U.S. Treasury Department Sanctions Two More Iranians

In continuation of a new round of U.S. sanctions against Iran, the Treasury Department has added the names of two Iranian citizens involved in “digital trade for the Islamic Republic” to the list of sanctioned Iranians.

On Wednesday, December 28 (November 28), the U.S. Treasury Department announced that two Iranians named Mohammad Ghorbaniyan and Ali Khorashadizadeh have been placed on the U.S. sanctions list against Iran.

On the U.S. Treasury Department website, it is stated that these two Iranian citizens are engaged in digital trade and “cyber activities.”

The Office of Foreign Assets Control (OFAC) of the Treasury Department announced that Mohammad Ghorbaniyan and Ali Khorashadizadeh have received approximately six million dollars from hospitals and medical institutions in the United States and Canada.

These two Iranian citizens “participated in cyber attacks against American and Canadian hospitals and clinics and extorted these institutions using digital currency (Bitcoin). This money was subsequently converted to Iran’s currency.”

200 Victims

According to this report, in the digital trade of these two Iranians, more than 200 victims were extorted through the “SamSam ransomware” program. In seven thousand instances of digital currency (Bitcoin) transactions, several million dollars were processed through two internet addresses.

The U.S. Treasury Department engaged in digital transactions with these individuals and was able to identify them by tracking their use of digital currency.

Sigal Mandelker, Deputy Assistant Secretary for Terrorism Financing at the U.S. Treasury Department, stated that while access to the dollar for Iran faces significant obstacles, similar restrictions must also be imposed on virtual transactions and digital currency exchanges. He added that the Treasury Department is active in digital financial addresses to end illegal virtual currency exchange methods.

Mandelker also said: “Iran and other repressive regimes are seeking to exploit digital currencies and vulnerabilities in internet security service providers and cyber attacks to advance their sabotage objectives.”

The Treasury Department stated in its announcement that “SamSam ransomware” exploited more than 200 victims from hospitals, universities, and public and private companies by collecting their data.

Hackers’ Method

These hackers operated by accessing victims’ computer systems, installing SamSam ransomware, gaining access to their data, and taking control of it. They then demanded that victims pay them Bitcoin digital currency to regain access to their computer data.

Khorashadizadeh and Ghorbaniyan, in cooperation with SamSam ransomware hackers, converted Bitcoin to rials.

The U.S. Department of Justice has also filed cases against two Iranian hackers named Faramarz Shahi Sendi and Mohammad Mahdi Shah Mansouri.

The report continues that they have repeatedly attacked institutions in the United States, Canada, and Britain since 2015. Some of the extortion cases by these two Iranians were also carried out through the “SamSam ransomware” program.

Source: DW