US Sanctions 2 Iranians Over Ransomware Payments - Treasury Department

The United States has imposed sanctions on two Iranian computer experts for facilitating ransom payments from at least 200 known victims, and also published currency exchange addresses associated with a SamSam ransomware extortion scheme, the US Department of the Treasury said in a press release on Wednesday.

WASHINGTON (UrduPoint News / Sputnik - 28th November, 2018) The United States has imposed sanctions on two Iranian computer experts for facilitating ransom payments from at least 200 known victims, and also published Currency exchange addresses associated with a SamSam ransomware extortion scheme, the US Department of the Treasury said in a press release on Wednesday.

"The US Department of the Treasury's Office of Foreign Assets Control (OFAC) took action today against two Iran-based individuals, Ali Khorashadizadeh and Mohammad Ghorbaniyan, who helped exchange digital currency (bitcoin) ransom payments into Iranian rial on behalf of Iranian malicious cyber actors involved with the SamSam ransomware scheme that targeted over 200 known victims," the release said. "Also today, OFAC identified two digital currency addresses associated with these two financial facilitators."

The sanctions concern a ransomware known as "SamSam" that has victimized numerous corporations, hospitals, universities, and government agencies and held over 200 known victims' data hostage for financial gain, the release said.

Ransom payments in bitcoin were needed for victims to regain control of their networks.

The Treasury Department also published two digital currency addresses that have been used by Khorashadizadeh and Ghorbaniyan to process over 7,000 transactions, to interact with over 40 exchangers - including some US-based exchangers - and to send approximately 6,000 bitcoin worth millions of Dollars, some of which involved SamSam ransomware.

"As Iran becomes increasingly isolated and desperate for access to US dollars, it is vital that virtual currency exchanges, peer-to-peer exchangers, and other providers of digital currency services harden their networks against these illicit schemes," Treasury Undersecretary for Terrorism and Financial Intelligence Sigal Mandelker said.

Khorashadizadeh and Ghorbaniyan were central to the SamSam ransomware scheme by facilitating the exchange of digital currency derived from ransom payments into Iranian rial and deposited the rial into Iranian banks, according to the release.