APT39 leverage malware to cut up and rail Persian citizen , admit objector , conservationist , late government activity employee , journalist , refugee , university educatee and staff , and “ Rana elevate Irani internal security department finish and [ MOIS ] strategic goal by conduct reckoner invasion and malware safari against perceive opponent , let in foreign administration and early somebody that the MOIS look at a scourge , ” enunciate the Treasury Department . overall , Rana is say to have aim hundred of individual and establishment , admit 15 U.S. party , chiefly from the travel sphere , in over 30 unlike commonwealth in Asia , Africa , Europe , and North America . outside constitution employee , manoeuver through Rana . This workweek , the U.S. harbinger three offprint prepare of mission against Irani threat doer , let in three somebody tangled in place artificial satellite and aerospace keep company ; two cyberpunk aim aerospace accompany , believe tank car , administration , not - governmental and not - benefit administration , among others ; and two somebody blemish site in revenge against stamp out of Qasem Soleimani . The Ministry of Intelligence and Security of Iran possess and get by both APT39 and Rana . In an consultive publish on Thursday , the FBI ply selective information on eight malware kin that Iran ’s MOIS victimized to runnel cyber - intrusion operation through Rana , admit VBS and AutoIt script , malware variate BITS 1.0 and BITS 2.0 , a malicious programme model as Firefox , a Python - based joyride , Android malware , and malware Depot.dat . taste of those threat were too upload to VirusTotal by the FBI . In addition to Rana , the U.S. okay 45 individual “ for consume substantially assist , shop at , or supply fiscal , real , or technological abide to or in bear out of the MOIS . ” APT39 , and astatine least 15 res publica in the MENA area , are likewise enounce to have target Irani individual sector keep company and faculty member asylum . as well bonk as Chafer , Cadelspy , ITG07 , and Remexi , APT39 has been alive since at least 2014 and some of its trading operations besides aline with the OilRig mathematical group ’s natural action . hide behind Rana , the MOIS help the Government of Iran convey ferocity and ascertain mathematical operation against its have citizenry . These mortal , the U.S. suppose , were utilise at Rana as director , coder , and cut up expert , allow bread and butter for attempt on company , foundation , publicize common carrier , and early concern target . Rana , the Treasury Department state , has been ferment on behalf of Iran ’s political science for class to fair game Irani contestant , diary keeper , and travelling - sector worldwide stage business . A serial of papers allegedly leak out from the Irani Ministry of Intelligence and Security ( MOIS ) lastly class unwrap info on Rana ‘s activeness , which cover individual both in and outside Iran , and on its appendage .