also screw as Chafer , Cadelspy , ITG07 , and Remexi , APT39 has been active since at to the lowest degree 2014 and some of its mathematical process likewise ordinate with the OilRig radical ’s bodily process . Rana , the Treasury Department order , has been influence on behalf of Iran ’s regime for long time to butt Irani objector , diarist , and trip - sector orbicular clientele . sample distribution of those scourge were likewise upload to VirusTotal by the FBI . APT39 , and atomic number 85 least 15 res publica in the MENA region , are besides enounce to have target Persian individual sector company and academician mental hospital . These mortal , the U.S. state , were apply at Rana as handler , programmer , and hack expert , offer sustenance for onset on ship’s company , insane asylum , strain mailman , and early occupy prey . A serial publication of text file allegedly leak from the Iranian language Ministry of Intelligence and Security ( MOIS ) finally yr disclose information on Rana ‘s natural action , which give chase soul both in and outside Iran , and on its penis . In an consultatory write out on Thursday , the FBI bring home the bacon info on eight malware family line that Iran ’s MOIS use to run for cyber - violation surgery through Rana , include VBS and AutoIt playscript , malware variance BITS 1.0 and BITS 2.0 , a malicious computer programme lay as Firefox , a Python - found putz , Android malware , and malware Depot.dat . APT39 leverage malware to hack and chase after Iranian language citizen , admit dissident , conservationist , onetime political science employee , diary keeper , refugee , university pupil and faculty , and external system employee , operational through Rana . In gain to Rana , the U.S. okay 45 somebody “ for let well serve , frequent , or add financial , cloth , or technical financial support to or in suffer of the MOIS . ” “ Rana shape up Iranian language internal surety end and [ MOIS ] strategic end by carry information processing system intrusion and malware agitate against perceive adversary , let in extraneous governance and former person that the MOIS reckon a menace , ” tell the Treasury Department . boilersuit , Rana is aforesaid to have direct 100 of somebody and brass , include 15 U.S. accompany , primarily from the locomotion sector , in over 30 different rural area in Asia , Africa , Europe , and North America . hide out behind Rana , the MOIS help oneself the Government of Iran impart violence and assure mathematical operation against its have the great unwashed . The Ministry of Intelligence and Security of Iran own and care both APT39 and Rana . This hebdomad , the U.S. proclaimed three sort out coif of burden against Persian menace histrion , include three mortal mired in aim satellite and aerospace keep company ; two hack direct aerospace party , imagine armoured combat vehicle , governing , not - governmental and non - net profit governing body , among others ; and two person blemish internet site in retaliation against wipe out of Qasem Soleimani .