Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

New Sanctions Offensive: OFAC blocks bad actors’ crypto addresses

Rarely a month passes without the U.S. “maximum pressure” campaign against the likes of Venezuela and Iran making headlines, but a lesser-known, yet similarly robust, sanctions offensive is being quietly waged by the Treasury’s Office for Foreign Assets Control.

OFAC employs blockchain analytics to track down and blacklist cryptocurrency addresses used by malicious actors. Washington is keen to act decisively against crypto-related cybercrime, not only because it threatens the integrity of digital finance, but because it enhances the criminals’ ability to circumvent traditional sanctions, potentially undermining their effectiveness.

When Bitcoin turned ten in January 2019, OFAC was barely a month past its first crypto-related enforcement. It was a landmark. Two Bitcoin addresses belonging to Iranian nationals accused of cyber activity against the United States were now on Specially Designated Nationals and Blocked Persons lists (SDN lists), alongside their names, aliases, and emails. All transactions with those addresses are now prohibited.

Nine months later, a group of Chinese nationals were sanctioned under the Kingpin Act for manufacturing, selling, and distributing opioids in the United States. They were, the U.S. Department of Justice said, “fueling America’s deadly opioid crisis.” Eleven Bitcoin addresses and one Litecoin addresses were attached to SDN lists.

This year has seen a marked increase in the pace at which U.S. authorities are moving against crypto-crime. In September 2020, OFAC blacklisted its 50th Bitcoin address, the second such listing in a month. Together with civil asset forfeitures undertaken by the DOJ, more than 700 cryptocurrency addresses and accounts have been seized and sanctioned by U.S. authorities in the last seven months.

So, after the salvos against hackers and drug gangs, U.S. law enforcement has now found its feet. Recent data confirms that the U.S. is engaging far more complex and multi-faceted cybercrime threats, from well-funded and prepared state actors. And they are doing it with an increasing level of speed and sophistication.

Much of the early part of 2020 was spent arresting the activities of Lazarus Group, a U.S.-designated North Korean state-sponsored malicious cyber group, and a key revenue generator for the regime. One hundred forty-six cryptocurrency addresses and accounts were seized across an array of assets, with 20 blacklisted. A further 280 were included in forfeiture lists in August.

Earlier last month, OFAC moved against Russian actors utilizing virtual assets to channel funds in efforts to subvert U.S. elections. The acknowledgment of such activity is shocking but not unexpected. The first tantalizing clues of Bitcoin’s use in elections interference first emerged in Special Counsel Robert Mueller’s report into alleged Russian involvement in the 2016 presidential elections. Among other things, the report indicated that Russian military intelligence had used Bitcoin to purchase equipment for hacking operations.

It is possible to trace those addresses using block explorers. The data provides telling insights into the alleged Russian state actors’ funding, transactions, and counterparties – more than enough to undertake enforcement. But no action was taken against any cryptocurrency addresses. Why? One may assume that U.S. agencies were not quite ready to meet the task.

Now that the Treasury Department and the DOJ have pulled the trigger on North Korean and Russian cyber actors, we are entering a new paradigm in global sanctions. That state actors are deploying an increasingly diverse range of tools – including a variety of digital assets such as privacy coins like Monero and ZCash – is notable. But the more significant point here is that U.S. law enforcement is now comfortable dealing with these threats.

The emergence of analytics tools and their use by law enforcement has been critical in rebalancing this fight. There is now a wide variety of highly reliable and sophisticated equipment at the U.S. government’s disposal. But the pace of change in the cryptocurrency space is rapid. Governments will have to match it and rely on traditional measures – the implementation of anti-money laundering processes across exchanges and payment services will be essential, as too will be the deployment of traditional investigative techniques to ensure meaningful enforcement.

The robust and rational way enforcement has occurred bodes well for the digital asset sector. OFAC’s actions against crypto-related cybercrime are a tacit acknowledgment that digital assets are here to stay. Blockchain’s core characteristics of transparency and immutability mean that it is ideal for analysis and investigation. No longer is the debate about prohibition. Once viewed with suspicion, blockchain now finds itself an ally of government at the forefront of the sanctions war.

Share this post


Comments are closed for this article!