The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a chilling first for the crypto world: “today’s action marks the first time OFAC is publicly attributing digital currency addresses to designated individuals,” the Treasury press release read. “As a result of today’s action, persons that engage in transactions with [those addresses] could be subject to secondary sanctions. Regardless of whether a transaction is denominated in a digital currency or traditional fiat currency, OFAC compliance obligations are the same.”
US Dept of Treasury Sanctions Bitcoin Addresses
Treasury Designates Iran-Based Financial Facilitators of Malicious Cyber Activity and for the First Time Identifies Associated Digital Currency Addresses is the title of a November 28, 2018 press release shaking up the ecosystem.
The OFAC “took action today against two Iran-based individuals, Ali Khorashadizadeh and Mohammad Ghorbaniyan, who helped exchange digital currency (bitcoin) ransom payments into Iranian rial on behalf of Iranian malicious cyber actors involved with the SamSam ransomware scheme that targeted over 200 known victims,” the agency explained.
Iran has the been the focus of major US attention going back a long way, and sanctions in various forms have survived throughout presidential administrations. What’s different this time around, in terms of enforcement, is their having “identified two digital currency addresses associated with these two financial facilitators. Over 7,000 transactions in bitcoin, worth millions of U.S. dollars, have processed through these two addresses – some of which involved SamSam ransomware derived bitcoin.”
Treasury is Targeting Digital Currency Exchangers
A department spokesman noted, the agency “is targeting digital currency exchangers who have enabled Iranian cyber actors to profit from extorting digital ransom payments from their victims. As Iran becomes increasingly isolated and desperate for access to U.S. dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency services harden their networks against these illicit schemes.”
The actions stem in large measure from ransomware attacks known as SamSam. Hackers exploit vulnerable networks, take them hostage, and typically target government agencies, hospitals, universities, and corporations. Once in control, hackers demand ransom, in bitcoin according to authorities, before allowing routine access to return.
“Central to the SamSam ransomware scheme’s success,” the press release continued, “were Khorashadizadeh and Ghorbaniyan, who helped the cyber actors exchange digital currency derived from ransom payments into Iranian rial and also deposited the rial into Iranian banks. To help convert the digital currency ransom payments into rial, Khorashadizadeh and Ghorbaniyan used the following two digital currency addresses: 149w62rY42aZBox8fGcmqNsXUzSStKeq8C and 1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V. Since 2013, Khorashadizadeh and Ghorbaniyan have used these two digital currency addresses to process over 7,000 transactions, to interact with over 40 exchangers—including some US-based exchangers—and to send approximately 6,000 bitcoin worth millions of USD, some of which involved bitcoin derived from SamSam ransomware.”
CONTINUE THE SPICE and check out our piping hot Videos. Our podcast, Milk, might help sooth that crypto burn. Follow CoinSpice on Twitter. Join our Telegram feed to make sure you never miss a post. Drop some BCH at the merch shop — we’ve got spicy shirts for men and women. Don’t forget to help spread the word about CoinSpice on social media. Thanks!