Sanctions

US Treasury sanctions Iran-based ransomware group and associated Bitcoin addresses

The Office of Foreign Asset Control sanctioned 7 Bitcoin addresses allegedly connected to Iranian nationals Ahmad Khatibi Aghada and Amir Hossein Nikaeed Ravar.

The United States Treasury Department’s Office of Foreign Asset Control has added 10 individuals, 2 entities, and several crypto addresses allegedly tied to an Iranian ransomware group to its list of Specially Designated Nationals, effectively making it illegal for U.S. persons and companies to engage with them.

In a Wednesday announcement, the U.S. Treasury said the individuals and companies in the ransomware group were affiliated with Iran’s Islamic Revolutionary Guard Corps, a branch of the country’s military. The group allegedly “conducted a varied range of malicious cyber-enabled activities,” including compromising the systems of a U.S.-based children’s hospital in June 2021 and targeting “U.S. and Middle Eastern defense, diplomatic, and government personnel.”

OFAC listed 7 Bitcoin (BTC) addresses allegedly connected to 2 of the Iranian nationals — Ahmad Khatibi Aghada and Amir Hossein Nikaeed Ravar — as part of its secondary sanctions. According to the Treasury Department, Khatibi has been associated with technology and computer services firm Afkar System — one of two entities sanctioned in the same announcement — since 2007. The governmental department alleged Nikaeed “leased and registered network infrastructure” to assist the ransomware group.

“Ransomware actors and other cybercriminals, regardless of their national origin or base of operations, have targeted businesses and critical infrastructure across the board — directly threatening the physical security and economy of the United States and other nations,” said Brian Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence. “We will continue to take coordination action with our global partners to combat and deter ransomware threats.”

The notice came as the Justice Department announced an indictment against Khatibi, Nikaeed and Mansour Ahmadi — also one of the individuals listed in OFAC’s sanctions — for allegedly “orchestrating a scheme to hack into the computer networks” of entities and individuals in the United States, including the attacks cited by the Treasury. According to the Justice Department, the Iranian ransomware group targeted a New Jersey-based accounting firm in February 2022, having Khatibi demand $50,000 in cryptocurrency in exchange for not selling the company’s data on the black market.

Related: Monero’s crypto of choice as ransomware ‘double extortion’ attacks increase 500%

On Aug. 8, OFAC added more than 40 cryptocurrency addresses connected to controversial mixer Tornado Cash to its list of Specially Designated Nationals, prompting criticism from many figures in and out of the space. Treasury clarified on Tuesday that U.S. persons and entities were not prohibited from sharing Tornado Cash’s code, but also required a special license to complete transactions initiated before the sanctions were imposed or make withdrawals.

US Treasury clarifies publishing Tornado Cash’s code does not violate sanctions

Residents would not be violating sanctions by visiting Tornado Cash’s website, copying the mixer’s open-source code, nor making the code available online or in print.

The United States Department of the Treasury said “interacting” with cryptocurrency mixer Tornado Cash’s open-source code, with certain provisions, would not be in violation of sanctions imposed by the Office of Foreign Assets Control, or OFAC.

In the guidance posted to its frequently asked questions pages on Tuesday, the Treasury Department clarified some concerns previously voiced by many U.S.-based crypto users regarding the controversial mixer Tornado Cash. According to the government department, U.S. residents would not be violating sanctions by copying the mixer’s code, nor making it available online or publishing it through another medium.

“U.S. persons would not be prohibited by U.S. sanctions regulations from visiting the Internet archives for the Tornado Cash historical website, nor would they be prohibited from visiting the Tornado Cash website if it again becomes active on the Internet,” said the Treasury Department.

The Treasury specified that users could generally interact with the Tornado Cash code provided it didn’t involve a prohibited transaction. Those who initiated transactions using the mixer prior to sanctions being imposed on Aug. 8 can apply for an OFAC license to complete the transaction or to make a withdrawal:

“OFAC would have a favorable licensing policy towards such applications, provided that the transaction did not involve other sanctionable conduct.”

The seeming uncertainty around the U.S. sanctions and how companies were expected to be in compliance came amid many platforms removing or restricting the activity of individuals associated with Tornado Cash. One of the mixer’s co-founders, Roman Semenov, reported on Aug. 8 that his account at developer platform GitHub had been suspended. He suggested at the time that his interactions with Tornado Cash’s code might have been part of the reason, questioning “is writing an open source code illegal now?”

Related: Tornado Cash ban could spell disaster for other privacy protocols — Manta co-founder

Others have attempted to use the U.S. legal system to push back against the Treasury Department’s actions. On Sept. 8, Coinbase announced it would be supporting a lawsuit brought by Tornado Cash users against the Treasury Department, alleging it illegally sanctioned the crypto mixer’s smart contract addresses.

Crypto investors backed by Coinbase sue U.S. Department of Treasury after Tornado Cash sanctions

Coinbase says that the Treasury overstepped its authority in issuing the Tornado Cash sanctions.

According to a new lawsuit filed in the U.S. District Court, Western District of Texas. On Thursday, six users of the Ethereum blockchain and cryptocurrency mixer Tornado Cash sued the U.S. Department of Treasury, alleging that its recent designation of 44 Tornado Cash smart contract addresses to the Specially Designated Nationals (SDN) list of the Office of Foreign Asset Control (OFAC) is “not in accordance with law.”

Since Aug. 8, U.S. persons and entities have been prohibited from interacting with the sanctioned Tornado Cash smart contract addresses, blockchain or business-wise, under the threat of criminal or civil penalties for non-compliance. The plaintiffs seek to annul the designation based on three arguments. First, they argue Tornado Cash does not meet the definition of a property, a foreign country, or a national thereof, nor a person and therefore cannot be added to the SDN list.

Second, they claim a violation of their First Amendment (freedom of speech) rights under the U.S. Constitution:

“Tornado Cash allows Plaintiffs to engage in important, socially valuable speech. However, due to the designation, plaintiffs cannot use Tornado Cash to make donations to support important, and potentially controversial, political and social causes.”

Thirdly, the plaintiffs say that because of the Treasury designation, they could not access the Ether stored in Tornado Cash pools. They argued that such alleged lack of proper pre-deprivation process was in-violating legal procedures.

Later that day, cryptocurrency exchange Coinbase publicly supported the lawsuit. The firm hailed the move as “defending privacy in crypto,” and pledged to fund the lawsuit. “The sanctions exceed Treasury’s authority, harm innocent people, remove privacy and security options for crypto users, and stifle innovation,” said Coinbase. It then raised individual examples of purported benefits of Tornado Cash:

“One person used Tornado Cash to donate money to Ukraine anonymously. Afterward, his wallet received potentially malicious airdrops. But because he anonymized his crypto before donating, he avoided attacks against his personal accounts. He has funds trapped in Tornado Cash.”

“Developers are worried that they could be held responsible for something they had nothing to do with and no ability to control,” said Coinbase in an argument claiming the Treasury’s move will stifle innovation. The U.S. Department of Treasury claims that over $7 billion worth of crypto has been laundered via Tornado Cash since its inception. Stablecoin issuers, such as Circle, have taken steps to freeze blacklisted Tornado Cash smart contract addresses due to the ban. Others, such as Tether, have refrained from such a move until they receive instructions from law enforcement. 


Russian PM takes cue from Iran’s crypto payment permit for imports

The adoption of digital assets provides a good opportunity to ensure uninterrupted payments for imports and exports, Russia’s prime minister said.

Russia may soon be taking a cue from Iran by using cryptocurrencies for imports, according to commentthe Russian prime minister.

The adoption of digital assets is necessary as a “safe alternative” for cross-border payments, Russian Prime Minister Mikhail Mishustin declared at a strategic session on the development of the domestic financial system on Tuesday.

The prime minister added that digital assets provide a good opportunity to ensure uninterrupted payments for imports and exports. Mishustin also pointed out the importance of ensuring tech infrastructure independence and the cybersecurity of financial institutions, stating:

“We need to intensively develop innovative areas, including the adoption of digital assets. This is a safe alternative for all parties that can guarantee uninterrupted payment for the supply of goods from abroad and for export.”

Mishustin’s remarks came shortly after Iran’s Industry of Mines and Trade Ministry approved the use of cryptocurrencies for imports. The local media reported on Monday that the authority moved into crypto payments due to the ongoing international trade sanctions against Iran.

Russian authorities have previously considered crypto for international payments. In May, Ivan Chebeskov, head of the Financial Policy Division within Russia’s Finance Ministry, said that the authority was considering the possibility of incorporating crypto payments. “The idea of using digital currencies in transactions for international settlements is being actively discussed,” he said at the time.

Related: 72% of Russians say they have never bought Bitcoin: Survey

The idea of international payments in crypto even received support from Russia’s biggest governmental crypto skeptic, the Bank of Russia. In June, Bank of Russia governor Elvira Nabiullina stated that cryptocurrencies can be used in cross-border or international payments but only if they don’t get into Russia’s domestic financial system.

Rep. Emmer demands an explanation of OFAC’s Tornado Cash sanction from Sec. Yellen

The Minnesota Republican highlighted the practical issues that could allegedly arise from the placement of smart contract addresses on the SDN list in a series of pointed questions.

United States Congressman Tom Emmer sent a four-page letter to Treasury Secretary Janet Yellen on Tuesday regarding the Treasury Department’s sanctioning of cryptocurrency mixer Tornado Cash on Aug. 8. In his letter, Emmer posed a series of questions that seek to clarify the position of the Treasury Department’s Office of Foreign Assets Control (OFAC).

Emmer said that OFAC, acting under Executive Order 13694 to place Tornado Cash on its Specially Designated Nationals and Blocked Persons List (SDN), has for the first time extended the EO’s definition of person or individual to include code. He pointed to the distinction made by the Treasury’s Financial Crimes Enforcement Network (FinCEN) between anonymizing services and anonymizing software to illustrate the issue he saw in OFAC’s action while acknowledging that OFAC is not subject to FinCEN regulations.

Emmer’s questions were of a practical nature. Noting that “Tornado Cash is a collection of several Ethereum smart contract addresses that are not controlled by a person (individual or entity),” Emmer asked what persons could be associated with those addresses and:

“Given that the Tornado Cash back-end will operate unchanged […] as long as the Ethereum network continues to operate, who or what entity did OFAC believe was reasonably responsible for imposing controls on the Tornado Cash blockchain contracts?”

Emmer went on to ask about the status of funds belonging to law-abiding Tornado Cash users and how they can reclaim those funds and how smart contracts “with no agency, corporate or personal,” can appeal the OFAC decision.

Related: Tornado Cash saga highlights legal issues affecting the crypto market

Emmer, a member of the House of Representatives Financial Services Committee and co-chair of the Congressional Blockchain Caucus, is a highly visible presence in crypto legislation. He has in recent months criticized the Securities and Exchange Commission’s (SEC’s) policy toward crypto companies, supported crypto miners before the Environmental Protection Agency (EPA) and co-sponsored the new version of the Digital Commodity Exchange Act (DCEA). He is far from alone in his dismay over the OFAC action. Coin Center has expressed the intention of challenging OFAC in court.

Tornado Cash sanctions will ultimately undermine the US and strengthen crypto

Like any aging empire, America is reacting to its competition.

The United States government’s sanctioning of the open-source code that makes up the Tornado Cash privacy protocol may be shocking, but it’s not surprising. America has been tightening its grip over the global financial system for decades ostensibly to cut down on bad behavior but also to project power abroad.

Economic sanctions, like the ones enforced by the aptly named Office of Foreign Assets Control, are a powerful weapon. The agency’s website states that it “enforces economic and trade sanctions based on U.S. foreign policy and national security goals.” It does this to fight drug dealers, terrorists, and “other threats to the national security, foreign policy or economy of the United​ States.”

Scary stuff, particularly when enforced by the issuer of the global reserve currency. But therein lies the rub because the more the U.S. weaponizes access to the dollar, the greater the incentive for every other country to find an alternative. One likely winner from this dynamic is Bitcoin (BTC). To see why, we need to study the architecture of money.

Fiat currencies like the U.S. dollar have no inherent transfer mechanism. Large payments can only be made through the banking system, and banks need government charters to operate. This symbiotic relationship enables governments to not only control the issuance of their money, but also access to it. For the issuer of a reserve currency, monetary censorship becomes a powerful weapon, arguably as destructive as bombs and bullets.

Related: Tornado Cash shows that DeFi can’t escape regulation

Bitcoin is different because it has its own censorship-resistant payment system. Anyone can make payments to anyone else — with or without the involvement of a licensed intermediary. Governments can still wield power over individual exchanges, custodians, or miners, but they can’t stop the protocol or the community that runs it.

Bitcoin is also apolitical in ways that fiat currencies can never be. Along with ever stricter sanctions regimes, the U.S. has recently taken the drastic step of freezing the foreign exchange reserves of Russia and Afghanistan. Regardless of one’s opinion of the legitimacy of such acts, they drive home the point that dollar reserves are only useful so long as their owners stay on America’s good side.

A critic could argue that the sanctioning of Tornado Cash proves cryptocurrencies are not immune from politics. Indeed, the U.S. has been sanctioning Ethereum and Bitcoin addresses for years. What makes crypto unique is the fact that the decentralized protocols in question don’t care, at least not in a way a bank might.

After all, the permissionless nature of these networks means that anyone can do anything, including continuing to process transactions for sanctioned addresses. That doesn’t mean that a European miner or South American exchange wants to upset Washington, but it does mean that they could if they had to. This optionality may come in handy in a crisis.

None of this means that global adoption of Bitcoin is imminent. The infrastructure remains raw, and most governments remain cautious, in part because censorship resistance also challenges their monetary grip at home. But the more globalization reverses, and the more America tries to enforce her will on other countries, the greater the need for a backup plan.

Related: Tornado Cash DAO goes down without explanation following vote on treasury funds

This relatively new threat to the dollar is one explanation for why America refuses to pass sensible crypto regulations, despite a thriving domestic industry. The more the U.S. normalizes Bitcoin as a store of value internally, the higher the odds that it gets adopted as a reserve asset abroad. If it’s good for Blackrock, then why not a central bank?

Countries don’t need to put their entire reserves in Bitcoin to benefit from its utility. Given its relative youth and volatility, it would be risky to own too much — just ask El Salvador. But as a “break-glass-in-case-of-emergency” reserve asset, a little bit would go a long way.

Like any aging empire, America is likely to react to this competition. If other countries do start adopting Bitcoin, then Washington may become even more Draconian with the use of sanctions, trying to blacklist coins held by regimes it doesn’t like, and punishing miners who process certain transactions. But that would mostly hurt the American crypto industry while reinforcing the need for a global alternative.

Historically, the most popular reserve currencies have been issued by countries with trustworthy legal systems. The more arbitrary American sanctions become, the less trust others will have in its money. Bitcoin always does what it’s supposed to, making it an ideal reserve currency.

The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Omid Malekan is an adjunct professor at Columbia Business School and the author of Re-Architecting Trust: The Curse of History and the Crypto Cure for Money, Markets, and Platforms.

DeFi platform Oasis to block wallet addresses deemed at-risk

Users report that their sessions were disconnected when trying to interact with Oasis with allegedly high-risk wallets.

According to a new community Discord post on Thursday, decentralized finance (DeFi) platform Oasis.app says that sanctioned addresses will no longer be able to access the application. As a result of the change to the terms of service, wallets flagged as high risk are prohibited from using Oasis.app to manage positions or withdraw funds. Instead, such a category of users must interact directly with the relevant underlying protocol where funds are stored or find another service.

In explaining the decision, Oasis.app team member Gabriel said:

“We’ve recently needed to update the Terms of Service of the Oasis.app front-end to comply with the relevant laws and regulations. In line with the latest regulations, Oasis.app has an updated Terms of Service. Any sanctioned addresses will no longer be able to access Oasis.app functionality.”

Raising a $6 million Series A in 2020, Oasis has grown to become a popular platform for DeFi borrowing and lending. The protocol has processed $4.6 billion worth of transactions in the past 30 days and manages $3.42 billion in deposits. 

At the time of publication, it is not immediately clear which tools Oasis is using to identify wallets deemed to be high risk. Similar to Oasis, decentralized exchange (DEX) Uniswap recently began to block wallets allegedly associated with illicit activities by using TRM Labs’ data. TRM Labs helps entities detect and investigate crypto-related financial crime via on-chain analysis. Thus far, feedback regarding Oasis’ new measure has been mostly negative. One Discord user, Eagles#2541, claims:

“I’m actually just interacting with Oasis with an account that has had direct exposure to Tornado Cash. I can’t reproduce the issue that others are getting, so it’s probably just that the team is incompetent and has applied some very wide net with arbitrary holes in it.”


dYdX confirms blocking (and unblocking) some accounts flagged in Tornado Cash controversy

The platform said it has used compliance vendors to scan for and flag accounts potentially associated with illicit activities, including sanctions lists for many countries.

Cryptocurrency derivatives trading platform dYdX said it blocked some users’ accounts with funds linked to Tornado Cash, including mistakenly suspending some that never directly engaged with the controversial mixer.

In a Wednesday blog post, dYdX said it had “unbanned certain accounts” that the derivatives platform had blocked in response to the Office of Foreign Assets Control of the United States Treasury Department adding Tornado Cash to its list of Specially Designated Nationals, or SDNs. According to dYdX, its compliance provider flagged many accounts believed to be linked to Tornado Cash, which the platform subsequently blocked — despite the fact some had never dealt with the crypto mixer. The platform said it has used compliance vendors to scan for and flag accounts potentially associated with illicit activities, including sanctions lists for many countries.

“This sudden influx of flags affected many account holders that never directly engaged with Tornado Cash, and often such users do not realize the origin of the funds transferred to them during various transactions prior to interacting with our platform, but we must nevertheless maintain certain restrictions,” said dYdX.

According to dYdX, banning the users did not amount to seizing funds, which they said would always be available for withdrawals. However, the platform can place accounts in “close-only mode.”

Many crypto trading platforms have blocked access to Tornado Cash following the U.S. Treasury adding the controversial mixer to its sanctions list on Aug. 8. As an SDN, “U.S. persons are generally prohibited from dealing with them,” and firms and individuals listed have their assets blocked — this would include 44 USD Coin (USDC) and Ether (ETH) addresses connected to Tornado Cash.

Following the sanctions announcement, stablecoin issuer Circle froze more than 75,000 USDC worth of funds on addresses listed by Treasury officials. However, actions against individuals associated with the crypto mixer extend beyond centralized exchanges based in the United States. Tornado Cash co-founder Roman Semenov reported developer platform GitHub had suspended his account. On Tuesday, Web3 development platform Alchemy and Infura.io followed by blocking remote procedure call requests to the mixer.

Related: TORN price sinks 45% after U.S. Treasury sanctions Tornado Cash — Rebound ahead?

Some critics of the Treasury’s decision to add Tornado Cash to its list of SDNs have said the crypto mixer is a “neutral tool” that can be used by anyone, rather than a platform aiming to use it for illicit purposes. In a Tuesday statement, Lia Holland of tech advocacy group Fight for the Future called the Treasury’s actions “clumsy” by using sanctions against bad actors like North Korean hacking group Lazarus that also affected users with “legitimate reasons to seek anonymity in financial transactions.”

“Tornado.cash is code, and rather than identify those who were aiding and abetting criminals the Treasury simply sanctioned that code,” said Holland.

TORN price sinks 45% after U.S. Treasury sanctions Tornado Cash — Rebound ahead?

TORN is near a historically strong support range, eyeing a 75% rebound by September 2022.

Tornado Cash (TORN) has lost almost half its market valuation two days after being slapped with sanctions by the U.S. Treasury Department.

The department accused Tornado Cash, a crypto mixer platform, of laundering more than $7 billion in cryptocurrencies, including a stash of $455 million allegedly stolen by North Korea-based hackers.

Immediate reactions were followed by U.S.-based crypto companies, including Circle and Coinbase. In a controversial move, the popular crypto firms blocked the movements of their jointly-issued stablecoin USDC tied to Tornado Cash’s blacklisted smart contracts.

TORN price drops 45%

The news prompted traders to limit their exposure to TORN, Tornado Cash’s native token.

On the daily chart, TORN’s price has slipped by approximately 45% since the Justice Department’s notice about Tornado Cash, to reach $18.50 on Aug. 10. By contrast, the valuation of all the crypto assets had plunged merely 6% in the same timeframe.  

TORN/USD daily price chart. Source: TradingView

Interestingly, TORN’s selloff accompanied a spike in daily trading volumes, suggesting momentume.

TORN technicals suggest recovery

The downside move has pushed TORN price near a critical technical support.

Related: Anonymous user sends ETH from Tornado Cash to prominent figures following sanctions

TORN has been testing its $15–$18 range for a potential rebound due to its historical relevance as support. Notably, in January and June earlier this year, this level served as a springboard for TORN price to jump 275% and 100%, respectively.

TORN/USD three-day price chart. Source: TradingView

Therefore, a potential rebound move from the range could have TORN test $32.50 as its next upside target, which coincides with the 0.236 Fib line as shown above. In other words, a 75% recovery by September 2022

On the other hand, a breakdown below the support range sends TORN’s price to new record lows.

The views and opinions expressed here are solely those of the author and do not necessarily reflect the views of Cointelegraph.com. Every investment and trading move involves risk, you should conduct your own research when making a decision.

Anonymous user sends ETH from Tornado Cash to prominent figures following sanctions

It appears to be an ongoing prank to challenge the novel Tornado Cash sanctions.

On Tuesday, one day after the U.S. Treasury sanctioned cryptocurrency mixer Tornado Cash for its alleged role in cryptocurrency money laundering operations, intervals of 0.1 Ether (ETH) transactions began materializing from the smart contract to prominent figures such as Coinbase CEO Brian Armstrong and American television host Jimmy Fallon. It is not possible to trace the source of the transactions per Tornado Cash design, and as a result, either one individual or multiple individuals or entities could be involved in the operation.

Due to sanctions, it is illegal for any U.S. persons and entities to interact with Tornado Cash’s smart contract addresses, blockchain or business-wise. Penalties for willful noncompliance can range from fines of $50,000 to $10,000,000 and 10 to 30 years imprisonment.

The consistency of the transactions indicate that the sender(s) may be starting a prank as to direct law enforcement attention to the recipient individuals. However, the Treasury sanctions require “willful” engagement with the blacklisted smart contract addresses as a precondition for possible criminal proceedings. Thus, it is unlikely that the receipt of tokens from Tornado Cash on a gratuitous basis, without any prior knowledge nor engagement, can constitute a violation of the sanctions.

The same day, Web3 development platforms Alchemy and Infura.io joined stablecoin issuer Circle and programming depository vault GitHub in blacklisting the sanctioned Tornado Cash addresses and barring access to its front-end application. Months prior, Tornado Cash attempted to address ongoing concerns that its platform was being used by malicious hackers to launder stolen crypto funds by disabling illicit wallets from accessing the application. However, its co-founder, Roman Semenov said at the time that the instrument only blocks access to the decentralized application, or DApp, interface and not the underlying smart contract.

Months prior, Tornado Cash attempted to address ongoing concerns that its platform was being used by malicious hackers to launder stolen crypto funds by disabling illicit wallets from accessing the application. However, its co-founder, Roman Semenov said at the time that the instrument only blocks access to the decentralized application, or DApp, interface and not the underlying smart contract.