Coin Week

  • bitcoinBitcoin$28,340.005.75%
  • ethereumEthereum$1,809.545.23%
  • binancecoinBNB$317.222.73%
  • rippleXRP$0.5717.10%
  • dogecoinDogecoin$0.0759735.08%
  • solanaSolana$21.157.08%

US government sanctions Iranian ransomware group and their BTC addresses

US government blacklists BTC wallets and individuals involved in ransomware attacks
US government blacklists BTC wallets and individuals involved in ransomware attacks

Image source: Crypto Slate

Security has been a longstanding issue in the digital age, and the issue has only grown more prominent within the crypto space.

Hackers allegedly tied to the Iranian military have been penalized by the US government, blacklisting their BTC addresses.

The news

Today, the US Treasury announced sanctions against ten individuals and two entities for alleged ransomware attacks.

According to them, the individuals and two companies associated with a ransomware group are tied to Iran’s Islamic Revolutionary Guard Corps or IRGC.

As a result, they have blocked their Bitcoin wallet addresses.

The department said that those added to the government’s sanctions lists have participated in coordinated ransomware attacks.

Their targets include an array of United States-based companies and organizations – the attacks have been going on as far as 2020.


Since the digital age became the norm, ransomware has become more prominent.

These types of attacks involve hackers remotely locking a device or network by exploiting software flaws.

Once they get in, they demand payment for the user to unlock access.

For a couple of years, cryptocurrency has been the demanded mode of payment as it can be more difficult to track compared to other digital payment methods.

Despite transparency in several blockchain networks like Bitcoin, tracking still proves to be a challenge.

The targets

According to Treasury officials, the Iranian group’s targets included a children’s hospital, a city in New Jersey, a rural electric utility company, and many other businesses.

The individuals involved in the attack have been identified as employees or associates of two companies: Najee Technology Hooshmand Fater LLC and Afkar System Yazd Company.

With the alleged attackers and their businesses on the OFAC sanctions list, American citizens, companies, and organizations from interacting with them.

High-profile attackers

The Treasury focused on three individuals: Mansour Ahmadi, Ahmad Khatigi Aghda, and Amir Hossein Nikaeen Ravari.

The three individuals have been charged by the US Attorney’s Office for the District of New Jersey in connection to the ransomware attack.

Meanwhile, the state of New Jersey is offering rewards up to $10 million for information tied to the attackers.

Tornado Cash

The attacks have prompted the Treasury to add an Ethereum coin mixing tool designed to obscure crypto funds movement called Tornado Cash to its sanctions list last month.

According to the Treasury, Tornado Cash has been primarily used to launder money and stolen crypto funds.

Like other decentralized apps, it runs autonomously through a programmed smart contract so it isn’t operated by people or a company.

The decision has been divisive, drawing criticism from the crypto space and questions from US Representative Tom Emmer.

Amid the pushback, the Treasury clarified its position on the use of Tornado Cash, noting that people who sent funds via Tornado Cash without their consent will not be punished.


Treasury blacklist Bitcoin addresses linked to Iranian ransomware group

Opinions expressed by Coin Week contributors are their own.