Info:
MOIS member, Farzin Karimi (Karimi) co-founded the Ravin Academy together with Seyed Mojtaba Mostafavi (Mostafavi), a member of Iran’s Ministry of Intelligence and Security (MOIS), was directed by the MOIS to train and recruit hackers.
Mr. Karimi opened Ravin Academy. Ravin Academy provides services in the following areas:
Information Security Training, Threat Hunting, Cyber Security, Red Team, Digital Forensics, Malware Analysis, Security Audit, Penetration Testing, Network Defense, Incident Response, Vulnerability Analysis, Mobile Penetration Testing, Reverse Engineering, and Security Research.
The Ravin Academy is a school that trains individuals in cyber security and hacking, and recruits from among these trainees for the MOIS. In addition to training and recruitment, Ravin Academy assists the MOIS with a variety of cyber services, including information security training, threat hunting, cyber security, red team, digital forensics, malware analysis, security auditing, penetration testing, network defense, incident response, vulnerability analysis, mobile penetration testing, reverse engineering, and security research.
Ravin Academy is being designated pursuant to E.O. 13606 for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, the MOIS.
Seyed Mojtaba Mostafavi (Mostafavi), a member of Iran’s Ministry of Intelligence and Security (MOIS), was directed by the MOIS to train and recruit hackers. Together with another MOIS member, Farzin Karimi (Karimi), they co-founded the Ravin Academy
Mostafavi and Karimi are being designated pursuant to E.O. 13606 for having acted or purported to act for or on behalf of, directly or indirectly, Ravin Academy.
The MOIS is widely involved in infiltrating internal opposition groups, monitoring domestic threats and expatriate dissents and arresting alleged spies and dissidents.
Specifically, the group (MOIS Cyberteam or FAJR as they called themselves) attacked Saudi Aramco, the Turkish Defense Ministry, and the Turkish immigrant network. The attacks on Turkey were the most successful according to Esfandiyar. Turkish customs resulted in the exfiltration of approximately 500GB of data directly sent to the MOIS. Another feather in their cap was the theft of technology from Azerbaijan used to generate electricity from waste (waste-to-energy). FAJR also attack sites in the United States, Israel, and neighboring states to gather information and technical knowledge Iran was unable to acquire due to sanctions.
The main players on the team working directly for the MOIS:
Farzin Karimi – Team Lead
Masoud Aghdasifam
Ghader (Qader) Ahmadi
Mohammad Farhadzadeh
Seyed Bagher Hosseini
Why Farzin as the lead?
Farzin was selected as the lead due to skill, but that came with a price. Farzin ran a strict shop coupled with an extremely sensitive nature. Farzin did not share anything other than MOIS orders with the team and had a high level of trust with intelligence officials. The team did have internal conflicts that lead to some members being removed. There was also tension between this team working on behalf of the MOIS, and the Islamic Revolutionary Guard Corp. The team did not have a high opinion of MOIS members drawn from the Basij since they did not have the necessary expertise.
Farzin Karimi – Known to participate in the past as a cyber mercenary for the IRGC targeting internal Iranian websites who did not profess the revolutionary ideals. Karimi also trained IRGC cyber mercenaries through a company named Noora Net, a company he lists on his resume. His actions during his time with Noora Net include identifying Iranian civil activities to the IRGC, many of whom disappeared. (noora.ir noorasec.com). Farzin Karimi, co-founder of Ravin Academy, shared how to evaluate and explore the vulnerability of CVE_2020_0688 on Exchange server along with the Exploit script. Karimi enhanced code for DLL Function Proxy. Possible email used by Farzin is 0x0darkcoder@gmail.com
He graduated from K.N. Toosi University of Technology. Khajeh Nasir Toosi University of Technology, also known as K. N. Toosi University of Technology, is a public university in Tehran, Iran, named after medieval Persian scholar Khajeh Nasir Toosi. The university is considered one of the most prestigious, government-sponsored institutions of higher education in Iran.
Involved In:
Cyber Activities
Also Known As:
(Arabic: فرزین کریمی)
MAZLGHANCHAY, Farzin Karimi (Arabic: فرزین کریمی مزلقانچای)
MAZLQANCHAY, Farzin Karimi)
Born:
07 Dec 1992
Country:
Iran
National ID No.:
0440273961 (Iran)