The Treasury Department’s Office of Foreign Assets Control (OFAC) has released an updated Specially Designated Nationals List (OFAC’s SDN list) listing numerous individuals allegedly involved in Iran-related ransomware. The list further shows seven bitcoin addresses allegedly associated with the Iranian ransomware gang.
Iran Adds Seven New Bitcoin Addresses to SDN List Following Tornado Cash Ban
Following the Treasury Department’s watchdog agency OFAC’s ban on Ethereum Mixer’s Tornado Cache, OFAC announced a new SDN list update on September 14, 2022. Thisupdated SDN listlists two specific companies and ten individuals who allegedly participated in and funded Iran-based ransomware schemes.
In the past, OFAC has accused North Korean syndicates like the notorious Lazarus Group of participating in ransomware activities. OFAC’s SDN list, released Wednesday, states, “This IRGC-affiliated group is known to exploit software vulnerabilities to conduct ransomware activity, as well as to engage in unauthorized computer access, data exfiltration, and other malicious cyber activities.”
In addition to the 10 individuals and 2 companies listed
, approximately 7 BTC addresses are mentioned; BTCaddresses are also listed; some of theaddressesmentioned in the OFAC report have never made a singleBTCdeposit Some have never seenBTCdeposits received. Other addresses have receivedBTC, like thisthis. This address is said to be associated with an Iranian named Ahmad Khatibi Aghada, who once held 0.2931 because this address held 0.2931BTC
The September 14 SDN update is not the only update to list “cyber-related designations, [and] Iran-related designations” in the past two weeks; OFAC published an amendment to its cyber-related designations on September 2, and on September 8 and 9, 2022, two ” Iran-Related Designations” were published. The update published on Wednesday is the only “Iran-Related Designation” update that includes the newly addedBTCaddress.
Image credits: Shutterstock, Pixabay, Wiki Commons