Iranian Crypto Ransomware Threat Will Rise in Today’s Geopolitical Climate, Report Predicts

Published at: Aug. 8, 2018

Iran-based malware that demands a digital ransom in cryptocurrencies is on the rise and will further escalate in the present geopolitical climate, according to a report published by global management consulting firm Accenture on August 7.

After two years of analysis, Accenture Security iDefense predicts that emerging trends in the Iranian cyber threat landscape will intensify as the country is forced into a defensive and economically straitened position in the wake of the U.S. exit from the Obama-era Iran nuclear accord this spring.

With the US set to imminently to reimpose tough economic sanctions, Accenture has warned that the ransomware it has found “could have been created by government-backed actors or Iranian criminals, or both,” as the Wall Street Journal (WSJ) further reports.

Accenture has tracked five new types of ransomware — some of which demand “staggering” crypto ransoms — that its analysis has traced back to hackers in Iran based on samples that contain messages in Farsi as well as other clues pointing to Iranian computer systems.

“WannaSmile” —- a zCrypt variant that Accenture discovered in November 2017 — asks for a 20 Bitcoin (BTC) payment in a Farsi ransom note and also advertises local Iran-based payment processors and exchanges through which victims can acquire the cryptocurrency.

Another sample, “Black Ruby,” has been programmed to spare computers with an Iranian IP address, but otherwise encrypts and scrambles the target’s files, as well as infects the machine with a resource-hungry Monero (XML) miner. The ransom for so-called Black Ruby, which Accenture discovered in February 2018, is $650 in BTC.

The report says that the increase in ransomware activity suggests that Iran-based actors are “financially motivated to target global organizations by using ransomware and cryptocurrency miners for financial gain,” although it notes that

“Based on current Iranian policy, the feud may not lead to any disruptive or destructive cyberattack against the United States or European counterparts in the near future.”

Accenture’s report adds that the Iranian government might instead target its neighbors — like Saudi Arabia, the United Arab Emirates, Bahrain, and Israel —as they supported the U.S. decision to pull out of the nuclear agreement.

Jim Guinn, head of Accenture’s industrial cybersecurity business, told the WSJ that stealth crypto-mining attacks — also known as cryptojacking — have already caused “significant issues in some oil and gas facilities in the Middle East,” estimating that “millions of dollars of compute cycles have been hijacked over the past 12 months and continue to be hijacked every day.”

Amid the geopolitical fallout, economic turmoil in Iran has seen some citizens turn to crypto in an attempt to protect their funds. As of May, Iranians were estimated to have siphoned $2.5 billion out of the country in crypto, notwithstanding the central bank’s move to ban local financial institutions from dealing in crypto earlier this spring.

Tags
Uae
Related Posts
Banks and Cryptocurrencies Global Evaluation: The Middle East
Arab markets were flooded with new investors in April after an Islamic scholar announced cryptocurrency is halal under Sharia law. The announcement settled contradicting statements issued by several other Islamic experts, but there are still conflicting interpretations of Sharia’s allowance of virtual currencies among Muslim leaders. The mufti’s announcement opened crypto markets to potentially 1.6 billion new customers, but it is certain that Middle Eastern governments will play a central role in the development of the crypto industry in order to ensure individuals and institutions adhere to Sharia law. Sharia law places strict guidelines on economic activity whereby value must …
Bitcoin / June 14, 2018
Many cloud servers are still at high risk of being hijacked for crypto mining
According to a study published by cybersecurity firm, Aqua Security, cloud servers remain a major target for cryptojacking — a type of attack whose main motivation is to mine cryptocurrencies. The “2020 Cloud Native Threat Report” states that between the second half of 2019 and the first half of 2020, attacks of this nature surged by 250%. In total, 95% of the 16,371 attacks registered during this period were related to cryptojacking. The perpetrators of this type of exploit rely heavily on the use of XMRig, a well-known Monero (XMR) mining app, to deploy the attacks. Aqua Security explained: “Although …
Technology / Sept. 14, 2020
Hodler’s Digest, Dec. 31 – Jan. 6: Top Stories, Price Movements, Quotes and FUD of the Week
Top Stories This Week Georgia State Senator Reports to Jail Over Alleged Theft of Crypto Mining Equipment Republican state senator of Georgia has reported to jail in the United States for allegedly lying about the theft of cryptocurrency mining equipment worth around $300,000. State senator Michael Williams had disclosed the theft in May, and is reporting to jail now over his false police reports and statement. Williams had declared that a server that was used to mine unnamed cryptocurrencies had disappeared from his office premises, but last month was indicted by grand jury on three counts. NYSE Operator’s Bakkt Announces …
Bitcoin / Jan. 6, 2019
Iran ‘Preparing Ground’ for National Cryptocurrency to Dodge US Sanctions
Iran has confirmed it will press ahead with creating its own state-issued cryptocurrency to circumvent incoming U.S.. sanctions, local media Press TV reported July 25. Quoted by local news media outlet ISNA and translated by PressTV, Alireza Daliri, deputy for management and investment at the Directorate for Scientific and Technological Affairs, said plans for the creation of a working digital currency were already on its agenda. “We are trying to prepare the grounds to use a domestic digital currency in the country,” Daliri told ISNA, continuing: “This currency would facilitate the transfer of money (to and from) anywhere in the …
Bitcoin / July 26, 2018
Blockchain Registers for Recording Ownership Rights Around the World
The use of blockchain to cement ownership rights for real estate and business has been ongoing since 2016, when the technology was first used to organize new forms of registries and registration of transactions. The blocks are used to record information onto the blockchain system, which can then certify the process of transfer of ownership of the property or entity. This process excludes intermediaries that collect commissions in the process of, for example, conducting real estate transactions while also lowering the risk of fraud. Specialized blockchain platforms can prevent data forgery and simplify the process of checking real estate objects …
Blockchain / Oct. 26, 2019