Skip to content Skip to sidebar Skip to footer

US Treasury Department Blacklists Iran Ransomware Addresses

The US Treasury Department has made it illegal for members of Iran’s Islamic Revolutionary Guard Corps (IRGC) to use seven Bitcoin wallets. According to a news statement issued on September 14 by the Department of Homeland Security, Iran-based hostile cyber actors have undertaken malware attacks against the United States since 2020.

The organisation is alleged to have targeted the New Jersey municipality, many children’s hospitals in the United States, and a number of private enterprises.

Ali Ahmadi, Mohammad Ahmadi, Rashidi, Mahdavi, Khatibi, Nikaeen, and Shakeri, Mostafa, and Mojtaba are among the IRGC-affiliated personalities. They had collaborated with the organisations Afkar System and Najee Technology to carry out their nefarious actions.

Four of the backlisted bitcoin (XBT) accounts were associated with Nikaeen Ravari, while three were associated with Ahmad Khatibi Aghada. The pair are believed to have assisted the IRGC in developing and deploying ransomware that jeopardised US national security.

As a consequence of the penalty, the Treasury has confiscated all properties in the nation belonging to the named persons. Transactions with US people and organisations are forbidden, since anybody prosecuted would face further penalties.

The Treasury Department also offered a reward of up to $10 million for information that leads to the conviction of Nikaeen, Mansour or any of the identified people.

Bitcoin is being used by ransomware attackers

According to a report conducted by the Financial Crimes Enforcement Network, nearly $5 billion in Bitcoin was paid out to ransomware perpetrators between 2011 and 2021. (FinCEN). According to a recent CipherTrace analysis, ransomware attackers that accept Bitcoin payments often add 10% to 20% surcharges. The additional fee is to cover the risk of using clearly traceable cryptocurrencies such as Bitcoin.