Terror organization: IRGC Intelligence Organization
Status: Associated with Iran-based cyber company Afkar System Yazd Co. (Afkar) since at least 2015. He is working in cyber command of the IRGC Intelligence Organization (Division 2000).
Roll: Amir Hossein Nickaein Ravari (Nickaein) is wanted for his alleged involvement in a coordinated campaign that compromised hundreds of computer networks across the United States and abroad.
Nickaein has been associated with Iran-based cyber company Afkar System Yazd Co. (Afkar) since at least 2015.
Location: Iran;
Also Known As: Amir Hossein Nickaein, Amir Hossein Nickaeen, Amir Nikayin; Nickaein; Nik Ayin;
Address:
Iran;
Date(s) of Birth Used: April 13, 1992
Place of Birth: Yazd Province, Iran
Nationality: Iranian
Activities:
Ahmed Khatibi and Nik Ayin were arrested by the Ministry of Intelligence and were charged with hacking without coordination with the Ministry of Intelligence for the purpose of extortion, drinking alcoholic beverages and sexual relations with female employees of Afkar system and sent to Evin prison, but with the mediation of Ahmad Esfandi they were released.
Between October 2020 and August 2022, Iranian cyber actors Nickaein, Mansour Ahmadi, and Ahmad Khatibi Aghda allegedly gained unauthorized access to protected networks, exfiltrated data, encrypted computer systems, and extorted victims for ransom, causing damage to and disrupting operations of organizations across multiple sectors, including critical infrastructure, government agencies, and non-profit organizations.
The Rewards for Justice Program, United States Department of State, is offering a reward of up to $10 million for information on or about the activities of Amir Hossein Nickaein Ravari, Ahmad Khatibi Aghda, and Mansour Ahmadi.
Amir Hossein Nickaein Ravari, Ahmad Khatibi Aghda, and Mansour Ahmadi are wanted for their alleged involvement in a coordinated campaign which compromised hundreds of computer networks across the United States and abroad. Between October 2020 and August 2022, the three men allegedly gained unauthorized access to protected networks, exfiltrated data, encrypted computer systems, and extorted victims for ransom, causing damage to and disrupting operations of organizations across multiple sectors, including critical infrastructure, government agencies, and non-profit organizations.
On August 10, 2022, a federal grand jury sitting in the United States District Court for the District of New Jersey in Newark, New Jersey, indicted Amir Hossein Nickaein Ravari, Ahmad Khatibi Aghda, and Mansour Ahmadi on charges of conspiracy to commit fraud and related activity in connection with computers, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer.