Skip to Content

US to foreign cybercriminals: We’re watching your Bitcoin transactions

November 29, 2018

Here’s a tip: if you happen to be a criminal hacker trying to outrun US authorities, you probably shouldn’t use Bitcoin.

The Department of Treasury’s Office of Foreign Asset Control (OFAC) made waves yesterday with the announcement that it has added two Bitcoin addresses, for the first time ever, to its list of so-called specially designated nationals. As the Treasury explains, the list includes identifying information for “individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries” in addition to “ individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific.” The move blocks their assets, and US citizens are “generally prohibited from dealing with them.”

The addresses are associated with two men, Ali Khorashadizadeh and Mohammad Ghorbaniyan, who allegedly helped exchange Bitcoin acquired via a destructive ransomware scheme. According to OFAC, the two men used the addresses for 7,000 transactions worth millions of US dollars.

It’s a big deal, at least in a symbolic way. The Wall Street Journal called the news “a sign of a new era in which illicit gains are transacted in code instead of cash.” But it’s not a surprise. First, OFAC revealed in March that it was considering adding digital currency addresses to the list. Besides, as we’ve pointed out, Bitcoin doesn’t offer criminals much protection. Law enforcement agencies are getting better at finding clues in its blockchain.

Most important, it raises all kinds of new questions. Can’t criminals just change addresses? What happens to addresses that receive transactions from the blacklisted addresses? Do they go on the list too? Is OFAC setting itself up for unending games of cat and mouse? And what will it do if and when more international criminals leave Bitcoin for harder-to-trace coins like Monero and Zcash?

We may find out some of the answers soon, since the Treasury says it will “aggressively pursue Iran and other rogue regimes attempting to exploit digital currencies and weaknesses in cyber and (anti-money-laundering and countering the financing of terrorism) safeguards to further their nefarious objectives.” One more question: is this more about cracking down on criminals or sending a message?

Keep Reading

Most Popular

Here’s how a Twitter engineer says it will break in the coming weeks

One insider says the company’s current staffing isn’t able to sustain the platform.

Technology that lets us “speak” to our dead relatives has arrived. Are we ready?

Digital clones of the people we love could forever change how we grieve.

How to befriend a crow

I watched a bunch of crows on TikTok and now I'm trying to connect with some local birds.

Starlink signals can be reverse-engineered to work like GPS—whether SpaceX likes it or not

Elon said no thanks to using his mega-constellation for navigation. Researchers went ahead anyway.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.