Iran steps up ransomware demands in crypto
Iran-based malware using cryptocurrencies to extort ransom is set to rise, according to global consulting firm Accenture.
The warning comes in the wake of the Trump administration’s recent decision to rescind its backing of the Iran nuclear accord and reimpose sanctions on the country.
Accenture said it had traced five new kinds of ransomware back to hackers in Iran.
For instance, “WannaSmile” demands a payment of 20 bitcoins and promotes Iran-based payment processors and exchanges as sources through which to buy the crypto.
Another Iranian malware programme known as Black Ruby only targets non-Iranian IP addresses.
Accenture said the Iranian government itself was likely to be behind the increasing attempts to extort digital ransom from victims around the world.
“The development and use of ransomware from Iran is likely to continue. The increased repurposing of popular malware by Iranian-based threat actors could lead to the use of ransomware for destructive purposes by state-sponsored organizations,” said Accenture.
While the Iranian government is alleged to be increasingly resorting to crypto-linked ransom demands, Iranian citizens are also understood to be turning to digital coins to get funds out of the country.
This is despite the move earlier this year by Iran’s central bank to restrict the use of cryptocurrencies by the country’s financial institutions.