Cybersecurity Experts Point To Iran For Bitcoin Ransomware


The US sanctions on Iran are now in full force. Cybersecurity experts said in an interview with The Wall Street Journal that Iranian hackers aren’t sleeping, they are developing ransomware to protect Bitcoin.

For the last two years, Accenture PLC’s cybersecurity intelligence has been monitoring five Iranian ransom variations. According to Jim Guinn, who oversees the industrial cybersecurity business, the attempt is to secure payment through cryptocurrency.

Some links have pointed the ransomware to Iran including Farsi texts originating from Iranian software.

Scourge continues

Malicious software has continued to taunt business and government operations. It paralyzed U.K hospitals and cargo shipments and disabled the payment system at the San Francisco Municipal Agency. Government-supported snoopers have gained cryptocurrency payments from the victims.

According to CrowdStrike Inc, a cybersecurity firm noted that iDefense discovered a variant phishing software linked to the Iranian government. The software (Tyrant) discouraged Iranian nationalities from installing software developed to deter government snooping, CrowdStrike reported.

A report released last month with Palo Alto Networks Inc and Symantec Corp described stealing activities linked to Iran.

Iran linked to crypto mining

Another crypto mining malware has been linked to Iran. The software steals computer processing power to mine cryptocurrency. According to Accenture, this crypto mining software is attached to the Middle Eastern customer network but the digital clues point to it originating from Iran.

This crypto mining software has caused havoc in the gas and oil facilities in the Middle East, said Guinn. He estimated millions of dollars have been stolen in the form of compute cycles.

Iran denies the claims

Iran has denied claims of being a hacking victim and of taking part in cybersecurity activities.

Stuxnet cyber-attack disabled uranium-enrichment centrifuges for Iran’s nuclear program. This cyber-attack software (Stuxnet) was launched by Israel and the US a decade ago.

Crypto mining and theft is a way for cash-strapped countries to make quick cash, said Keith Alexander, chief executive of IronNet Cybersecurity Inc, and former director of the U.S Cyber Command and the National Security Agency. Scammers have also stolen intellectual property, said Guinn.