عربي English Türkçe اردو فارسى
Logo
Latest News
World

Iranian Ransomware Programs Take Cybersecurity Experts by Surprise

Ransomware encrypts files on a victim’s computer. The perpetrator then demands ransom payments in exchange for decrypting the files and sometimes also threatens to leak the victim’s data. (Reuters)
Ransomware encrypts files on a victim’s computer. The perpetrator then demands ransom payments in exchange for decrypting the files and sometimes also threatens to leak the victim’s data. (Reuters)
TT
TT

Iranian Ransomware Programs Take Cybersecurity Experts by Surprise

Ransomware encrypts files on a victim’s computer. The perpetrator then demands ransom payments in exchange for decrypting the files and sometimes also threatens to leak the victim’s data. (Reuters)
Ransomware encrypts files on a victim’s computer. The perpetrator then demands ransom payments in exchange for decrypting the files and sometimes also threatens to leak the victim’s data. (Reuters)

Iranian hackers have recently launched cyberattacks against vital institutions and facilities in the United States, raising the concern of law enforcement authorities in the country.

These attacks are added to various others launched by several parties against the US.

With much attention this year on Russian ransomware attacks against the US, the Iranian threat may come as a surprise, said a report by the Foreign Policy magazine, adding that Iranian ransomware groups were quietly emerging as a global force to be reckoned with elsewhere in the world.

On November, the US, Britain and Australia issued a joint warning that Iranian actors have conducted ransomware attacks against US targets and gained access to a wide range of critical infrastructure networks, including the children’s hospital, that would enable more attacks, the report read.

Experts in the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Center (ACSC) and the United Kingdom’s National Cyber Security Center (NCSC) found out that an ongoing malicious cyber activity by an advanced persistent threat (APT) group is associated with the government of Iran.

Ransomware encrypts files on a victim’s computer. The perpetrator then demands ransom payments in exchange for decrypting the files and sometimes also threatens to leak the victim’s data.

“The Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple US critical infrastructure sectors,” the experts warned.

While Iranian ransomware may be relatively unfamiliar to Americans, it has been a part of everyday life in Israel for more than a year, the US magazine noted.

“Iranian actors have targeted almost every sector of Israel’s economy and society.”

The report pointed out that Iran’s successful use of ransomware against Israel has likely emboldened it to expand its focus to the United States.

In September 2020, an Israeli cybersecurity firm first detected Iranian ransomware activity against unspecified “prominent Israeli organizations.”

Another hacking group, Black Shadow, believed to be linked to Iran, was accused of carrying out a major cyberattack in October targeting an Internet service provider in Israel.

The report warned that Iran’s ransomware campaign appears to be on the brink of global expansion.

In 2019, a report prepared by researchers at the US giant Microsoft Corporation said that Iranian hackers are working to infiltrate systems, companies and governments around the world, causing damages amounting to hundreds of millions of dollars.

Some believe these attacks may be part of Iran’s attempts not only to influence cybersecurity and its open conflict with its “rivals” but also to obtain foreign cash, especially the US dollar, to break the blockade imposed on it.

Most Viewed

 
 
World

Russia Pledges ‘Full Support’ for Venezuela Against US ‘Hostilities’

The US Navy replenishment oiler USNS Kanawha (T-AO-196) arrives at port in Ponce, Puerto Rico, amid ongoing military movements, December 21, 2025. (Reuters)
The US Navy replenishment oiler USNS Kanawha (T-AO-196) arrives at port in Ponce, Puerto Rico, amid ongoing military movements, December 21, 2025. (Reuters)
TT
TT

Russia Pledges ‘Full Support’ for Venezuela Against US ‘Hostilities’

The US Navy replenishment oiler USNS Kanawha (T-AO-196) arrives at port in Ponce, Puerto Rico, amid ongoing military movements, December 21, 2025. (Reuters)
The US Navy replenishment oiler USNS Kanawha (T-AO-196) arrives at port in Ponce, Puerto Rico, amid ongoing military movements, December 21, 2025. (Reuters)

Russia on Monday expressed "full support" for Venezuela as the South American country confronts a blockade of sanctioned oil tankers by US forces deployed in the Caribbean, the two governments said.

In a phone call, the foreign ministers of the two allied countries blasted the US actions, which have included bombing alleged drug-trafficking boats and more recently the seizure of two tankers.

A third ship was being pursued, a US official told AFP Sunday.

"The ministers expressed their deep concern over the escalation of Washington's actions in the Caribbean Sea, which could have serious consequences for the region and threaten international shipping," the Russian foreign ministry said of the call between ministers Sergei Lavrov and Yvan Gil.

"The Russian side reaffirmed its full support for and solidarity with the Venezuelan leadership and people in the current context," it added.

"The ministers agreed to continue their close bilateral cooperation and to coordinate their actions on the international stage, particularly at the UN, in order to ensure respect for state sovereignty and non-interference in internal affairs."

The UN Security Council is to meet Tuesday to discuss the mounting crisis between Venezuela and the United States after a request from Caracas, backed by China and Russia.

On Telegram, Venezuela's Gil said he and Lavrov had discussed "the aggressions and flagrant violations of international law being perpetrated in the Caribbean: attacks on vessels, extrajudicial executions, and illicit acts of piracy carried out by the United States government."

US forces have since September launched strikes on boats Washington said, without providing evidence, were trafficking drugs in the Caribbean Sea and eastern Pacific Ocean.

More than 100 people have been killed, some of them fishermen, according to their families and governments.

US President Donald Trump on December 16 announced a blockade of "sanctioned oil vessels" sailing to and from Venezuela.

Trump has claimed Caracas under Maduro is using oil money to finance "drug terrorism, human trafficking, murder and kidnapping.

Gil said Lavrov had affirmed Moscow's "full support in the face of hostilities against our country."

World

Turkish Agents Capture an ISIS Member on the Afghan-Pakistan Border

A Turkish soldier stands guard outside the Silivri Prison and Courthouse complex near Istanbul, Turkey. (File/Reuters)
A Turkish soldier stands guard outside the Silivri Prison and Courthouse complex near Istanbul, Turkey. (File/Reuters)
TT
TT

Turkish Agents Capture an ISIS Member on the Afghan-Pakistan Border

A Turkish soldier stands guard outside the Silivri Prison and Courthouse complex near Istanbul, Turkey. (File/Reuters)
A Turkish soldier stands guard outside the Silivri Prison and Courthouse complex near Istanbul, Turkey. (File/Reuters)

Turkish intelligence agents have captured a senior member of the ISIS terror group in an area along the Afghanistan-Pakistan border, allegedly thwarting planned suicide attacks in Türkiye and elsewhere, Türkiye's state-run news agency reported Monday.

Anadolu Agency said the suspect was identified as Mehmet Goren and a member of the group's Afghanistan-based ISIS-Khorasan branch. He was caught in a covert operation and transferred to Türkiye.

It was not clear when the operation took place or whether Afghan and Pakistani authorities were involved.

The report said the Turkish citizen allegedly rose within the organization’s ranks and was given the task of carrying out suicide bombings in Türkiye, Pakistan, Afghanistan and Europe.

ISIS has carried out deadly attacks in Türkiye, including a shooting at an Istanbul night club on Jan. 1, 2017, which killed 39 people.

Monday's report said Goren’s capture allegedly also exposed the group's recruitment methods and provided intelligence on its planned activities.

World

Iran Arrests Norwegian-Iranian Dual Citizen

Iran's Evin Prison (File photo: Reuters)
Iran's Evin Prison (File photo: Reuters)
TT
TT

Iran Arrests Norwegian-Iranian Dual Citizen

Iran's Evin Prison (File photo: Reuters)
Iran's Evin Prison (File photo: Reuters)

A Norwegian-Iranian dual citizen has been arrested in Iran, Norway's foreign ministry told AFP on Monday.

"The Ministry of Foreign Affairs is aware that a Norwegian citizen has been arrested in Iran, but due to our obligation to respect confidentiality we cannot provide further details," ministry spokesman Mathias Rongved said in an email.

He confirmed the individual was a dual Norwegian-Iranian national and noted the government advises against travel to Iran.

On its website, the Norwegian government states that Iran does not recognise dual citizenship, and it is "therefore very difficult -- virtually impossible -- for the embassy to assist Norwegian-Iranian citizens if they are imprisoned in Iran".

The US-based Human Rights Activists News Agency (HRANA) identified the dual national as Shahin Mahmoudi, born in 1979.

It said she was arrested on December 14 after being ordered to report to authorities in Saqqez, in Iran's western Kurdistan province.

She is being held at a detention center in Sanandaj, it added.

HRANA said her family had not been informed of the reason for her arrest nor had they received any news of her health and well-being.