The US government is offering a $10 million bounty for information leading to the identification or location of members of the Iranian hacking group CyberAv3ngers. This initiative, announced by the U.S. Department of State’s Rewards for Justice program, aims to address the growing threat posed by foreign cyber actors targeting critical infrastructure. The CyberAv3ngers, affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), have been linked to cyberattacks on various sectors, including water, energy, and healthcare, by exploiting programmable logic controllers (PLCs).
The U.S. Department of Treasury has already imposed sanctions on several individuals associated with the IRGC-CEC, including Hamid Reza Lashgarian, who leads the cyber operations for the IRGC. This sanctions list includes other key figures like Hamid Homayunfal and Mahdi Lashgarian. These sanctions block their assets and prohibit U.S. persons from engaging in transactions with them, reflecting the serious stance the U.S. is taking against these threats.
CyberAv3ngers has gained notoriety for its attacks on Israeli-made PLCs, where they have compromised default credentials and left provocative messages on the devices. Since late 2023, their activities have extended to the U.S., displaying messages such as “You have been hacked, down with Israel.” This expansion of their cyber operations underscores the international dimension of the threat.
The bounty offered by the U.S. is part of a broader strategy to combat cyber threats and safeguard national infrastructure. By providing financial incentives for information, the U.S. aims to disrupt the operations of these hacking groups and enhance cybersecurity through international collaboration. This effort highlights the increasing importance of addressing cyber threats with comprehensive and coordinated responses.
Reference:
