The person at the center of this case
United States financial sector and companies (victims of cyberattacks)
Cold Case · Open
10 years waiting · since 2016
AHMAD FATHI
Justice for United States financial sector and companies (victims of cyberattacks) — the trail went cold in 2016, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Ahmad Fathi's current location and how can he be extradited from Iran to face charges?
🔍
evidence
Lead #2What specific attack scripts and shells did ITSecTeam employees use, and can they be traced to other cyberattacks?
👤
person
Lead #3Which employees of ITSecTeam were involved in executing the DDoS attacks and have they been identified or prosecuted?
Ahmad Fathi, director of Iranian IT company ITSecTeam, is wanted for allegedly orchestrating a conspiracy to conduct distributed denial of service (DDoS) attacks against U.S. financial institutions and companies between 2011 and 2013. He allegedly provided his employees with attack scripts and tools that were used as bots in coordinated cyberattacks. A federal warrant was issued on January 21, 2016, after a grand jury in the Southern District of New York indicted him for conspiracy to commit and aid and abet computer intrusion.
Case
#628
United States District Court, Southern District of New York; FBI
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4How many U.S. financial institutions and companies were targeted, and what was the total financial impact of the attacks?
📞
contact
Lead #5Are there known associates or co-conspirators in the United States or elsewhere who facilitated these attacks?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit, and Aid and Abet, Computer Intrusion Caution: Ahmad Fathi is wanted for his alleged involvement in a conspiracy to conduct a coordinated campaign of distributed denial of service ("DDoS") attacks against the United States financial sector and other United States companies from 2011 through 2013. Fathi is the director and owner of ITSecTeam, also known as Amnpardazesh Kharazmi, an Iranian Information Technology company.
He allegedly provided his employees with attack scripts and shells for compromised computer systems which were later used as bots in the denial of service attacks. On January 21, 2016, a grand jury in the United States District Court, Southern District of New York, indicted Fathi for his involvement in the scheme and a federal warrant was issued for his arrest after he was charged with conspiracy to commit, and aid and abet, computer intrusion.
Remarks: Fathi is known to speak both English and Farsi.
Timeline of Events
🕵️
2011-01-01
DDoS attack campaign begins
Coordinated campaign of distributed denial of service attacks against U.S. financial sector and companies begins
🕵️
2013-12-31
DDoS attack campaign ends
Coordinated campaign of distributed denial of service attacks against U.S. financial sector and companies concludes
🔍
2016-01-21
Federal indictment issued
Grand jury in U.S. District Court, Southern District of New York, indicts Ahmad Fathi for conspiracy to commit and aid and abet computer intrusion; federal warrant issued for arrest
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:January 1, 2011
Last Updated:May 19, 2026
Leave a comment
Comments
Case Information
Incident:January 1, 2011
Last Updated:May 19, 2026