The U.S. Department of the Treasury’s Office of Foreign Assets (OFAC) has banned U.S. citizens from interacting with two Bitcoin addresses. In a press release published this afternoon, the U.S. OFAC identifies two Iranian men tied to ransomware scams.
For the first time in OFAC history, the department publicly announced the Bitcoin addresses and stated that “U.S. persons generally are prohibited from dealing with them.”
The two persons in question, Ali Khorashadizadeh and Mohammad Ghorbaniyan, were responsible for exchanging ransom payments paid in Bitcoin, into Iranian Rial. The laundered currency comes from malicious cyber attackers who used the SamSam ransomware to forcibly obtain funds from over 200 victims.
Today’s announcement states the OFAC has identified two Bitcoin addresses known to be used by these two cyber-criminals. These addresses have been used to wash millions of U.S. dollars over more than 7,000 transactions since 2013.
SamSam Ransomware
The “SamSam” scam is a basic ransomware attack, whereby the hackers infect the victim’s computer, then attempt to gain administrator rights to the system. Once administrator privileges are secured, the hackers can scrape all of the victim’s data and files, then lock out the rightful owners. Then, the scammers demand ransom payment in Bitcoin in order for the victims to regain control of their computers.
The two addresses in question are 149w62rY42aZBox8fGcmqNsXUzSStKeq8C and 1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V. Looking at the blockchain data, these two addresses have received a total of 5,901 BTC, or $25,374,300. However, both of these accounts have been drained and currently hold zero Bitcoin.
The announcment stated:
Treasury is targeting digital currency exchangers who have enabled Iranian cyber actors to profit from extorting digital ransom payments from their victims. As Iran becomes increasingly isolated and desperate for access to U.S. dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency services harden their networks against these illicit schemes…We are publishing digital currency addresses to identify illicit actors operating in the digital currency space. Treasury will aggressively pursue Iran and other rogue regimes attempting to exploit digital currencies and weaknesses in cyber and AML/CFT safeguards to further their nefarious objectives.
‘Good News for Crypto’
Marco Santori, Chief Legal Officer of Blockchain took to twitter to give his thoughts on the landmark announcement. He belives that OFAC has the tools required to enforce these sanctions as they did not ask for more legislation to aid their efforts. He went on to say that the “Treasury is fighting crypto bad guys using the tools already at its disposal.” Concluding that this was “good news for crypto.”
9/ Maybe Treasury will change its position. Maybe it will need new tools in the future. But for now we're seeing the agency demonstrating its ability to do its job with the laws already on the books. This is good news for Crypto.
— Marco Santori (@msantoriESQ) November 28, 2018