عربي English Türkçe اردو فارسى
Logo
Latest News
World

Iran Pays Millions in Ransom to End Cyberattack on Banks

Iranians at a bank branch in Tehran (IRNA)
Iranians at a bank branch in Tehran (IRNA)
TT
TT

Iran Pays Millions in Ransom to End Cyberattack on Banks

Iranians at a bank branch in Tehran (IRNA)
Iranians at a bank branch in Tehran (IRNA)

A massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the country's regime to agree to a ransom deal of millions of dollars, POLITICO reported on Thursday.

The newspaper said an Iranian firm paid at least $3 million in ransom last month to stop an anonymous group of hackers from releasing individual account data from as many as 20 domestic banks in what appears to be the worst cyberattack the country has seen, quoting industry analysts and western officials briefed on the matter.

A group known as IRLeaks, which has a history of hacking Iranian companies, was likely behind the breach, the officials said.

The hackers are said to have initially threatened to sell the data they collected, which included the personal account and credit card data of millions of Iranians, on the dark web unless they received $10 million in cryptocurrency, but later settled on a smaller sum.

Iran’s authoritarian regime pushed for a deal, fearing that word of the data theft would destabilize the country’s already-wobbly financial system, which is under intense strain amid the international sanctions the country faces, the officials said.

Iran never acknowledged the mid-August breach, which forced banks to shut down cash machines across the country.

IRleaks entered the banks’ servers via a company called Tosan, which provides data and other digital services to Iran’s financial sector, the officials said.

Using Tosan, the hackers appear to have siphoned data from both private banks and Iran’s central bank. Of Iran’s 29 active credit institutions, as many as 20 were hit, including the Bank of Industry and Mines and the Post Bank of Iran.

Though the attack was reported at the time by Iran International, an opposition news outlet, neither the suspected hackers nor the ransom demands were disclosed.

Iran’s supreme leader delivered a cryptic message in the wake of the attack, blaming the US and Israel for “spreading fear among our people,” without acknowledging the country’s banks were under assault.

Despite the growing tensions between Iran and both the US and Israel, people familiar with the Iranian banking hack told POLITICO that IRLeaks is affiliated with neither the US nor Israel.

Most Viewed

 
 
World

Trump Administration Cancels Travel for Refugees Already Cleared to Resettle in the US

An Afghan refugee man, who asked not to use his name and not to show his face fearing his identity could lead to his capture, speaks during an interview with The Associated Press, in Islamabad, Pakistan, Wednesday, Jan. 22, 2025. (AP)
An Afghan refugee man, who asked not to use his name and not to show his face fearing his identity could lead to his capture, speaks during an interview with The Associated Press, in Islamabad, Pakistan, Wednesday, Jan. 22, 2025. (AP)
TT
TT

Trump Administration Cancels Travel for Refugees Already Cleared to Resettle in the US

An Afghan refugee man, who asked not to use his name and not to show his face fearing his identity could lead to his capture, speaks during an interview with The Associated Press, in Islamabad, Pakistan, Wednesday, Jan. 22, 2025. (AP)
An Afghan refugee man, who asked not to use his name and not to show his face fearing his identity could lead to his capture, speaks during an interview with The Associated Press, in Islamabad, Pakistan, Wednesday, Jan. 22, 2025. (AP)

Refugees who had been approved to travel to the United States before a deadline next week suspending America's refugee resettlement program have had their travel plans canceled by the Trump administration.

Thousands of refugees who fled war and persecution and had gone through a sometimes yearslong process to start new lives in America are now stranded at various locations worldwide. That includes more than 1,600 Afghans who assisted America's war effort, as well as relatives of active-duty US military personnel.

President Donald Trump paused the refugee resettlement program this week as part of a series of executive orders cracking down on immigration. His move had left open the possibility that refugees who had been screened to come to the US and had flights booked before the Jan. 27 deadline might be able to get in under the wire.

But in an email dated Tuesday and reviewed by The Associated Press, the US agency overseeing refugee processing and arrivals told staff and stakeholders that "refugee arrivals to the United States have been suspended until further notice."

There are a little more than 10,000 refugees from around the world who had already gone through the lengthy refugee admission process and had travel scheduled over the next few weeks, according to a document obtained by the AP. It was not immediately clear how many of those had been set to arrive by upcoming deadline.

Among those are more than 1,600 Afghans cleared to come to the US as part of the program that the Biden administration set up after the American withdrawal from Afghanistan in 2021.

Many veterans of America's longest war have tried for years to help Afghans they worked with, in addition to their families, find refuge in the US. Many were prepared for a suspension of the resettlement program but had hoped for special consideration for the Afghans.

"The Trump administration’s early pause of refugee flights is alarming, leaving thousands of Afghan allies in fear and uncertainty," said Shawn VanDiver, a Navy veteran and head of #AfghanEvac, a coalition supporting Afghan resettlement efforts. "We are ready to partner to fix this and urge clear communication with impacted families. Let’s honor our promises and uphold America’s values."

There is a separate path — the special immigrant visa program— specifically for Afghans who worked directly with the US government. VanDiver's group said that program, set up by Congress, did not appear to be affected at this time.

Trump's order signed Monday had given the State Department a week before it began to halt all processing and traveling. It appears the timing was moved up, though it was not immediately clear what prompted the change.

The State Department referred questions to the White House.

Agencies that help refugees settle and adjust to life in America have argued that this is the type of legal immigration that Trump and his supporters say they like and have pointed to the stringent background checks and sometimes yearslong wait that refugees endure before setting foot in America.

"This abrupt halt to refugee admissions is devastating for families who have already endured unimaginable hardship and waited years for the chance to rebuild their lives in safety," Krish O’Mara Vignarajah, head of Global Refuge, one of the 10 US resettlement agencies, said in a statement Wednesday.

"Refugees go through one of the most rigorous vetting processes in the world, and many are now seeing their travel canceled just days, or even hours, before they were set to begin their new lives in the United States," she said. "It’s utterly heartbreaking."

Refugees are distinct from people who come directly to the US-Mexico border with the goal of eventually seeking asylum. Refugees must be living outside of the US to be considered for resettlement and are usually referred to the State Department by the United Nations.

While the resettlement program has historically enjoyed bipartisan support, the first Trump administration also temporarily halted resettlement and then lowered the number of refugees who could enter the country annually.