For the first time ever, the U.S. Treasury Department announced that they have sanctioned two Bitcoin wallet addresses connected to a ransomware scheme associated with two Iranian men.
Bitcoin Wallets Sanctioned in Unprecedented Case
As first today, the U.S. Treasury Department’s Office of Foreign Assets Control claimed that the two men indicted in the sanctions, named Ali Khorashadizadeh and Mohammed Ghorbaniyan, aided ransomware schemes that exploited unsuspecting victims out of Bitcoin by converting the illicitly obtained cryptocurrency into Iran’s fiat currency by utilizing multiple exchanges and networks.
Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence, spoke about the recent sanctions in a statement, saying:
“Treasury is targeting digital currency exchangers who have enabled Iranian cyber actors to profit from extorting digital ransom payments from their victims. As Iran becomes increasingly isolated and desperate for access to U.S. dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency networks harden their networks against these illicit schemes.”
According to the Treasury, the two men are connected to a ransomware operation known as “SamSam” that targeted data networks primarily in the United States, the United Kingdom, and Canada since 2015.
In the past three years, over 200 known victims were targeted by the ransomware, which collectively led to over 7,000 Bitcoin transactions worth millions of U.S. dollars.
Furthermore, the two aforementioned Iranian men connected to the operation utilized over 40 digital asset exchanges and platforms that operate under the sanction of U.S. law, who are now being investigated for their connections to the operation.
“Treasury will aggressively pursue Iran and other rogue regimes attempting to exploit digital currencies…to further their nefarious objectives,” Mandelker added.
In the statement, the Treasury published the Bitcoin addresses that the indicted men used to convert BTC to fiat currency, from which over 6,000 Bitcoin (worth over $25 million at the time of writing) was sent to.
Interestingly, the use of traceable and identifiable cryptocurrency addresses has proven to be beneficial for the Treasury’s case against these two men, as it allows them to back trace, and track in the future, any and all transactions being conducted with the addresses connected to these men and the SamSam ransomware operation.
The statement importantly notes that anyone under U.S. jurisdiction who conducts any transactions with the two publicly released Bitcoin wallet addresses could be subject to secondary sanctions.
“Like traditional identifiers, these digital currency addresses should assist those in the compliance and digital currency communities in identifying transactions and funds that must be blocked and investigating any connections to these addresses. As a result of today’s action, persons that engage in transactions with Khorashadizadeh and Ghorbaniyan could be subject to secondary sanctions. Regardless of whether a transaction is denominated in a digital currency or traditional fiat currency, OFAC compliance obligations are the same.”
Going forward, it is likely that both the Treasury Department and the Department of Justice will begin placing sanctions on cryptocurrency wallet addresses as they further crack down on illicit and nefarious transactions being conducted using digital currencies.
Featured image from Shutterstock.