Iranian Man Accused In $3.4 Billion U.S. Hacking Spree Arrested
Montenegrin police arrested a 39-year-old dual Iranian-Turkish citizen in Kotor on Thursday, June 25, 2026, on a U.S. warrant tied to a $3.4 billion hacking campaign.[1]
A federal court in New York seeks him on charges including conspiracy to commit computer fraud, hacking and identity theft.[1] Montenegro says he is accused of hacking U.S. infrastructure and about 150 universities since 2013, causing more than $3.4 billion in damage.[1] Police said stolen data benefited Iran's Islamic Revolutionary Guard Corps and other Iranian groups.[1]
In March 2018, the U.S. Department of Justice indicted nine Iranians tied to the Mabna Institute for a coordinated cybertheft campaign that began in 2013. The indictment said the defendants broke into systems at 144 U.S. universities and hundreds of other targets from 2013 to 2017, stealing roughly 31.5 terabytes of data that U.S. prosecutors valued at about $3.4 billion.
A court in Podgorica will hold extradition proceedings after Montenegro detained the suspect, and U.S. authorities may seek his transfer to face trial in New York.[1]
The mainstream summary does not mention that the U.S. Department of Justice previously indicted nine Iranian nationals in 2018 for similar cyber activities, specifically detailing their compromise of systems at 144 U.S. universities and 176 foreign institutions, which resulted in the theft of approximately 31.5 terabytes of data. This context underscores a broader and more coordinated effort by Iranian entities in cyber espionage, with the stolen data reportedly funneled to servers outside the U.S. for the benefit of groups like the Islamic Revolutionary Guard Corps, highlighting the state-sponsored nature of these operations. The summary also downplays the significance of the ongoing pattern of Iranian cyber operations targeting U.S. critical infrastructure, which has been a growing concern for U.S. agencies as they continue to warn about escalating threats from such activities, particularly in light of geopolitical tensions with Iran.
Additionally, a 2026 analysis from the Center for Strategic and International Studies (CSIS) indicates that Iran's cyber capabilities are viewed as a strategic lever in its hybrid threats campaign against adversaries, particularly the U.S. and Israel. This perspective suggests that the hacking activities are not merely opportunistic but part of a calculated strategy to destabilize opponents amid ongoing geopolitical conflicts, a nuance that the mainstream summary does not fully capture.
Show source details & analysis (1 source)
📊 Relevant Data
In 2018, the U.S. Department of Justice charged nine Iranian nationals with compromising systems at 144 U.S. universities and 176 foreign institutions between 2013 and 2017, stealing approximately 31.5 terabytes of academic data and intellectual property that was funneled to servers outside the United States.
📌 Key Facts
- On Thursday, June 25, 2026, Montenegrin police arrested a 39-year-old dual Iranian-Turkish citizen in Kotor.
- A U.S. federal court in New York seeks him on charges including conspiracy to commit computer fraud, hacking and identity theft.
- Montenegro says he is accused of hacking U.S. infrastructure and 150 universities since 2013, causing over $3.4 billion in damage.
- Police state the stolen data allegedly benefited Iran's Islamic Revolutionary Guard Corps and other Iranian organizations.
- A court in Podgorica will conduct extradition proceedings at the U.S. request.
📰 Source Timeline (1)
Follow how coverage of this story developed over time