The person at the center of this case
144 U.S. universities, 176 foreign universities, 5 U.S. government agencies, 36 U.S. private companies, 11 foreign private companies, and 2 international NGOs
Cold Case · Open
8 years waiting · since 2018
IRANIAN MABNA HACKERS
Justice for 144 U.S. universities, 176 foreign universities, 5 U.S. government agencies, 36 U.S. private companies, 11 foreign private companies, and 2 international NGOs — the trail went cold in 2018, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1Who are the nine Iranian nationals and what are their current locations and statuses?
🔍
evidence
Lead #2What specific proprietary data and research was stolen from the 500+ targeted institutions?
💡
clue
Lead #3How were the stolen data monetized and sold to Iranian government and university customers?
On February 7, 2018, a federal grand jury in New York indicted nine Iranian nationals for orchestrating a sophisticated hacking conspiracy targeting universities, government agencies, and private companies across the United States and internationally. The defendants, affiliated with the Mabna Institute and working at the behest of Iran's Islamic Revolutionary Guard Corps, allegedly stole proprietary research and data to sell to Iranian government entities and universities. The case remains significant as it exposed a coordinated state-sponsored cyber espionage operation affecting over 500 institutions worldwide, raising critical questions about attribution, international cyber crime prosecution, and the ongoing threat of foreign government-directed hacking campaigns.
Case
#893
United States District Court for the Southern District of New York; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
👤
person
Lead #4What roles did the Islamic Revolutionary Guard Corps play in directing and coordinating this cyber espionage operation?
📍
location
Lead #5How many of the defendants have been apprehended or remain at large outside U.S. jurisdiction?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Computer Intrusions; Conspiracy to Commit Wire Fraud; Computer Fraud–Unauthorized Access for Private Financial Gain; Wire Fraud; Aggravated Identity Theft Caution: On February 7, 2018, a grand jury sitting in the United States District Court for the Southern District of New York, indicted nine Iranian nationals for their alleged involvement in computer intrusion, wire fraud, and aggravated identity theft offenses. As alleged in the indictment, the men were involved in a scheme to obtain unauthorized access to computer systems, steal proprietary data from those systems, and sell that stolen data to Iranian customers, including the Iranian government and Iranian universities.
Each individual was a leader, contractor, associate, hacker for hire, or affiliate of the Mabna Institute, a private government contractor based in the Islamic Republic of Iran that performed this work for the Iranian government, at the behest of the Islamic Revolutionary Guard Corps. Victims of the scheme included approximately 144 universities in the United States, 176 foreign universities in 21 countries, five federal and state government agencies in the United States, 36 private companies in the United States, 11 foreign private companies, and two international non-governmental organizations.
Timeline of Events
🕵️
2018-02-07
Federal Grand Jury Indictment
Nine Iranian nationals indicted in the United States District Court for the Southern District of New York for conspiracy to commit computer intrusions, wire fraud, and aggravated identity theft
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:February 7, 2018
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:February 7, 2018
Last Updated:April 29, 2026