The US Treasury has announced its use of digital currency addresses in the designation of Iran-based financial facilitators involved in SamSam ransomware attacks. The Treasury’s Office of Foreign Assets Control (OFAC) has attributed digital currency addresses to designated individuals involved in cyber crimes for the first time in the history of the organization.
Ali Khorashadizadeh and Mohammad Ghorbaniyan were designated Iran-based financial facilitators of malicious cyber activity. The individuals were involved in the exchange of Bitcoin received as ransom payments with the SamSam ransomware scheme which has targeted more than 200 known individuals.
What is a SamSam Ransomware Attack?
SamSam has attacked the computer networks of corporations, hospitals, universities, and government agencies across the globe. It exploits network vulnerabilities to gain entrance and then acquires administrator rights to take control of victim’s servers and files.
Once the attack successfully retrieves files, which are often sensitive in nature, the data is held hostage for financial gain. The malicious actors demand a ransom payment be paid in Bitcoin in order for the victim to retrieve both files and access to the network.
How the US Treasury Used Bitcoin Addresses for Designation
Since 2013, Khorashadizadeh and Ghorbaniyan have used two digital currency addresses to process over 7,000 transactions, which include some 6,000 bitcoin valued at several million USD. Some of these transactions involved SamSam ransomware derived bitcoin, says the Treasury.
For the first time ever, OFAC identified two digital currency addresses which were associated with the two financial facilitators. Addresses ‘149w62rY42aZBox8fGcmqNsXUzSStKeq8C’ and ‘1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V’ were used by Khorashadizadeh and Ghorbaniyan to exchange the digital currency received in ransom payments for Iranian Rial. Both addresses have since been added to OFAC’s sanctions list.
In regards to the consequential impact of OFAC’s designation, the organization announced the following:
“As a result of today’s action, all property and interests in property of the designated persons that are in the possession or control of U.S. persons or within or transiting the United States are blocked, and U.S. persons generally are prohibited from dealing with them.”
Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence, provided the following statement:
“Treasury is targeting digital currency exchangers who have enabled Iranian cyber actors to profit from extorting digital ransom payments from their victims. As Iran becomes increasingly isolated and desperate for access to U.S. dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency services harden their networks against these illicit schemes. We are publishing digital currency addresses to identify illicit actors operating in the digital currency space. Treasury will aggressively pursue Iran and other rogue regimes attempting to exploit digital currencies and weaknesses in cyber and AML/CFT safeguards to further their nefarious objectives.”
Increased Popularity of the Blockchain Resulting in Increased Regulatory Enforcement
The recent news makes a significant statement concerning the evolution of blockchain technology and digital currencies: more individuals and organizations are becoming educated on the matter than ever before.
The increase in general education applies to regulatory bodies as well, which has resulted in a drastic increase of regulatory enforcement. Besides the US Treasury, the SEC, the FBI, and even individual state authorities have enforced penalties involving cryptocurrencies.
Many predict that the surge in regulatory activity will push cryptocurrencies to security tokens. In differing from ICOs, Security Token Offerings (STOs) account for and algorithmically enforce existing securities laws. In this sense, they are considered regulatory compliant, and so long as they follow the applicable laws, they receive a green light from regulatory bodies such as the SEC.
The impact can already be observed, as some companies have cancelled ICOs and turned to the STO as a compliant means to raise funds.
With the recent activity from agencies such as the US Treasury, increased regulatory enforcement has reached an all-time high in the blockchain-sector. The compliance found in security tokens appears to be the market’s current viable alternative.
What do you think of the US Treasury adding digital currencies to its sanctions list? What does the future of blockchain-based assets and regulatory authorities look like? We want to know what you think in the comments below.
Image courtesy of the US Department of the Treasury.