FBI releases new information on alleged Iranian deep-cover spies

MEK supporters CaliforniaThe United States Federal Bureau of Investigation has charged two men of Iranian descent, who were arrested in California, of operating as deep-cover spies for Iran. Documents filed in a federal court in Washington, DC, name the men as Majid Ghorbani, 59, and Ahmadreza Mohammadi Doostdar, 38. Both have American citizenship and were arrested by the FBI in August, following a year-long counterintelligence investigation. The Los Angeles Times reports that Ghorbani is believed to have immigrated to the US from Iran in 1995. For the past two decades he has worked as a waiter at an upscale Persian restaurant in Santa Ana. Doostdar was born in the southern Californian city of Long Beach, but eventually moved with his family to Canada, and later to Iran, where he grew up. But he kept his US citizenship and made regular trips to America. It is believed that he planned to eventually move with his family to California.

According to the FBI, the two men were tasked by Iranian intelligence with carrying out surveillance on Jewish religious, cultural and political facilities in the US. They were also tasked with conducting surveillance and compiling reports of diplomatic and other facilities connected to the state of Israel. Another part of their mission, said the FBI, was collecting information on the activities and individual members of Mujahideen-e Khalq (MEK), a militant group that has roots in radical Islam and Marxism. The MEK initially supported the Islamic Revolution of 1979, but later withdrew its support, accusing the government of Ayatollah Khomeini of “fascism”. It continued its operations in exile, mainly from Iraq, where its armed members were trained by the Palestine Liberation Organization and other Arab leftist groups. Until 2009, the European Union and the US officially considered the MEK a terrorist organization. But the group’s sworn hatred against the government in Iran brought it close to Washington after the 2003 US invasion of Iraq. By 2006, the US military was openly collaborating with MEK forces in Iraq, and in 2012 the group was dropped from the US Department of State’s list of foreign terrorist organizations. Today the group enjoys open protection from the EU and the US.

Documents filed in court by the FBI state that the two men were secretly recorded during a year-long counterintelligence operation, as they traveled throughout the US to observe MEK rallies and gather intelligence or Israeli diplomatic facilities. Locations visited by the two men allegedly include Chicago, New York and Washington, as well as several cities in the American West Coast. During those visits, they would compile reports that, according to the FBI, were meant to “enable an intelligence or military unit find [and] neutralize a threat”. The men also traveled back to Iran through third countries, bringing back written operational instructions from their Iranian intelligence handlers, according to the FBI documents. IntelNews wrote about the arrest of the two men in August. However, this is the first concrete information released by the FBI about their identities and activities. They are both accused of acting as unregistered agents of a foreign government —a technical term for deep-cover espionage.

Author: Joseph Fitsanakis | Date: 15 January 2019 | Permalink

Advertisements

Holland says Iranian spies assassinated two men on Dutch soil

Dutch Police HagueAuthorities in Holland have officially accused Iran of ordering the contract murders of two men on Dutch soil in 2015 and 2017, one of them just a block away from the Dutch foreign ministry’s headquarters. The announcement illuminates the reason behind the expulsion of two Iranian diplomats from Holland last year, which the authorities did not explain at the time.

The first of the two assassinations happened on December 15, 2015, in Almere, a coastal town located 25 miles east of Amsterdam. The victim was Mohammad-Reza Kolahi, a 56-year-old electrician who was wanted in Iran for allegedly planting a bomb in 1981. The bomb targeted the headquarters of the ruling Islamic Republican Party, killing more than 70, and is often referred to as the deadliest domestic terrorist attack in Iran’s history. Kolahi, a member of a Marxist-Islamist group calling itself the People’s Mujahedin Organization of Iran (MEK), fled the country and was sentenced to death in absentia. He eventually married a Dutch national and acquired Dutch citizenship, changing his name to Ali Motamed. He was reportedly shot in the head at point-blank range by two assailants dressed in all black. Nearly two years later, on November 9, 2017, Ahmad Mola Nissi was also shot in the head in broad daylight by two assailants. The murder took place in the middle of the street in downtown Hague, site of Holland’s parliament and a host of international institutions. Nissi, 52, was a co-founder of the Arab Struggle Movement for the Liberation of Ahwaz (ASMLA), a secessionist group that seeks an independent Arab homeland in the oil-rich southwestern regions of Iran. Tehran has claimed for decades that both groups, MEK and ASMLA, have been supported by Iraq, Israel, the United States and the European Union.

On Tuesday, Holland’s Minister of Foreign Affairs, Stef Blok, informed the Dutch parliament that the country’s intelligence services had provided “strong evidence” that the Islamic Republic was involved in the assassinations of Kolahi and Nissi. He added that both men were Dutch citizens and that their murders on Dutch soil were “hostile actions” that directly violated Dutch sovereignty. He also revealed that the expulsions of two Iranian diplomats from Holland in June of last year were in direct response to the evidence unearthed by the Dutch intelligence services about the two murders. IntelNews readers will recall that the Dutch Foreign Ministry did not explain the reason for the expulsions when these were announced last summer. Also on Tuesday, the European Union announced the imposition of financial sanctions against two individuals associated with Iranian military intelligence, reportedly in response to Holland’s announcement.

Author: Joseph Fitsanakis | Date: 09 January 2019 | Research credit: M.K. | Permalink

CIA suffered ‘catastrophic’ compromise of its spy communication system

CIAThe United States Central Intelligence Agency suffered a “catastrophic” compromise of the system it uses to communicate with spies, which caused the death of “dozens of people around the world” according to sources. This is alleged in a major report published on Friday by Yahoo News, which cites “conversations with eleven former US intelligence and government officials directly familiar with the matter”. The report by the online news service describes the compromise of an Internet-based covert platform used by the CIA to facilitate the clandestine communication between CIA officers and their sources —known as agents or spies— around the world.

According to Yahoo News, the online communication system had been developed in the years after 9/11 by the US Intelligence Community for use in warzones in the Middle East and Central Asia. It was eventually adopted for extensive use by the CIA, which saw it as a practical method for exchanging sensitive information between CIA case officers and their assets in so-called ‘denied areas’. The term refers to regions of the world where face-to-face communication between CIA case officers and their assets is difficult and dangerous due to the presence of ultra-hostile intelligence services or non-state adversaries like the Taliban or al-Qaeda. However, it appears that the system was flawed: it was too elementary to withstand sustained scrutiny by Internet-savvy counterintelligence experts working for state actors like Iran, China or Russia.

In September of 2009, Washington made a series of impressively detailed revelations about the advanced status of Iran’s nuclear program. These angered Tehran, which redoubled its efforts to stop the US and others from acquiring intelligence information about the status of its nuclear program. Some sources told Yahoo News that one of the CIA assets inside Iran’s nuclear program was convinced by the Iranians to become a double spy. He proceeded to give Tehran crucial information about the CIA’s online communication system. Based on these initial clues, the Iranians allegedly used Google-based techniques “that one official described as rudimentary” to identify an entire network of CIA-maintained websites that were used to communicate with assets in Iran and elsewhere. The Iranians then kept tabs on these websites and located their users in order to gradually unravel an entire network of CIA agents inside their country. Around that time, Iranian media announced that the Islamic Republic’s counterintelligence agencies had broken up an extensive CIA spy ring consisting of more than 30 informants.

The Yahoo News report says that the CIA was able to successfully exfiltrate some of its assets from Iran before the authorities were able to apprehend them. The agency also had to recall a number of undercover officers, after they were identified by the Iranians. The effects of the compromise, however, persisted on a global scale, according to former US intelligence officials. In 2011 and 2012, another network of CIA spies was busted in China, leading to the arrest and execution of as many as three dozen assets working for the US. Many, says Yahoo News, believe that the Iranians coached the Chinese on how to use the CIA’s online communication system to identify clandestine methods and sources used by the agency.

Along with other specialist websites, IntelNews monitored these developments as they took place separately in Iran and China. However, the Yahoo News report is the first to piece together these seemingly disparate developments and suggest that they were likely triggered by the same root cause. What is more, the report suggests that the CIA had been warned about the potential shortcomings of its online communication system before 2009, when the first penetrations began to occur. In response to the compromise, the CIA has reportedly modified, and at times completely abandoned, its online communication system. However, the implications of the system’s compromise continue to “unwind worldwide” and the CIA is “still dealing with the fallout”, according to sources. The effects on the agency’s operational work are likely to persist for years, said Yahoo News.

Author: Joseph Fitsanakis | Date: 05 November 2018 | Permalink

Denmark recalls its envoy from Tehran, accuses Iran of assassination plot

Finn Borch AndersenThe Danish government has recalled its ambassador from Iran and has accused the intelligence services of the Islamic Republic of plotting an assassination operation on Danish soil. Danish government officials also said that Copenhagen would seek to impose further economic and diplomatic sanctions on Tehran, in coordination with the European Union. The accusations against Iran were leveled during an emergency news conference in the Danish capital on Tuesday, led by Anders Samuelsen, Denmark’s Minister of Foreign Affairs, and Finn Borch Andersen (pictured), Director of the Danish Security and Intelligence Service, known as PET.

The two men said that “an Iranian intelligence agency” had planned “an attack on Danish soil”, which  Defense Minister Samuelsen condemned as “completely unacceptable”. PET Director Andersen said that a Norwegian national of Iranian background had been arrested in Sweden on October 21, and was now in custody awaiting extradition to Denmark. The arrestee is an employee of Iranian intelligence, said Andersen, and had been observed conducting surveillance against a Danish-based leading member of an Iranian separatist group. The alleged target is a member of the Arab Struggle Movement for the Liberation of Ahvaz (ASMLA), a hardline separatist group campaigning for a separate homeland for Iran’s Arab minority. Approximately 2 percent of Iranians (around 1.5 million people) belong to the country’s ethnic Arab population. Most of them are concentrated in Khuzestan, a region in Iran’s oil-rich southwest, which borders neighboring Iraq. Some of these ethnic Arabs seek autonomy from Tehran, which they see as an alien regime. ASMLA represents the militant wing of Iran’s separatist Arab community and has a history of staging terrorist attacks inside Iran. Last September, the group claimed it was behind an armed attack on a military parade in the city of Ahvaz —a major urban center in Iran’s Arab-speaking region— which killed 24 people, including some women and children. Later, however, a representative of the group retracted the claim.

On Tuesday, several Iranian officials issued strong denials of the Danish government’s allegations. Speaking in Tehran, Iranian Foreign Ministry Spokesman Bahram Qassemi dismissed Denmark’s claims as “spiteful”. He added that the timing of reports linking Iran to assassination operations on European soil were suspect and described them as “a plot by [Iran’s] enemies to damage Tehran’s growing relations with European countries”. Earlier this month, France seized the financial assets of individuals whom it described as Iranian spies, after blaming Tehran for a foiled bomb attack in Paris. The move followed the arrest of six people in France, Germany and Belgium, who allegedly planned to bomb the annual conference of the National Council of Resistance of Iran (NCRI) last June. The NCRI is led by Mujahedin-e Khalq (MEK), a militant group with roots in radical Islam and Marxism, which Iran sees as a terrorist organization.

Author: Joseph Fitsanakis | Date: 31 October 2018 | Permalink

Iran has clandestine missile factories in Lebanon, claims Israel’s ex-spy chief

Amos YadlinThe government of Iran is smuggling parts for ballistic missiles to Lebanon, where they are secretly assembled in clandestine factories operated by the Shiite militant group Hezbollah, according to Israel’s former spy chief. For several months now, the international news agency Reuters has been claiming that Tehran has transported short-range ballistic missiles to secret bases controlled by pro-Iranian militias in Iraq. Iran’s move was aimed at “deterring attacks on [Iran’s] interests in the Middle East and to give it the means to it reginal foes”, said Reuters, citing “Iranian, Iraqi and Western sources”. Both Iran and Iraq denied the Reuters report.

In September, another report, citing “Western intelligence sources”, said that Iran had begun smuggling parts of short-range ballistic missiles to Hezbollah-controlled areas of Lebanon, using commercial flights. The report pointed to at least two flights that are suspected by Western intelligence agencies of having illegally transported precision weapon parts to Lebanon. Both flights were operated by Qeshm Fars Air, a company believed to be used by Iran’s Islamic Revolutionary Guard Corps (IRGC). Members of the IRGC, arguably the most loyal branch of the Iranian military, are selected on the basis of their ideological commitment to the defense of the 1979 Islamic Revolution. The two flights identified in the report departed from commercial and military airports in Tehran and landed in Lebanon after taking “uncharacteristic flight paths” through Syria, said Western intelligence sources.

On Sunday, Israel’s highest-circulation newspaper, Yedioth Ahronoth, carried an interview with the former director of the Jewish state’s Military Intelligence Directorate, Major General (ret.) Amos Yadlin. Yadlin, who also served as Israel’s military attaché in Washington, said that Iran used to hide ballistic missile parts in Syria, hoping to establish de facto missile bases there. However, Tehran’s plan suffered a major setback last May, said Yadlin, when Israel’s air force destroyed approximately 50 targets inside Syria, including —according to Yadlin— Iranian missile factories. Since then, he said, Tehran has been relocating its missile factories to Lebanon, believing that Israel will not attack its neighbor to the north. But Yadlin, who is a known supporter of left-of-center parties in Israel, and a proponent of the two-state solution to the Palestinian problem, argued that Israel should consider attacking Iran’s military factories in Lebanon. The Jewish state faces two choices, said Yadlin: “to strike [Lebanon], not necessarily by air”, or to allow Hezbollah to acquire precision missiles. “Israel will not accept this change”, he added.

Author: Joseph Fitsanakis | Date: 22 October 2018 | Permalink

Suicide bomb threat reportedly leads to evacuation of Iranian envoy to Turkey

Iran embassy in AnkaraThere were conflicting reports yesterday in Ankara of an alleged evacuation of Iran’s ambassador to Turkey, following credible reports of a suicide bomb attack, possibly by the Islamic State. Several Turkish media outlets reported on Monday afternoon that authorities in Ankara had communicated an urgent intelligence warning to the Iranian embassy there of a possible suicide bomb attack. According to the reports, members of the Sunni militant group Islamic State of Iraq and Syria (ISIS) were behind the planned attack.

At 2 pm local time, reports stated that Iran’s ambassador to Turkey, Mohammad Ebrahim Taherian Fard, had been hurriedly evacuated from the Iranian embassy by Turkish security forces. By that time, all roads leading to the Iranian embassy, located next to the Ankara Hilton in one of the Turkish capital’s leafiest areas, had been cordoned off. Reporters from the Reuters news agency and Agence France Presse said that Turkish police and special forces had shut down Tahran Road, where the Iranian embassy is located, and were searching cars. Armed security forces had also surrounded the Iranian embassy, according to Reuters.

Strangely, however, reports of a possible bomb attack and of the ambassador’s evacuation were strongly refuted by the Iranian government, which denounced them as “sheer lies” and “complete fabrications”. In a statement published online on Monday afternoon, Iran’s Ministry of Foreign Affairs said that its diplomats in Ankara had noticed “an increased Turkish security presence” around the Iranian embassy. However, they continued working normally, as they were unaware of the reasons for the heightened security. They assumed that Turkish President Recep Tayyip Erdoğan was appearing nearby, said the statement. A statement by the Iranian embassy in Ankara said that consular employees were present at the embassy and that all scheduled services were being offered without interruption.

In the past month, the embassies of Iran in Paris and Athens have come under attack by Kurdish separatists and leftwing groups protesting against Tehran’s alleged oppression of ethnic minorities in the country. In the past, the Islamic Republic has been rarely targeted by ISIS, whose members dismiss Shiite Islam as a heresy. In June 2017, two attacks were carried out simultaneously in Tehran, targeting the Iranian parliament and the Mausoleum of Ruhollah Khomeini, founder of post-1979 Iran. In September of this year, ISIS claimed responsibility for an attack in Iran’s southwestern city of Ahvaz, which killed 25 soldiers and civilians during a military parade.

Author: Joseph Fitsanakis | Date: 16 October 2018 | Permalink

France freezes assets of Iranian spies in response to foiled terror attack in Paris

French Ministry for the EconomyFrance has seized the financial assets of two Iranian spies and frozen all assets belonging to the Iranian Ministry of Intelligence, in response to a foiled bomb attack in Paris, which the French government has blamed on Tehran. The alleged bomb attack was uncovered on June 30 of this year, when members of Belgium’s Special Forces Group arrested a married Belgian couple of Iranian descent in Brussels. The couple were found to be carrying explosives and a detonator. On the following day, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria, while another Iranian man was arrested by authorities in France, reportedly in connection with the three other arrests.

All four individuals were charged with a foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris. The NCRI is led by Mujahedin-e Khalq (MEK), a militant group with roots in radical Islam and Marxism. The MEK was designated as a terrorist group by the European Union and the United States until 2009 and 2012 respectively. But it has since been reinstated in both Brussels and Washington, reportedly because it provides the West with a vehicle to subvert the Iranian government. France, Germany and Belgium allege that the aborted bombing plot was an attempt by Iran to disrupt the close relations between the MEK and Western governments.

On Tuesday, Paris announced the seizure of assets of two of the men who were arrested in June and July. One is an accredited Iranian diplomat identified as Assadollah Asadi, who is believed to be an official-cover intelligence officer. The other man is Saeid Hashemi Moghadam, who was arrested by French authorities. He is believed to be an Iranian sleeper agent. All assets belonging to the Islamic Republic’s Ministry of Intelligence were also been frozen, effective immediately, it was announced. In a joint statement, the French ministers of foreign affairs, economics and the interior said that the move reflected the France’s “commitment to fight terrorism, in all its manifestations […], especially on its territory”. The statement added that “the extremely heinous act envisaged on our territory could not go without a response”.

The Iranian government has denied all connection to the alleged plot in Paris and has dismissed the incident a “false flag” operation staged by MEK in cooperation with Tehran’s “enemies at home and abroad”.

Author: Joseph Fitsanakis | Date: 04 October 2018 | Permalink