WASHINGTON — Two Iranian computer hackers were charged Wednesday in connection with a multimillion-dollar cybercrime and extortion scheme that targeted government agencies, cities and businesses, the Justice Department said.
Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, are accused of creating ransomware known as SamSam that encrypted data on the computers of more than 200 victims, including the cities of Atlanta and Newark, N.J.
Starting in January 2016, the hackers were able to exploit cyber weaknesses, gain access to the victims’ computers and install the ransomware remotely, prosecutors said. The hackers would then encrypt the files on the computers and demand that the victims pay a ransom in bitcoin in order to have their data unlocked, according to the prosecutors.
The hackers, who are not believed to be connected to the Iranian government, were able to make about $6 million and caused the victims of the scheme to lose more than $30 million, prosecutors said.
Other victims included the Colorado Department of Transportation, the Port of San Diego and six health care companies across the U.S., according to the Justice Department.
“SamSam ransomware is a dangerous escalation of cybercrime,” said Craig Carpenito, the U.S. attorney for New Jersey, where Wednesday’s indictment was unsealed. “This is a new type of cybercriminal. Money is not their sole objective. They are seeking to harm our institutions and our critical infrastructure.”
The Justice Department would not say whether any of the municipalities paid the ransom.