
The US federal have sanctioned Iranian government for its cybercrime activities against US targets via a range of APT groups since atleast from year 2007.
The sanctions mean that US citizens and visitors to the US are prohibited from doing business or carrying out any transactions involving funds, goods, or services with the designated entities or their proxies.
This is cited on behalf of a recent cyberattack in July that disrupted Albanian government Iran’s tactics; that incident resulted in the leaking of documents purported to be from the Albanian government and PII associated with Albanian residents.
The sanction announcement specifically including the MuddyWater APT and APT39.
MOIS carries out cyber-espionage and disruptive ransomware attacks on behalf of the Iranian government in parallel with the other Iranian security service, the IRGC.
Largely focused on classic espionage targets such as governments and dissidents, and they have been found targeting upstream sources of intelligence like telecos firms and companies with potentially valuable PII.