Multiple sanctions were imposed as a result of the accused’s ransomware operations in a recent action taken by the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury.
Ten people and two shell organizations that have a history of extorting US firms and infrastructure providers have been sanctioned, making it illegal to conduct any transaction with them, whether in bitcoin or not.
Since at least 2020, purported IRGC front companies Najee Technology and Afkar System have been leading the attacks against businesses and government buildings around the US and its allies in the Middle East. After successfully breaking into their target’s IT systems, the hackers would lock off legitimate users and demand a bitcoin ransom in return for the decryption keys.
Despite the fact that these ransomware assaults would not have garnered as much attention if they had simply targeted small enterprises, the hacker’s targets included crucial public organizations.
The organization ramped up its harmful activity from June through August 2021 by picking on a variety of U.S.-based victims, including transportation companies, medical practices, emergency service providers, and educational institutions.
The people are being sought legally by a New Jersey court in addition to being included on the US Government’s official list of people subject to sanctions. Given that all suspects are located abroad in nations without an extradition agreement with the US, the second legal case is mostly pointless. Nevertheless, the move effectively bars the group from traveling to the US or allied countries.
For those with a technical bent, the US Cybersecurity and Infrastructure Security Agency also issued a statement explaining the steps taken in the intrusions, how to avoid similar occurrences in the future, and other related information. Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, claims that these assaults are just the most recent in a string of ransomware assaults purportedly carried out by state-sponsored hackers in a number of different nations.
Regardless of their country of origin or base of operations, ransomware operators and other hackers have attacked businesses and key infrastructure worldwide, posing a direct danger to the physical security and economies of the United States and other countries. Together with our international partners, we will continue to coordinate our efforts to resist and prevent ransomware threats, especially those related to the IRGC.
Source: https://www.thecoinrepublic.com/2022/09/18/us-puts-various-sanctions-on-hacking-group-connected-to-irgc/