Arash Amiri Abedian & Danial
Jeloudar, Iranian Nationals Charged in Credit Card / Hack
August 10, 2017
superseding indictment was unsealed today charging Arash Amiri Abedian,
31, and Danial Jeloudar, 27, with aggravated identity theft; wire fraud;
and criminal conspiracy and other charges relating to access device
fraud, unauthorized access to, and theft of information from, computers,
and threatening to damage a computer.
Acting Assistant Attorney General for National Security Dana J. Boente,
U.S. Attorney Beth Drake of the District of South Carolina, Assistant
Director Scott Smith of the FBI’s Cyber Division and Special Agent in
Charge Alphonso Norris of the FBI’s Columbia, South Carolina Field
Office made the announcement.
According to the allegations in the superseding indictment filed in
Columbia, South Carolina, beginning in or around October 2007, Abedian
and Jeloudar, residing in the Islamic Republic of Iran, conspired
together to violate multiple U.S. criminal statutes. Specifically, the
indictment alleges they obtained stolen credit card numbers and related
personal information by hacking and otherwise, and used that information
to fraudulently and by extortion obtain money, goods and services from
U.S.-based and foreign victims.
As part of the conspiracy, between 2011 and 2016, Abedian used malicious
software, or “malware,” to capture the credit card and other personal
information of individuals who had transacted with certain merchants’
websites. Abedian then used that information to commit identity theft
and to obtain goods and services by fraud, and, on some occasions,
Abedian then transmitted the stolen information to Jeloudar. For
example, on or about Feb. 21, 2012, Abedian sent Jeloudar approximately
30,000 names and numbers, which he said were unauthorized credit card
numbers and associated information. As part of the conspiracy, in or
around March 2012 and April 2012, Jeloudar ordered and obtained various
equipment, servers, and internet hosting services from a provider in
South Carolina using stolen credit card numbers and other personal
superseding indictment further alleges that, in January 2017, Jeloudar
contacted a California-based online merchant and threatened to disclose
its customers’ credit card numbers and other related information
previously obtained by hacking the merchant‘s website, unless it made a
Bitcoin payment to Jeloudar. Jeloudar also threatened to disclose to the
company’s customers that their private information had been compromised
and launched a denial-of-service attack on the company’s website.
The charges in the indictment are merely accusations and the defendants
are presumed innocent unless and until proven guilty.
The FBI’s Columbia, South Carolina Cyber Squad investigated the case.
The case is being prosecuted by Assistant U.S. Attorney Eric Klumb of
the District of South Carolina and Trial Attorney Heather Alpino of the
National Security Division’s Counterintelligence and Export Control