x
--d : --h : --m : --s
Get tickets

A First: U.S. Treasury Makes Bitcoin Addresses Focal Point in Sanctions

by

        A First: U.S. Treasury Makes Bitcoin Addresses Focal Point in Sanctions
A First: U.S. Treasury Makes Bitcoin Addresses Focal Point in Sanctions

For the first time, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has traced illicit bitcoin activity to the public addresses of two sanctioned individuals.

According to a November 28, 2018, press release, the department is bringing action against Ali Khorashadizadeh and Mohammad Ghorbaniyan for their alleged involvement in the SamSam ransomware scheme. The two men reportedly helped the hackers behind SamSam convert millions of dollars of ransomed bitcoin to Iranian rials.

“As a result of today’s action, all property and interests in property of the designated persons that are in the possession or control of U.S. persons or within or transiting the United States are blocked, and U.S. persons generally are prohibited from dealing with them,” the release states.

These charges coincide with the U.S. Department of Justice’s indictment of Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, the ringleaders behind the 34-month long SamSam ransomware attack. Beginning in 2015, the ransomware affected some 200 international entities, including hospitals and government departments in California, Colorado, Georgia and Kansas. The malicious actors used the ransomware to gain administrative control over the victims’ IT servers and sensitive documents, and they leveraged this control to demand bitcoin as ransom.

Khorashadizadeh and Ghorbaniyan helped Savandi and Mansour process some $6 million in extorted payments. Tracing the illicit activity back to Khorashadizadeh and Ghorbaniyan’s primary Bitcoin public addresses, the OFAC found that the two men have executed roughly 7,000 transactions across 40 exchanges since 2013. The department believes that a significant sum of the 6,000 bitcoin either man has handled is related to the SamSam ransomware scheme, indicating that they converted these funds into Iranian rials and deposited them into bank accounts on behalf of Khorashadizadeh and Ghorbaniyan.

The Bitcoin addresses in question are as follows: 149w62rY42aZBox8fGcmqNsXUzSStKeq8C and 1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V.

“Treasury is targeting digital currency exchangers who have enabled Iranian cyber actors to profit from extorting digital ransom payments from their victims. As Iran becomes increasingly isolated and desperate for access to U.S. dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency services harden their networks against these illicit schemes. We are publishing digital currency addresses to identify illicit actors operating in the digital currency space. Treasury will aggressively pursue Iran and other rogue regimes attempting to exploit digital currencies and weaknesses in cyber and AML/CFT safeguards to further their nefarious objectives,” Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker said in a statement.

The release continues to state that “persons that engage in transactions with Khorashadizadeh and Ghorbaniyan could be subject to secondary sanctions.”




Recommended

Tether and Bitfinex Ask New York Attorney General for Fund Accessibility

In the latest development of an ongoing legal dispute with New York, attorneys for Bitfinex and Tether have asked for a lifting of restrictions on the stablecoin issuer's funds.

Jimmy Aki

Bitfinex, Attorney General Legal Sparring Continues With New Court Filings

Bitfinex and the New York Attorney General’s (NYAG) legal sparring in relation to $850 million in missing funds escalated with another round of court filings this past weekend.

Colin Harper

Major Darknet Marketplace Wall Street Market Shuttered by Law Enforcement

Wall Street Market, the second-largest darknet in the world in recent months, has been shut down by international law enforcement agencies, including Europol as well as U.S., German, Dutch and Romanian law enforcement.

Aaron van Wirdum

Indictments Issued for Two Individuals for Running “Shadow Banking” Operation

U.S. Attorney's office for the Southern District of New York has charged two individuals of providing “shadow banking” services for crypto exchanges.

Jimmy Aki