in Modernization Several Iranian citizens and their bitcoin addresses have been sanctioned from the US Treasury Department. An official statement stated that Ahmed Khatibi Agada, Amir Hussein Nekin and at least seven addresses were under their control.
in indictment A lawsuit has been filed in the US District Court of New Jersey, and these individuals and Ahmadi Mansoor are charged with conspiracy to commit fraud and related activity in connection with computers, intentionally damaging a protected computer, and seeking monetary compensation in bitcoin.
The document was published today by the US Department of Justice (DoJ) alleging that these hackers have engaged in illegal cyber activities from October 2020 onwards. Attacked from Iran, Nikayin and his co-conspirators allegedly seized computers in the US, UK, Israel, Russia and others.
The hackers allegedly used “known weaknesses in network hardware and commonly used software applications” to perform their exploits. In addition, they used Microsoft’s BitLocker to encrypt their victims’ computers and demand payment in bitcoin before relinquishing control.
in Microsoft Report The big tech company, which went public in early September, acknowledged these attacks and linked up a large part of a hacker group known as “Nemesis Kitten”, and its Iranian subsidiary named DEV-0270 or “PHOSPHORUS”. The report claims that these “large-scale” attacks are sponsored by the Iranian government.
The indictment did not mention any connection between the suspects and “Phosphorous”, but it appears that they are operating under a similar scheme. The hacker group asked the victim to pay up to $8000 to release the computer, if the victim refused, they sell the stolen data on the Internet.
According to Microsoft, using BitLocker via malicious commands renders the victim’s computer unusable:
DEV-0270 was seen using setup.bat commands to enable BitLocker encryption, which causes hosts to become inoperable.
Treasury Penalties Bitcoin Addresses, What Are The Repercussions?
The indictment alleges that the Iranian hackers were able to affect small businesses, government agencies, non-profit programs, educational and religious institutions, and multiple critical infrastructure sectors, such as hospital services and transportation.
Hackers often create websites in a naming format for legitimate tech companies to lure victims. Once on the computers, the hackers demanded payment in bitcoin and other cryptocurrencies by providing an email address, as shown below.
Authorities in the US were able to connect the hackers via their Bitcoin addresses. Bad actors used the same addresses when they demanded payment from their victims.
In the past, law enforcement agencies were able to track down stolen funds and criminals through their BTC transactions. Due to the transparent nature of the BTC network, some authorities believe that Bitcoin could be a tool to discourage criminal activities.
US Attorney for New Jersey Philip Salinger He said The following is in the case:
By charging them in this indictment, and by naming them publicly, we are stripping them of their anonymity. They can’t work anonymously from the shadows anymore. We have highlighted them as wanted criminals.
The US Treasury Department’s sanctions have been the subject of controversy in the cryptocurrency space. A few weeks ago, the institution sanctioned a decentralized exchange based on Ethereum in a law that many experts deemed “overstepping the bounds.”
This was the first time the Foundation had imposed sanctions on a neutral technology. Now, the Treasury has instructed people to “safely” remove their funds from the exchange and acknowledge that some people have been affected by interacting with addresses linked to Tornado Cash. What will happen to those individuals who interact with sanctioned Bitcoin addresses today?