7 New Bitcoin Addresses Blocked by OFAC After Alleged Links to Iran-Related Ransomware Activities. The Treasury Department’s Office of Foreign Assets Control (OFAC) has released an update to its Specially Designated National List (OFAC’s SDN List) of several individuals accused of involvement in Iran-linked ransomware. The list also shows seven Bitcoin addresses apparently linked to Iranian ransomware. OFAC released a new update to the SDN list on September 14, 2022, after the Treasury noted OFAC’s ban of Ethereum mixer Tornado Cash. SDN’s updated list includes two specific companies and ten individuals accused of participating in and financing ransom projects in Iran. . OFAC has previously accused North Korean syndicates, such as the infamous Lazarus group, of being involved in ransom operations. “This IRGC-affiliated group uses software vulnerabilities to carry out its ransom operations, as well as to gain access to unauthorized computers, data mining and other malicious cyber activity,” OFAC said in a notice of the SDN deployment on Wednesday.
In addition to the ten individuals and two companies, approximately seven BTC addresses are also listed. Some of the addresses listed in the OFAC report have never seen a single Bitcoin deposit. Other addresses received bitcoins that were once worth 0.2931 bitcoins and are said to be linked to an Iranian named Ahmad Khatibi Agada. The September 14 SDN update was not the only update in the past two weeks to list “cyber-related names [and] Iran-related names. OFAC issued an amendment to an Internet-related name on September 2 and two Iran-related names on September 8 and 9, 2022. The update released on Wednesday only updated “Iran-related locations” to add new bitcoin addresses.
