Bitcoin Addresses Sanctioned by the U.S. Treasury

Share Article
In Brief
  • The addresses have been identified to belong to two Iran-based individuals.

  • promo

    Top Crypto Exchanges Without KYC Read Now

The Trust Project is an international consortium of news organizations building standards of transparency.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) added two individuals to its list of sanctioned entities on Nov 28: Ali Khorashadizadeh and Mohammad Ghorbaniyan. This was the first time in history that a Bitcoin address has been added to an official OFAC sanction.

Both of the addresses carry with them an abundance of the usual identifiable information (date and place of birth, ID document with a unique identifying number, aliases, and websites), and the typical string of characters you would expect to see in a Bitcoin address.

According to the OFAC, the two Iranian males have processed over 6000 bitcoin through these addresses via approximately 7000 transactions — enabling cybercriminals to reap their ill-gotten benefits. The addresses, as well as the individuals, are now directly associated with SamSam.

What is SamSam?

SamSam is a computer ransomware virus which has harmed over 200 institutions, including hospitals, corporations, universities, and government agencies in the United States, Canada, and the United Kingdom.

The data gets encrypted when the virus attains administrator-level access and the program demands a Bitcoin payment before it will unlock the data.

The aforementioned individuals have assisted criminals associated with the ransomware attacks, and have even used U.S.-based exchanges. One of them is associated with an individual that seems to have created a business for himself with a cryptocurrency exchange.

The U.S. Treasury forbids any interaction with them and instructs exchanges globally to add these addresses to their blacklist. In the event that any of the bitcoin associated with the address is found on a cryptocurrency exchange, it must be blocked and reported to OFAC in a maximum of ten business days.

SamSam ransomware

Why is this important?

Digital currency addresses are not completely private. They are anonymous by themselves, but the data can be paired with other pieces of a person’s identity. Various service providers are required by law to have a strong KYC and AML process, which literally means they are cross-referencing individuals against this list.

The U.S. considers these individuals a threat to national security. (After all, these two addresses are associated with people that are on the same list as Osama Bin Laden.) While they may or may not be the main perpetrators behind the attacks, they certainly play a role in the financing of these cybercriminals — helping them monetize their ill-gotten assets.

Once the connection is made, the individual in question has all of its digital wallets frozen. Anything that is connected to their identity or actual Bitcoin address should be denied, even if future attempts are made through different Bitcoin/blockchain wallets.

Disclaimer: The U.S. Treasury has warned readers not to engage in transactions with these addresses, as those that do can be a subject of secondary sanctions. Trolls on the web have already sent dubious transactions from vanity generated addresses. Troll at your own risk. 

What do you think about the Treasury Department’s decision to sanction a bitcoin address? Let us know in the comments below!


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Zoran Spirkovski is a freelance journalist, brand strategist, and author published by CryptoBriefing, BeInCrypto, CryptoNewsNet, and NewsBlockchain. He writes about blockchain technology, cryptocurrency, branding, marketing, and productivity, and other stories that brew up in his mind. He writes a daily blog about the same topics at and he regularly contributes to freelance discussion groups.

Follow Author