The person at the center of this case
Multiple victims including 144 U.S. universities, 176 foreign universities, 5 U.S. government agencies, 36 U.S. private companies, and international organizations
Cold Case · Open
8 years waiting · since 2018
MOSTAFA SADEGHI
Justice for Multiple victims including 144 U.S. universities, 176 foreign universities, 5 U.S. government agencies, 36 U.S. private companies, and international organizations — the trail went cold in 2018, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1Why has Sadeghi remained in Iran despite the federal warrant, and what protections might he be receiving from Iranian authorities?
🔍
evidence
Lead #2What specific proprietary data was stolen from the targeted universities and companies, and how was it monetized?
📞
contact
Lead #3Who were the direct contacts and handlers at the Mabna Institute coordinating Sadeghi's hacking operations?
Mostafa Sadeghi is wanted for his role in a sophisticated cyber conspiracy that targeted over 320 universities, government agencies, and private companies across the United States and internationally. Operating as a contractor for Iran's Mabna Institute, Sadeghi allegedly orchestrated unauthorized access to computer systems and sold stolen proprietary data to Iranian entities and the Iranian government. Despite a federal indictment issued in February 2018, Sadeghi remains at large in Iran, making this case a significant example of state-sponsored cyber espionage affecting American institutions.
Case
#868
United States (multi-state) and International
United States District Court for the Southern District of New York; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4What digital forensics or communication records could identify other members of the conspiracy network?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Computer Hacking; Conspiracy to Commit Wire Fraud; Computer Fraud - Unauthorized Access for Private Financial Gain; Wire Fraud; Aggravated Identity Theft Caution: Mostafa Sadeghi is wanted for his alleged involvement in criminal activities, including obtaining unauthorized access to computer systems, stealing proprietary data from those systems, and selling that stolen data to Iranian customers such as Iranian universities and the Iranian government. Sadeghi was a contractor and hacker for hire for the Mabna Institute , a private government contractor based in the Islamic Republic of Iran that performed this work for the Iranian government, at the behest of the Islamic Revolutionary Guard Corps.
Victims of the scheme included approximately 144 universities in the United States, 176 foreign universities in 21 countries, five federal and state government agencies in the United States, 36 private companies in the United States, 11 foreign private companies, and two international non-governmental organizations. On February 7, 2018, a grand jury sitting in the United States District Court for the Southern District of New York indicted Sadeghi on computer intrusion, wire fraud, and aggravated identity theft charges, and a federal arrest warrant has been issued for his arrest.
Remarks: Sadeghi is known to speak Farsi and resides in Iran.
Timeline of Events
🕵️
2018-02-07
Federal Indictment Issued
A grand jury in the United States District Court for the Southern District of New York indicted Sadeghi on computer intrusion, wire fraud, and aggravated identity theft charges; federal arrest warrant issued
Case Information
Incident:February 7, 2018
Last Updated:May 12, 2026
Leave a comment
Comments
Case Information
Incident:February 7, 2018
Last Updated:May 12, 2026