{"id":493005,"date":"2022-09-14T20:15:00","date_gmt":"2022-09-14T17:15:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/us-treasury-sanctions-iran-based-ransomware-group-and-associated-bitcoin-addresses\/"},"modified":"2022-09-14T20:15:00","modified_gmt":"2022-09-14T17:15:00","slug":"us-treasury-sanctions-iran-based-ransomware-group-and-associated-bitcoin-addresses","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/us-treasury-sanctions-iran-based-ransomware-group-and-associated-bitcoin-addresses\/","title":{"rendered":"# US Treasury sanctions Iran-based ransomware group and associated Bitcoin addresses"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3ac43d68c1a\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3ac43d68c1a\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/us-treasury-sanctions-iran-based-ransomware-group-and-associated-bitcoin-addresses\/#%E2%80%9D_US_Treasury_sanctions_Iran-based_ransomware_group_and_associated_Bitcoin_addresses_%E2%80%9C\" >&#8221; US Treasury sanctions Iran-based ransomware group and associated Bitcoin addresses &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_US_Treasury_sanctions_Iran-based_ransomware_group_and_associated_Bitcoin_addresses_%E2%80%9C\"><\/span>&#8221; US Treasury sanctions Iran-based ransomware group and associated Bitcoin addresses &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDkvMmJmOWM1NDgtZmYyOS00ZWFlLWI2YTctNjNjYzU1YmI1ZjUwLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-6ebd806f>The United States Treasury Department\u2019s Office of Foreign Asset Control has added 10 individuals, 2 entities, and several crypto addresses allegedly tied to an Iranian ransomware group to its list of Specially Designated Nationals, effectively making it illegal for U.S. persons and companies to engage with them.<\/p>\n<p>In a Wednesday announcement, the U.S. Treasury <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/home.treasury.gov\/news\/press-releases\/jy0948\">said<\/a> the individuals and companies in the ransomware group were affiliated with Iran\u2019s Islamic Revolutionary Guard Corps, a branch of the country\u2019s military. The group allegedly \u201cconducted a varied range of malicious cyber-enabled activities,\u201d including compromising the systems of a U.S.-based children\u2019s hospital in June 2021 and targeting \u201cU.S. and Middle Eastern defense, diplomatic, and government personnel.\u201d<\/p>\n<p>OFAC listed 7 Bitcoin (BTC) addresses allegedly connected to 2 of the Iranian nationals \u2014 Ahmad Khatibi Aghada and Amir Hossein Nikaeed Ravar \u2014 as part of its secondary sanctions. According to the Treasury Department, Khatibi has been associated with <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> and computer services firm Afkar System \u2014 one of two entities sanctioned in the same announcement \u2014 since 2007. The governmental department alleged Nikaeed \u201cleased and registered network infrastructure\u201d to assist the ransomware group.<\/p>\n<p>\u201cRansomware actors and other cybercriminals, regardless of their national origin or base of operations, have targeted businesses and critical infrastructure across the board \u2014 directly threatening the physical security and economy of the United States and other nations,\u201d said Brian Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence. \u201cWe will continue to take coordination action with our global partners to combat and deter ransomware threats.\u201d<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">In a coordinated action across the U.S. Government, OFAC designated a dozen Iran-based persons for their roles in malicious cyber acts, including ransomware activity. The U.S., Australia, Canada &amp; the UK are also publishing a joint cyber security advisory. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/OVnr3jprBA\">https:\/\/t.co\/OVnr3jprBA<\/a><\/p>\n<p>\u2014 Treasury Department (@USTreasury) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/USTreasury\/status\/1570082632045576194?ref_src=twsrc%5Etfw\">September 14, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nThe notice <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.justice.gov\/opa\/pr\/three-iranian-nationals-charged-engaging-computer-intrusions-and-ransomware-style-extortion\">came<\/a> as the Justice Department announced an indictment against Khatibi, Nikaeed and Mansour Ahmadi \u2014 also one of the individuals listed in OFAC\u2019s sanctions \u2014 for allegedly \u201corchestrating a scheme to hack into the computer networks\u201d of entities and individuals in the United States, including the attacks cited by the Treasury. According to the Justice Department, the Iranian ransomware group targeted a New Jersey-based accounting firm in February 2022, having Khatibi demand $50,000 in cryptocurrency in exchange for not selling the company&#8217;s data on the black market.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Monero\u2019s crypto of choice as ransomware \u2018double extortion\u2019 attacks increase 500%<\/em><\/strong><\/p>\n<p>On Aug. 8, OFAC added more than 40 cryptocurrency addresses connected to controversial mixer Tornado Cash to its list of Specially Designated Nationals, prompting criticism from many figures in and out of the space. Treasury clarified on Tuesday that U.S. persons and entities were not prohibited from sharing Tornado Cash\u2019s code, but also required a special license to complete transactions initiated before the sanctions were imposed or make withdrawals.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"law_decoded\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/us-treasury-sanctions-iran-based-ransomware-group-and-associated-bitcoin-addresses\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; US Treasury sanctions Iran-based ransomware group and associated Bitcoin addresses &#8220; The United States Treasury Department\u2019s Office of Foreign Asset Control has added 10 individuals, 2 entities, and several crypto addresses allegedly tied to an Iranian ransomware group to its list of Specially Designated Nationals, effectively making it illegal for U.S. persons and companies&#8230;<\/p>\n","protected":false},"author":1,"featured_media":493006,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDkvMmJmOWM1NDgtZmYyOS00ZWFlLWI2YTctNjNjYzU1YmI1ZjUwLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[70984,73240,70934,71523,67874],"class_list":["post-493005","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-iran","tag-ransomware","tag-regulation","tag-sanctions","tag-united-states"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/493005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=493005"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/493005\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/493006"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=493005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=493005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=493005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}