US Treasury sanctions two more Iranians

In the continuation of the new round of US sanctions against Iran, the country's Treasury Department added the names of two Iranian citizens involved in "digital trade for the Islamic Republic" to the list of Iranian sanctions.

On Wednesday, November 28, the US Treasury Department announced that two Iranians, Mohammad Ghorbanian and Ali Khorashadizadeh, have been placed on the US sanctions list.

The US Treasury Department's website states that these two Iranian citizens are active in the field of digital commerce and "cyber operations."

The US Treasury Department's Office of Foreign Assets Control has announced that Mohammad Ghorbanian and Ali Khorashadizadeh received approximately $6 million in money from hospitals and medical institutions in the US and Canada.

The two Iranian citizens “participated in cyberattacks on American and Canadian hospitals and clinics and extorted money from these institutions using digital currency (Bitcoin),” which was then converted into Iranian currency.

200 victims

According to the report, the two Iranians' digital business has extorted more than 200 victims through the "SamSam ransomware" program. In seven thousand cases, digital currency (Bitcoin) exchanges worth several million dollars were processed through two Internet addresses.

The US Treasury Department has engaged in digital transactions with these individuals and has been able to identify them through the use of digital currency.

Sigal Manderker, the US Treasury Department's undersecretary for terrorism and financial affairs, said that while Iran faces many problems with access to dollars, necessary restrictions should also be imposed on virtual exchanges and digital currency exchanges. He added that to this end, the department is active in digital financial addresses to end illegal ways of exchanging virtual currencies.

Manderker also said: "Iran and other repressive regimes are trying to exploit cryptocurrencies and vulnerabilities in internet security services and cyberattacks to further their nefarious goals."

The Treasury Department wrote in its announcement that the "SamSam ransomware" exploited victims financially by collecting information from more than 200 hospitals, universities, or government and non-government companies.

Hackers' method

The hackers' modus operandi was to gain access to and control the victims' computer systems by logging in and installing the SamSam ransomware. They then demanded that the victims pay them a digital payment in Bitcoin in order to gain access to their computer data.

Khorashadizadeh and the victims, in collaboration with the SamSam ransomware hackers, converted Bitcoin into Rials.

The US Department of Justice has also filed a case against two Iranian hackers named Faramarz Shahsavandi and Mohammad Mehdi Shah Mansouri.

The news continues by saying that they have repeatedly cyberattacked institutions in the US, Canada, and the UK since 2015. Some of the financial extortion cases of these two Iranians have also been carried out through the "SamSam ransomware" program.

Source: DW