Bitcoin Addresses Cited in Iranian Ransomware Plot

Reading Time: 2 minutes

Bitcoin addresses linked to two Iran-based individuals who allegedly helped facilitate ransom payments were made public Wednesday, representing the first case of its kind. Ali Khorashadizadeh and Mohammad Ghorbaniyan helped Iranian hackers exchange the illegally elicited Bitcoin into the local currency, according to an indictment by the Justice Department. The Office of Foreign Assets Control taking the unprecedented step of publicizing the Bitcoin addresses belonging to the pair, which they had uncovered.

SamSam Attack

The Bitcoin was extorted by two hackers, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri. Both exploited security gaps in vulnerable computer networks to install ransomware, which locked computer files and demanded Bitcoin as payment to release them. The Bitcoin was then sent to Khorashadizadeh and Ghorbaniyan who turned it into Iranian rials. Over 7,000 Bitcoin transactions had been made through the two addresses, worth millions of dollars, with much coming from the victims of the malware attack. The ransomware, known as SamSam, caused $30 million worth of damage and affected over two hundred people and institutions including city governments, universities, and hospitals across North America and the United Kingdom.

Bitcoin Wars?

Those with a certain level of knowledge of Bitcoin know that, despite addresses not being directly tied to an individual at the time of their creation, the Bitcoin blockchain allows easy viewing of all transactions. As such is the case, matching up other activity with Bitcoin payments can easily tie an individual to a certain activity. Blockchain investigation company Chanalysis is one such company that is able to use various methods of blockchain interrogation to achieve this. The news might go some way in illustrating to detractors of the cryptocurrency that Bitcoin payments are not anonymous. Actually, as with the case of the Russian hack on the DNC servers in 2016, they can actually help track down wrongdoers via Blockchain.
The measures taken by the US government may be a show of force in response to Iran’s plans to launch a cryptocurrency. The purpose being to get around US sanctions, so there is every chance this could be the first shot of a long and protracted crypto-battle.