US Treasury Dept. Takes Action Against Two Iranians Allegedly Involved in BTC Ransomware


0

The U.S. Treasury Department has sanctioned two Iranians allegedly involved in Bitcoin (BTC) ransomware scheme SamSam, the Treasury reported in an official press release today, Nov. 28.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has taken action on Wednesday against two Iranian individuals, Ali Khorashadizadeh and Mohammad Ghorbaniyan, who are accused of exchanging Bitcoin into Iranian rials (IRR).

This is also the first time that Bitcoin addresses have been publically attributed to “designated individuals” on the OFAC’s sanctions list.

According to the report, SamSam ransomware breaks into companies’ computer networks, allowing criminals to take over administrator rights in order to demand a ransom in Bitcoin in exchange for regained network access by users. The ransomware has reportedly damaged multiple companies, government agencies, universities, and hospitals, targeting more than 200 victims, the Treasury said.

OFEC has managed to identify two crypto addresses associated with the alleged Iran-based criminals, with 7,000 transactions in Bitcoin and around 6,000 BTC moved since 2013, the report states.

While Khorashadizadeh and Ghorbaniyan are allegedly responsible for the exchange of crypto and the deposits of rials into Iranian banks, the ransomware scheme also involved two Iranian players that acted as hackers and have been infecting multiple data networks with SamSam in the U.S., the United Kingdom, and Canada since 2015.

In August, U.K.-based science and technology magazine Wired UK reported that SamSam creators were making around $300,000 per month, and “nobody [could] work out who they are.” According to research provided by cybersecurity firm Sophos, SamSam has amassed about $6 million since apparently being launched in 2015.

According to Wired UK, SamSam did not perform anything “particularly sophisticated,” with no automation and implementing “old-school hacking.” The ransomware was reportedly managed manually, unlike the massive WannaCry ransomware that shut down hundreds of U.K. hospitals and GPs in 2017.


Like it? Share with your friends!

0

What's Your Reaction?

hate hate
0
hate
confused confused
0
confused
fail fail
0
fail
fun fun
0
fun
geeky geeky
0
geeky
love love
0
love
lol lol
0
lol
omg omg
0
omg
win win
0
win
COINTELEGRAPH

Choose A Format
Story
Formatted Text with Embeds and Visuals
Video
Youtube, Vimeo or Vine Embeds
List
The Classic Internet Listicles
Open List
Submit your own item and vote up for the best submission
Countdown
The Classic Internet Countdowns
Poll
Voting to make decisions or determine opinions
Ranked List
Upvote or downvote to decide the best list item
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Meme
Upload your own images to make custom memes
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format