Treasury Department sanctions Iranians for cyberattacks

The sanctions include actions against "hackers who execute cyber-attacks on American financial institutions.”

The U.S. Treasury Department on Thursday announced sanctions against 11 entities for supporting Iran’s Islamic Revolutionary Guard Corps and alleged attacks against the U.S. financial system.

The targets of the sanctions are the Sadid Caran Saba Engineering Company (SABA) which is accused of providing support for Iran’s ballistic missile program, the Khors Aircompany and Dart Airlines, which are accused of illegally procuring American airplanes, individuals from ITSec Team for roles in denial of service attacks against U.S. financial institutions and individuals from Mersad Co. for “causing a significant disruption to the availability of a computer or network of computers.”

“Treasury will continue to take strong actions to counter Iran’s provocations, including support for the IRGC-Qods Force and terrorist extremists, the ongoing campaign of violence in Syria, and cyber-attacks meant to destabilize the U.S. financial system,” Treasury Secretary Steven Mnuchin said in a release.

ITSec Team and Mersad Co. are private Iranian firms that the U.S. government says works on behalf of the Iranian government.


Sadegh Ahmadzadegan managed the Mersad Co. botnet to attack 24 U.S. financial companies in 2012 and 2013. Sina Keissar and others developed and attacked targets with malware allowing the hackers to take over victims’ computers.

Earlier this year, the Justice Department charged seven Iranians, including several who were sanctioned today, from those companies with hacking U.S. companies including a successful 2013 breach against at the Bowman Avenue Dam in Rye Brook, New York.

Patrick Howell O'Neill

Written by Patrick Howell O'Neill

Patrick Howell O’Neill is a cybersecurity reporter for CyberScoop based in San Francisco.

Latest Podcasts