The person at the center of this case
United States financial sector and critical infrastructure
Cold Case ยท Open
10 years waiting ยท since 2016
HAMID FIROOZI
Justice for United States financial sector and critical infrastructure โ the trail went cold in 2016, but the truth hasn't.
Start here
Key leads to think about
๐ฏ
suspect
Lead #1What is Firoozi's current location and identity in Iran, and does he maintain contact with ITSecTeam operatives?
๐
evidence
Lead #2What specific server infrastructure did Firoozi procure, and are there financial records or hosting providers that can trace his procurement activities?
๐ก
clue
Lead #3How did Firoozi gain access to SCADA systems at Bowman Avenue Dam, and what was the objective of that intrusion?
Hamid Firoozi is wanted for his role in a coordinated conspiracy to conduct distributed denial of service (DDoS) attacks against U.S. financial institutions and companies between 2011 and 2013, allegedly procuring server infrastructure for the Iranian IT company ITSecTeam. He is also charged with unauthorized intrusion into the SCADA systems of Bowman Avenue Dam in Rye, New York in late 2013. Firoozi was indicted on January 21, 2016, and is believed to be living in Iran; locating him remains critical to understanding the full scope of the cyber attacks and identifying other potential conspirators.
Case
#623
United States District Court, Southern District of New York; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above โ each detail below could be the thread that pulls this case open.
๐
contact
Lead #4Who else within ITSecTeam and international cyber networks collaborated with Firoozi on these attacks?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit, and Aid and Abet, Computer Intrusion; Unauthorized Access to a Protected Computer Caution: Hamid Firoozi is wanted for his alleged involvement in a conspiracy to conduct a coordinated campaign of distributed denial of service ("DDoS") attacks against the United States financial sector and other United States companies from 2011 through 2013. Firoozi allegedly procured computer server infrastructure in the United States and elsewhere that was then used by ITSecTeam, an Iranian information technology company, to allegedly coordinate and direct the DDoS attacks.
Firoozi is also charged for his alleged involvement in an intrusion into the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Avenue Dam in Rye, New York, during late 2013. On January 21, 2016, a grand jury in the United States District Court, Southern District of New York, indicted Firoozi for his involvement in the scheme and a federal warrant was issued for his arrest after he was charged with conspiracy to commit, and aid and abet, computer intrusion; and unauthorized access to a protected computer.
Remarks: Firoozi is known to speak Farsi and is thought to be living in Iran.
Timeline of Events
๐
2011-01-01
DDoS Campaign Begins
Coordinated distributed denial of service attacks against U.S. financial sector and companies begin, allegedly directed by ITSecTeam through server infrastructure procured by Firoozi
๐
2013-12-31
Bowman Avenue Dam Intrusion
Unauthorized intrusion into SCADA systems of Bowman Avenue Dam in Rye, New York during late 2013
๐ต๏ธ
2016-01-21
Federal Indictment
Grand jury in U.S. District Court, Southern District of New York indicts Firoozi for conspiracy to commit computer intrusion and unauthorized access to protected computers; federal warrant issued for arrest
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:January 1, 2011
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:January 1, 2011
Last Updated:April 29, 2026