for cyberattacks.
The website of at least one federal agency, the Federal Depository Library Program, was hacked in early January to feature a doctored photograph of President Trump being punched in the jaw superimposed over a map of the Middle East, and a tribute to General Suleimani. It was not clear Tuesday if that website was among the 51 referred to in the indictment.
“Hacked by Iran Cyber Security Group Hackers,” text on the website read before it was put back online. “This is only small part of Iran’s cyber ability!”