Iranian Hackers using Ransomware to hoard Bitcoin

210
Iranian Hackers using Ransomware to hoard Bitcoin
Advertisement
   

With its economy already in shambles and with harsh sanctions from the United States looming, Iran has been increasingly turning to Bitcoin and other cryptocurrencies to make transactions.  Of course hackers from the country are also in on this cryptocurrency gold rush. And in many cases, the hackers have connections to Iranian authorities.
Last year an example of Iranian hackers taking advantage of the surging cryptocurrency market was made visible by millions when Behzad Mesri demanded a 6 million dollar Bitcoin ransom after obtaining full unaired scripts from HBO including the highly anticipated Game of Thrones. Mesri participated in hacks under the hacking alias “Skote Vahshat” and had connections to Iranian military cyber attack operations.
Now Iranian hackers are ramping up their efforts by developing ransomware for Bitcoin.  Jim Guinn, the man in charge of the industrial cybersecurity business at Accenture PLC, a leading cybersecurity firm, recently told the Wall Street Journal.  
Ransomware works by blocking access to a system until a ransom is paid to the perpetrators. Over the past few years, ransomware has been a popular tactic deployed by hackers and in some cases by rouge states as acts of cyber war against non ally countries.
Experts say that government trained and funded entities have been able to secure cryptocurrency payments by hacking important information hubs and installing ransomware and shutting down intrical systems.
Experts say that there have been several clues that many of these hacking issues stem from Iran.  Investigators have discovered messages related to the hacking that are written in Farsi and were found to originate from Iranian computers.
Many cyber security companies including iDefense, CrowdStrike, Palo Alto Networks, and Symantec have stated they they have discovered ransomware linked to the Iranian government and cited operations with intentions to not only collect data from citizens, but also discourage citizens from blocking government spying.
There is also evidence that Iranian authorities are supporting mining operations, further displaying Iran’s intentions of compiling Bitcoin to do business.  The use of Bitcoin to circumvent sanctions has been seen in North Korea and Venezuela as well.
Cyber attacks have been long identified as a threat on the global scale but now cryptocurrency can be weaponized as well and Bitcoin is obviously viewed by potential bad actors on the word stage as a way to fight back.