Treasury Sanctions Iranians Involved in 2011-12 Bank DDoS Attacks

The Treasury Department’s Office of Foreign Assets Control today announced sanctions against 11 entities and individuals for support of previously sanctioned Iranian actors and for malicious cyber-crime, including a series of distributed denial of service attacks against U.S. financial institutions.

The sanctions singled out Iranian company ITSec Team for planning and executing the DDoS attacks against nine large U.S. banks and stock exchanges between December 2011 and December 2012 — a period when ITSec Team was performing work on behalf of the Iranian government. OFAC also sanctioned three Iranians working for or on behalf of ITSec Team.

The sanctions also targeted four individuals who worked for Mersad, a computer security firm affiliated with Iran’s Islamic Revolutionary Guard Corps. These Iranians worked on a Mersad botnet that targeted U.S. corporations during DDoS attacks with malware and remote access hacks.