Iranian Hacking Collective Suspected of LVS Attack May Have Been Shut Down for Running Gambling Sites

Posted on: January 17, 2019, 02:16h. 

Last updated on: January 17, 2019, 02:16h.

An Iranian hacking collective that was likely to have been behind 2015’s massive cyberattack on Las Vegas Sands Corp. was shut down last year by the government in Tehran, possibly because some of its members were operating online gambling sites, a report by cybersecurity intelligence firm Recorded Future suggests.

In 2013, LVS chairman and CEO Sheldon Adelson suggested during a panel discussion at Yeshiva University that the US should detonate and nuclear bomb in the Iranian desert, a remark that may have cost his company $40 million. (Image: Kin Cheung/AP)

Recorded Future discovered that an internet forum called “Ashiyane,” which had direct ties to Iran’s Revolutionary Guard Corps via its founder, Behrooz Kamalian, had become a platform for some of the most sophisticated cyberattacks against world governments and major companies over the past two decades.

These included computer systems belonging to Israeli and US government organizations, such as Mossad and NASA, as well as Saudi targets, such as the hugely destructive 2012 attack on the state-owned oil company, Saudi Aramco — then the world’s most valuable company.

Ashiyane was likely to have targeted LVS because of the opposition of its chairman and CEO Sheldon Adelson to the Obama administration’s negotiations with Iran over its nuclear program.

LVS Attack

In 2013, as a panel guest at the Yeshiva University campus in New York discussing the topic of “Iran, Assimilation and the Threat to Israel and Jewish Survival,” Adelson suggested detonating a nuclear bomb in the Iranian desert, “harmlessly,” to show the country who was boss while warning that Tehran would be next.

“You want to be wiped out? Go ahead and take a tough position and continue with your nuclear development,” said Adelson.

His comments were not well received in Iran. “If Americans are telling the truth that they are serious about negotiationthey should slap these prating people in the mouth and crush their mouths,” the Ayatollah Khamenei responded.    

February 10, 2015, attackers based in Iran attacked LVS’s networks, shutting down servers, wiping hard drives, stealing data, and ultimately causing around $40 million worth of damage.  

The hackers left personal messages for Adelson, such as: “Encouraging the use of Weapons of Mass Destruction, UNDER ANY CONDITION, is a Crime, signed, the Anti WMD Team,” and “Damn A, Don’t let your tongue cut your throat.”

Online Gambling on the Side

On March 12, 2018, Ashiyane announced it had been ordered by an Iranian court to shut down its operations, offering no further information.

But sources in Iran told Recorded Future that Ashiyane was running online gambling sites on the side and may have been rumbled by the government.

The platform had been linked to online gambling before. In 2013, a forum database was leaked online — presumably by rival hackers — and an email address connected to the forum’s database support was revealed to belong to the owner of several Iranian-facing online poker sites.

The punishments available to online gambling operators in Iran include life imprisonment and death — which is at least something the Ayatollah Khamenei and Sheldon Adelson can finally agree on.