The US Department of Justice has issued information on Iranian citizens, Faramar Shahi Savandi and Mohammad Mehdi Shah Mansouri for being responsible for creating the SamSam ransomware. The ransomware was used to extort money from public institutions, hospitals and colleges in the US in the form of Bitcoin. The value of the losses was reported to be as high as $30 million.
Later, the US Department of Treasury’s Office of Foreign Assets Control also released information about another set of Iranian residents, Mohammad Ghorbaniyan and Ali Khorashadizadeh. They even identified digital currency addresses associated with the alleged criminals. These offenders were responsible for helping the extortionists with the laundering of the funds they had collected through the SamSam ransomware.
WEX Links Traced
PwC, using the digital wallet addresses and the emails provided by the Office of Foreign Assets Control, succeeded in tracking the links between the alleged perpetrators Ghorbaniyan and Khorashadizadeh, and the cryptocurrency exchange WEX, which was previously known as BTC-e.
The report by PwC alleges that the said exchange was used to launder the money collected through the ransomware by the two culprits. The report also states that the exchange in its previous avatar laundered at least $1.9 million related to the SamSam ransomware.
It was, in fact, known for its involvement in cashing almost 95% of all ransomware booty between 2014-2017. Given this record, the involvement of the exchange in these malicious activities should not come as a surprise.
The PwC report goes on to cite another investigation that establishes the links between, the exchange and other major malicious forces, like Russia’s Intelligence Agency- Directorate of The General Staff.
As Vinnik, the former head of the company is extradited to Russia the crypto community is concerned as to how such malicious elements are able to operate and establish links with anti-social criminal acts.
Traditional financial institutions are still concerned about the criminal activities that can be so easily carried out with cryptocurrencies. It is disturbing that many organizations, and even governments, are using this disruptive technology for illicit gains. The crypto community needs to come together as one, call out such organizations and bad actors and weed them out to create confidence among financial organizations and the general populace alike.