The person at the center of this case
United States financial sector and companies (victims of DDoS attacks)
Cold Case ยท Open
10 years waiting ยท since 2016
NADER SAEDI
Justice for United States financial sector and companies (victims of DDoS attacks) โ the trail went cold in 2016, but the truth hasn't.
Start here
Key leads to think about
๐ฏ
suspect
Lead #1Why did Mersad, a private computer security company, conduct offensive cyber operations on behalf of the Iranian Government?
๐
evidence
Lead #2What specific vulnerabilities in U.S. financial sector servers did Saedi's scripts exploit to build the Kamikaze botnet?
๐
location
Lead #3Is Saedi still residing in Iran, and what Iranian entities continue to employ or protect him?
Nader Saedi is wanted by the FBI for his alleged role in a conspiracy to conduct coordinated distributed denial of service (DDoS) attacks against U.S. financial institutions and companies between 2012 and 2013. As an employee of Mersad, a computer security firm working for the Iranian Government, and a former member of the Iran-based hacking group Sun Army, Saedi allegedly wrote the malicious scripts used to compromise web servers that became part of the Kamikaze botnet. He was indicted on January 21, 2016, in the Southern District of New York, and is believed to be living in Iran.
Case
#621
Iran
Federal Bureau of Investigation (FBI) - U.S. District Court, Southern District of New York
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above โ each detail below could be the thread that pulls this case open.
๐ก
clue
Lead #4What other members of Sun Army and Mersad were involved in this conspiracy and have they been identified or apprehended?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit, and Aid and Abet, Computer Intrusion Caution: Nader Saedi is wanted for his alleged involvement in a conspiracy to conduct a coordinated campaign of distributed denial of service ("DDoS") attacks against the United States financial sector and other United States companies from 2012 through 2013. Saedi was an employee of Mersad, a private computer security company that performed work on behalf of the Iranian Government, and a former member of the Iran-based computer hacking group Sun Army.
He is a self-proclaimed expert in DDoS attacks who allegedly wrote the computer scripts that Mersad used to identify and compromise vulnerable web servers. These servers were later used as bots in the Kamikaze botnet attack.
On January 21, 2016, a grand jury in the United States District Court, Southern District of New York, indicted Saedi for his alleged involvement in the scheme and a federal warrant was issued for his arrest after he was charged with conspiracy to commit, and aid and abet, computer intrusion. Remarks: Saedi is known to speak Farsi and is thought to be living in Iran.
Timeline of Events
๐
2012-01-01
DDoS Campaign Begins
Coordinated campaign of distributed denial of service attacks against U.S. financial sector and companies begins
๐
2013-12-31
DDoS Campaign Ends
Coordinated DDoS attack campaign concludes
๐ต๏ธ
2016-01-21
Federal Indictment
Grand jury in U.S. District Court, Southern District of New York, indicts Nader Saedi for conspiracy to commit and aid and abet computer intrusion; federal warrant issued for arrest
Case Information
Incident:January 1, 2012
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:January 1, 2012
Last Updated:April 29, 2026