Mediaboss Marketing

State Department is concurrently designating Russian and Iranian entities for wrongful detention of U.S. nationals

WASHINGTON Today, the Department of the Treasurys Office of Foreign Assets Control (OFAC) sanctioned four senior officials of Irans Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO), an entity that is being concurrently designated by the State Department for its role in the hostage-taking or wrongful detention of U.S. nationals in Iran. The IRGC-IO frequently holds and interrogates detainees in the notorious Evin Prison, in addition to the IRGC-IOs direct role in the repression of protests and arrest of dissidents, including dual nationals. Todays action is the first under Executive Order (E.O.) 14078, Bolstering Efforts to Bring Hostages and Wrongfully Detained U.S. Nationals Home, which reaffirms the fundamental commitment of the U.S. government to bring home those U.S. nationals held hostage and wrongfully detained abroad.

Concurrent with this action, OFAC implemented the Department of States designation of Russias Federal Security Service, in addition to the IRGC-IO, for their involvement in the wrongful detention of U.S. nationals abroad.

Todays action targets senior officials and security services in Iran and Russia that are responsible for the hostage-taking or wrongful detention of U.S. nationals abroad, said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson. We are committed to bringing home wrongfully detained U.S. nationals and acting against foreign threats to the safety of U.S. nationals abroad.

The E.O. draws on the authority of the 2020 Robert Levinson Hostage Recovery and Hostage Taking Accountability Act, which is a credit to the perseverance of the Levinson family and others who have worked to turn their familys extraordinary hardships into constructive and meaningful action.

Ruhollah Bazghandi is the IRGC-IO Counterintelligence official. In this role, Bazghandi has been involved with the detention of foreign prisoners held in Iran. Bazghandi has worked on behalf of the IRGC-IO in several capacities, including involvement in IRGC-IOs operations in Syria, and assassination plots against journalists, Israeli citizens, and others deemed enemies of Iran.

Mohammad Kazemi became the commander of the IRGC-IO in June 2022. Kazemi oversees the IRGC-IOs operations suppressing civil society in Iran and arresting Iranian dissidents, including dual nationals. He has also overseen the regimes brutal crackdown against protests across the country in response to the killing of Mahsa Amini. Kazemi was previously designated by OFAC on October 26, 2022, for having acted for or on behalf of the IRGC.

Mohamad Mehdi Sayyari is the IRGC-IO Co-Deputy Chief. Sayyari has been directly involved in arranging logistics for prisoners in Iran.

Mohammad Hasan Mohagheghi, the IRGC-IO Co-Deputy Chief Brigadier General, has reported to several of the senior most IRGC Commanders on RGC-IO operations. Mohagheghi served as a liaison between senior IRGC officials and IRGC-IO officials on counterespionage operations in Syria.

Ruhollah Bazghandi, Mohammad Kazemi, Mohammad Mehdi Sayyari, and Mohammad Hasan Mohagheghi are being designated pursuant to E.O. 14078 for acting or purporting to act for or on behalf of, directly or indirectly, the IRGC-IO, a person whose property and interests in property are blocked pursuant to E.O. 14078.

As a result of todays action, all property and interests in property of the designated persons described above that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC. In addition, any entities that are owned, directly or indirectly, individually or in the aggregate, 50 percent or more by one or more blocked persons are also blocked. Unless authorized by a general or specific license issued by OFAC, or exempt, OFACs regulations generally prohibit all transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or otherwise blocked persons.

In addition, financial institutions and other persons that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action. The prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated person, or the receipt of any contribution or provision of funds, goods, or services from any such person.

The power and integrity of OFAC sanctions derive not only from OFACs ability to designate and add persons to the SDN List, but also from its willingness to remove persons from the SDN List consistent with the law. The ultimate goal of sanctions is not to punish, but to bring about a positive change in behavior. For information concerning the process for seeking removal from an OFAC list, including the SDN List, please refer to OFACs Frequently Asked Question 897 here. For detailed information on the process to submit a request for removal from an OFAC sanctions list, please click here.

Click here for more information on the individuals and entities designated today.

###

Read the rest here:
Treasury Sanctions Officials of Iranian Intelligence Agency ... - Treasury

In an effusive and enthusiastic speech to the Knesset plenum, Speaker of the US House of Representatives Kevin McCarthy pledged Monday that the US would continue to fully fund Israels security needs, while denouncing Iranian aggression in the Middle East, as well as efforts to isolate Israel internationally.

In a speech replete with both praise for Israel and biblical quotations, McCarthy lauded Israel as the birthplace of the Jewish people, described the country as a modern miracle, and insisted on its right to defend itself from attack.

And he spoke of the importance of bipartisan support for Israel from both Republicans and Democrats as crucial for the relationship between the two countries.

In later comments, he repeated his statement that he would invite Prime Minister Benjamin Netanyahu to Washington if US President Joe Biden continues to refuse to do so, but said such a visit would be conducted in a bipartisan manner, with meetings with Republicans and Democrats.

He also weighed in on the governments controversial judicial overhaul program, saying checks on government power were a crucial part of democracy, but maintained that the issue was an internal Israeli matter that should be resolved by Israelis.

McCarthy was warmly welcomed to the Knesset by Knesset Speaker Amir Ohana, Netanyahu, and opposition leader Yair Lapid, and received a strong round of applause from the assembled MKs after he finished his speech.

The US House speaker began his address by pointing out that his visit to Israel was his first international engagement since being sworn in in January.

US House Speaker Kevin McCarthy speaks at a special session of the Knesset plenum, May 1, 2023. (Yonatan Sindel/Flash90)

And I chose to come here now today to celebrate the bond between our two countries and to reaffirm that bipartisan support for Israel in Congress is at the foundation for our truly special relationship, said McCarthy.

He declared that the land of Israel was the birthplace of the Jewish people and affirmed the historical connection of the land to the Jewish nation.

Ladies and gentlemen: Israels rebirth is nothing less than a modern miracle, he continued, praising Israels survival in the face of war and terrorism, and its story of pioneers inspired by a commitment to freedom, family, and faith in God.

He also claimed that the US and Israel were the only two countries in history that were conceived in liberty and dedicated to the proposition that we are all equal, saying these principles were the foundation of the special relationship between the two countries.

McCarthy said Congress wanted to help Israel broaden and deepen the Abraham Accords, signed with four Arab countries in 2020, while working for a sustainable peace with all of Israels neighbors, in what may have been a vague reference to the Israeli-Palestinian conflict, a topic that was otherwise entirely absent from his address.

Addressing Irans regional activity and support for terror groups and militias, McCarthy said the one primary source of turmoil in the Middle East was Iran, which, he said, continues to fund terrorism, arm its proxy militias, and pursue nuclear weapons.

Prime Minister Benjamin Netanyahu speaks at a special session of the Knesset plenum for US House Speaker Kevin McCarthy, May 1, 2023. (Yonatan Sindel/Flash90)

He said the US would continue to assist Israel in defending its security against Irans efforts to encircle Israel with hostile forces and develop nuclear weapons, noting Israels integration into US Central Command and joint military exercises between the two countries.

As long as I am speaker, America will continue to support full funding for security assistance in Israel And as we stand shoulder to shoulder against Irans regional aggression, we must also remain resolute in our commitment that Iran will never acquire nuclear weapons, said McCarthy.

The speaker also raised concerns regarding Chinese industrial espionage, saying US and Israeli technological developments were threatened by the efforts of the Chinese Communist Party to steal technological intellectual property from Western companies.

Accusing the CCP of acting like thieves, McCarthy said the US was working to protect its innovation and called on Israel to further strengthen its oversight of foreign investment particularly Chinese investment in order to stymie such activity.

Before McCarthys speech, Netanyahu welcomed him to the Knesset and averred that Israel had no better friend on the planet than the US.

Youre in the pulsating heart of Israeli democracy its a very noisy heart, he continued, and, in reference to his governments judicial overhaul program, insisted that he and his coalition were committed to trying to get a broad consensus, as broad as we can get, on the matter of judicial reform.

US House Speaker Kevin McCarthy speaks during a press conference at the Knesset, May 1, 2023. (Yonatan Sindel/ Flash90)

At a press conference following McCarthys speech, the House speaker repeated his comments made in an interview with Israel Hayom on Monday that he would invite Netanyahu to Washington if Biden does not.

I expect the White House to invite the prime minister over for a meeting especially because of Israels 75th anniversary, said McCarthy following Bidens recent comments that Netanyahu would not be receiving an invite to Washington in the near future.

Asked whether he would invite the prime minister to address Congress if no White House invitation was forthcoming, McCarthy said Yes and noted that he had a long relationship with the prime minister.

McCarthy said it would be appropriate for the prime minister to visit Washington, but added that such a trip would include bipartisan meetings with Republicans and Democrats from the House of Representatives.

Addressing the coalitions judicial shakeup program, McCarthy said that checks on governmental power were an important part of democratic government, but insisted that judicial reform in Israel is an internal issue and that it should be decided by the Israeli public.

Israel is their own nation, only it can decide what it wants to do. In a democracy, you want checks and balances and a separation of powers but we leave it up to you how to decide that, said McCarthy.

The rest is here:
McCarthy extols ties at Knesset, vows full support for Israeli security against Iran - The Times of Israel

Levent Kenez/Stockholm

Hakan Atilla, the former deputy general manager of Halkbank who was convicted of conspiring to violate US sanctions on Iran by a federal court in Manhattan in 2018, shared on Instagram on Monday that while he was heading to Cyprus for a vacation with his family, his passport was seized at the airport and he was taken to a police station and notified that he was prohibited from leaving the country. Stating that he had served the country for years and defended it, referring to his trial in the US, Atilla added a note saying, The biter gets bit.

Reminding that he had previously been detained at an airport in New York, Atilla said he was used to this but objected to the treatment he received when with his family.

Atilla, who was sentenced to 32 months in prison after standing trial in the US District Court for the Southern District of New York, returned to Turkey on July 23, 2019 from the US, where he had been jailed for 28 months. He was greeted like a hero at the airport in stanbul by Berat Albayrak, the then-economy minister and son-in-law of Turkish President Recep Tayyip Erdogan. Atilla was later appointed to the prestigious position of head of the stanbul Stock Exchange (Borsa Istanbul). Many people at the time considered this appointment to be the equivalent of hush money.

Atilla unexpectedly announced his resignation on March 8, 2021. The Turkish media reported that he was uncomfortable with some of the governments demands.

Atillas name has recently come to the fore again with allegations of illegal money transfers related to Iran.

Muhammed Yakut, a formerly pro-government businessman who made claims about figures close to President Erdogan and his Islamist ruling party in videos he broadcast on YouTube, said Erdogans son Bilal Erdogan, his son-in-law Berat Albayrak and several former ministers laundered a large sum of money by issuing false documents as if they were trading with Iran through Aktifbank.

Aktifbank belongs to businessman Mustafa alk, who is close to Erdogan, and Albayrak served as the general manager of alks holding between 2007 and 2013.

Yakut claims that money transfers were made to nonexistent Iranian companies and that he himself visited Mustafa rak, chairman of the Presidential Security and Foreign Policy Board and former deputy undersecretary of the Turkish intelligence agency (MT), showing him documents of illegal bank transactions amounting to 1.2 billion euros.

Indicating that rak was shocked when he saw the documents, Yakut added that he had handed over the money receipts and Swift codes.

On April 19 journalist Serdar Akinan, who interviewed Yakut on his own YouTube channel, was detained and questioned by the prosecutors office. In statements he made after he was recently released, he revealed that he, too, was asked about money laundering claims.

Akinan told the prosecutor that he asked Atilla about the allegations concerning Aktifbank before the interview with Yakut and that after Atilla told him they were true, he decided that Yakuts revelations were serious and that he was worth interviewing.

The ban on Atillas travel abroad was implemented immediately after Akinans detention since Atilla told Turkish media yesterday that he had traveled abroad many times before and that the ban was new, strengthening the possibility that the ban is related to Atillas statement to Akinan.

Atilla stated that the reason for the travel ban was not explained to him and that such a prohibition can only be imposed with a court decision. Most likely, an investigation has been opened into Atilla or a criminal complaint has been filed against him. It wouldnt be surprising if Atilla, who is currently free under the travel ban, will be detained the next time he speaks out given the fact that this is how things work in Erdogans Turkey.

Last year, after his resignation from the stanbul Stock Exchange, allegations were made against him in the pro-government media, which had treated him like a hero until then. Atilla was accused of making disclosures that harmed Turkey during his trial in New York. Atilla revealed for the first time important information about his trial in a written statement he sent to the pro-government Sabah daily, which had made accusations against him. Atilla, who was accused of not voicing the claim that Halkbank has immunity during his trial, stated that his family, himself and his lawyers many times requested that the Turkish Embassy in Washington, D.C., communicate to US authorities that he was a state official and thus had immunity. He also added that the records of his requests are available.

Atilla previously said the passport of his wife, who wanted to visit him while he was in prison in the US, was canceled and that a travel ban was imposed on her, a clear message that his family in Turkey would be in trouble if he testified against the bank and the Erdogan family during his trial.

In 2019 US federal prosecutors in the Southern District of New York indicted Turkish state lender Halkbank (Trkiye Halk Bankas A..) on six counts including fraud, money laundering and sanctions offenses related to the banks participation in a multi-billion dollar scheme to evade US sanctions on Iran.

According to the indictment, between 2012 and 2016, prosecutors alleged that Halkbank and its officers, agents and co-conspirators directly and indirectly used money service businesses and front companies in Iran, Turkey, the United Arab Emirates and elsewhere to violate and to evade and avoid prohibitions against Irans access to the US financial system, restrictions on the use of proceeds of Iranian oil and gas sales and restrictions on the supply of gold to the government of Iran and to Iranian entities and persons.

Halkbank knowingly facilitated the scheme, participated in the design of fraudulent transactions intended to deceive US regulators and foreign banks and lied to US regulators about Halkbanks involvement, the indictment states.

US federal prosecutors previously charged nine defendants, including bank employees, the former Turkish economy minister and other participants in the same scheme. On October 26, 2017 Reza Zarrab, the key suspect in the case, pled guilty to the seven counts with which he was charged. He became a government witness who confessed he had bribed Turkish government officials.

Ankara has described the Halkbank case as political, arguing that Halkbank has immunity from prosecution in the US because it is a state bank. In 2022 Halkbank lawyers claimed that according to the Foreign Sovereign Immunities Act (FSIA), it cannot be tried in a criminal court in the US. The federal court, however, found its claim unjustified, upon which Halkbank appealed to the US Supreme Court. On April 19 the Supreme Court rejected the claim of sovereign immunity under FSIA made by Halkbank.

In 2013 Turkish prosecutors revealed to the public a graft investigation in which Zarrab and the inner circle of then-prime minister Erdogan including government ministers were incriminated. Government officials and Halkbank managers were accused of accepting bribes from Zarrab in a sanctions-busting scheme run through Halkbank to circumvent US sanctions on Iran. Erdogan dismissed the corruption allegations, sacked the prosecutors and police chiefs and squelched the graft probes. He also described the investigations as a plot by the Glen movement, a group critic of the government, to topple the government and launched a crackdown on the movement.

Read more:
Erdogan government warns banker to keep quiet about new money ... - Nordic Research and Monitoring Network

An Iranian state-sponsored hacking group has been accused of deploying a new strain of malware named BellaCiao against several victims in the U.S., Europe, India, Turkey and other countries.

Researchers from cybersecurity firm Bitdefender attributed the malware to APT35/APT42 also known as Mint Sandstorm or Charming Kitten an advanced persistent threat group that is allegedly run by Irans Islamic Revolutionary Guard Corps (IRGC).

Martin Zugec, technical solutions director at Bitdefender, told Recorded Future News that the malware developers named the malware BellaCiao as a reference to an Italian folk song about resistance fighting.

BellaCiao is a dropper malware designed to deliver other malware onto a victims device based on instructions from the attackers.

It is designed to be completely stealthy and doesn't communicate with the threat actors much. It's completely passive in receiving the instructions while it works. I've never seen the technique that theyre using before, he said.

Every single implant is customized for that specific victim. It's completely designed so that after initial compromise, it can turn into almost like a stealth mode. It doesn't do anything until they are ready to weaponize their access.

Based on their analysis of several victims, Zugec said it was clear the hackers were organizing victims by country based on the folder names researchers found. They discovered folders named for Israel, Turkey, Austria, India and Italy.

Zugec said they were unable to figure out the initial infection vector but said the primary targets were Microsoft Exchange servers, meaning the hackers most likely used one of the popular Microsoft Exchange exploit chains like ProxyShell or ProxyNotShell. Zugec noted that the Charming Kitten group has also been caught using the Log4j vulnerability during its attacks.

As soon as BellaCiao is deployed, it tries to disable Microsoft Defender. Bitdefender said the malware then opens the door for other strains typically used for the purposes of espionage, data theft, ransomware/extortion and others.

The campaign is highly sophisticated and Bitdefender said it is currently ongoing.

We believe this campaign is the next stage after opportunistic attacks. Charming Kitten looks for vulnerable systems indiscriminately (using vulnerability exploits), then custom malware (BellaCiao) is developed for compromised organization and deployed remotely, the researchers said.

Microsoft which calls the group Mint Sandstorm reported last week that the same Iranian hacking group spent much of 2021 and 2022 directly targeting US critical infrastructure including seaports, energy companies, transit systems, and a major US utility and gas entity.

The increased aggression of Iranian threat actors appeared to correlate with other moves by the Iranian regime under a new national security apparatus, suggesting such groups are less bounded in their operations, Microsoft explained.

Given the hardline consensus among policymakers in Tehran and sanctions previously levied on Irans security organizations, Mint Sandstorm subgroups may be less constrained in carrying out malicious cyber activity.

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Read the original here:
Iran APT using 'BellaCiao' malware against targets in US, Europe ... - The Record by Recorded Future

Iranian Defense Minister Mohammad Reza Ashtiani suggested that the Shanghai Cooperation Organisation, a Eurasian geopolitical organization, increase its role as a maritime organization, with the goal of projecting its power against the West.

Iran recently joined the SCO, which serves as one of several organizations that China and Russia seek to use to push the international system towards being multi-polar, designed to supplant the US. BRICS (Brazil, Russia, India, China and South Africa) and CICA (Conference on Interaction and Confidence Building Measures in Asia) are also used as conduits to this end.

The SCO, which works on economic and defense issues, is considered the worlds largest regional organization in terms of both geography and population. It includes China, Kazakhstan, Kyrgyzstan, Russia, and Tajikistan, as well as India and Pakistan, with Iran being the most recent addition in 2022.

Last year, an article at Brussels-based think tank Centre for Youth and International Studies (CYIS) noted that maritime security cooperation is a viable area of activity between the SCO and the Association of Southeast Asian Nations (ASEAN). Within the SCO, Iran, Pakistan, India, China and Russia are coastal states, while Southeast Asia is at the junction of the Indian and Pacific Oceans.

This important article noted that the combined maritime space of these organizations comprises the Persian Gulf, Indian Ocean, and Pacific Ocean. This shared maritime space presents several non-traditional security challenges to both organizations, such as piracy, terrorism at sea, illegal migration, illegal fishing, smuggling and man-made or natural disasters to name a few.

Thus, the SCO and ASEAN are well-positioned to collaborate to address these shared security challenges as a larger Greater Eurasian Security Community, it added.

Yet, so far the SCO does not have a maritime security mechanism. Now, the pro-Iran, pro-Syria Al-Mayadeen news channel reported that Ashtiani is pushing for more muscular defense initiatives by SCO. This move is part of Irans new tactics in Oman, and also in Beirut, which was recently visited by Iranian Foreign Minister Hossein Amir-Abdollahian.

Shanghai has become an influential organization in global developments and equations, whose expansion and strengthening can be an effective measure in promoting and advancing multilateralism in the international arena, Ashtiani said. We can deal with common security challenges and threats in the region and the world.

Now the Iranians want to use the SCO to increase defense and military cooperation, they want India to play a part in this as well. But India is close to the West and is also a strategic partner of Israel, so that might prove a challenge.

India also works with the I2U2 group and the Quad, a group that includes Australia, India, Japan and the US. But Iran has a different mission, as well as a defense minister that says that the world is no longer run by the West, it is no longer unipolar and is dominated by the US.

Ashtiani wants the SCO to promote global pluralism and what he sees as a balance of power, and hopes to influence the creation of a Shanghai maritime security belt, as a large part of global trade is linked to the SCO.

According to Ashtiani, It is time for global multilateralism and balance of power.

Read more from the original source:
Iran pushes for new maritime security zone in bid to intimidate West - The Jerusalem Post