Risk Level:
99% May harm your business future; Persons or entities that engage in transactions with this entity will be exposed to sanctions or subject to an enforcement action;

Working with this entity means supporting Iranian Regime, Regime Terrorist Activities & development of WMD

Top Alert – Entity designated / sanctioned for terror, WMD and human rights violation

Behzad Mesri (Mesri) compromised multiple user accounts belonging to a U.S. media and
entertainment company in order to repeatedly gain unauthorized access to the company’s
computer servers and steal valuable stolen data including confidential and proprietary
information, financial documents, and employee contact information;

Mesri then engaged in anattempt to extort the victim company for $6 million;

Behzad Mesri, Net Peygard Samavat Company’s CEO, was involved in the purchase of multiple servers. Behzad Mesri, is designated pursuant to E.O. 13606 for having acted or purported to act for or on behalf of, directly or indirectly, Net Peygard Samavat Company;

Iran-based Net Peygard Samavat Company and several associated actors were involved in a malicious cyber campaign to gain access to and implant malware on the computer systems of current and former U.S. counterintelligence agents. OFAC designated Net Peygard Samavat Company pursuant to E.O. 13606 for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, the IRGC-EWCD;

In May 2017, Iran-based black-hat hacker Behzad Mesri began conducting reconnaissance of the networks and employees at Home Box Office (HBO), a premium cable and satellite television network. He spent the next two months compromising employees’ accounts so that he could access corporate servers and exfiltrate sensitive data. Some of the information he stole included footage from upcoming episodes of popular HBO shows like “Curb Your Enthusiasm.” Three weeks before OurMine hacked the network’s Facebook and Twitter accounts, Mesri sent an email to multiple HBO executives and employees claiming he had stolen 1.5 terabytes of HBO’s data. A follow-up email alleged that he had lifted full scripts and cast lists for “Game of Thrones” as well as “precious data” for unaired shows. Mesri, who previously worked for the Iranian military, issued his ultimatum to HBO on 23 July 2017: pay $5.5 million in Bitcoin or suffer the public release of its stolen data. The member of the Turk Black Hat hacking group upped his demands to $6 million three days later. After HBO refused to meet the ransom, Mesri publicly released some of the stolen data beginning on 30 July 2017 and throughout August. He helped promote the data dumps by creating a Twitter profile that announced the leaks and by sending emails to the media about the disclosures, reveals a statement published by the Department of Justice. It didn’t take long for law enforcement to catch wind of what Mesri was doing. Such interest begot an investigation that culminated in a grand jury indictment on the black-hat hacker on 8 November 2017. Filed in the United States District Court, Southern District of New York, those court documents charged Mesri with one count of wire fraud, a crime which carries a maximum sentence of 20 years in prison; one count of computer hacking, which carries a maximum sentence of five years in prison; three counts of attempting to undermine information’s confidentiality, each of which bear a maximum prison stay of five years; and one count each of both aggravated identity theft and the interstate transmission of extortion-based threats, crimes which both carry a maximum sentence of two years in prison;

IT sector

Also Known As:
Skote Vahshat

26 Aug 1988


Reason for the color:
» Added to the Specially Designated Nationals (SDN) list maintained by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on February 13, 2019 pursuant to E.O. 13606 for having acted or purported to act for or on behalf of, directly or indirectly, Net Peygard Samavat Company;
» U.S. Department of Justice, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated Behzad Mesri under Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” as amended. The entity designated today engaged in the theft of valuable intellectual property and data from hundreds of U.S. and third-country universities and a media company for private financial gain;
» Mesri is the subject of an indictment announced by the U.S. District Court for the Southern District of New York on November 21, 2017;
» Behzad Mesri – Wanted by the FBI

You May Be Interested

IFMAT Color Guide

We sort entities who are connected with terrorist activities, in two sections, first by risk and second by geolocation.
GeoLocation divisions are divided into two fields, Black List and Gray List.
BlackList is a list of all companies, organizations and figures who originate from Iran.
GrayList is a list of all companies, organizations and figures out of Iranian borders, and doing business with Iran.
We identify risk of entities by COLOR selection, each color marks the risk level of the entity.(by declining order)
Designated / Sanctioned / Illicit entities
Entities affiliated with Designated / Sanctioned / Illicit entities.
Entities sanctioned in the past for Terror or Illicit activities / WMD related / Human rights violations.
Entities in a problematic sector - Sector controlled by the Top Alert entities.
Legitimate entities - we cannot determine whether an entity is completely green, and that is due to the facts that the Iranian economy is not transparent enough for us. Be sure.