Sunday, June 16, 2019

WEX Cryptocurrency Exchange Gets Linked to $6 Million Ransomware Attack

WEX, a cryptocurrency exchange has been linked to a ransomware attack which led to the extortion of $6 million from people. The actors behind the crime were indicted in November 2018. However, an investigation by PwC, a consulting firm alleges that WEX is one of the exchanges where the illegally obtained funds were sent to, according to a recent report by Coindesk.

SamSam Ransomware Attack Reported in 2018

Per the report, WEX is purportedly connected to the SamSam ransomware attack which was reported in November 2018. At that time, the United States Department of Justice had indicted two Iranian men, Faramarz Shahi Savandi, and Mohammad Mehdi Shah Mansouri. The six-count indictment against the accused claimed that since 2015, they have been sending ransomware called, SamSam into people’s computers.

Through the attack, they were able to encrypt the data on computers owned by over 200 victims in municipalities, hospitals, and public institutions. The duo then demanded a ransom to be paid in Bitcoin before a decryption key is sent to victims. As such, they were able to raise $6 million and, their victims had suffered a loss of $30 million.

Asides the accused, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) pointed out that two other persons had roles to play in the crime. They are Ali Khorashadizadeh and Mohammad Ghorbaniyan who helped to move the Bitcoin payments received through the security breach to exchanges.

Two Other Persons are Linked to the Crime

Khorashadizadeh and Ghorbaniyan were also connected to bitcoin addresses, post office boxes, email addresses, and several others. PwC, on the other hand, revealed that on analyzing these addresses, they discovered that Enexchanger and Iranvisacart, two exchange websites were pointed by the addresses.

Reportedly, these websites had earlier been linked to a money laundering crime by the FBI and they enabled payments using the Wex platform. According to PWC, “One of the cryptocurrency swaps offered is WEX-code to USD, which is a code that allows transferring of funds directly from [WEX].”

PwC also said:

The use of Iran- and Slovakia-based exchanges suggests that threat actors favour using lesser-known currency exchanges. This is likely because the more popular exchanges have monitoring or compliance programmes to detect illicit activities.

WEX, a Successor from BTC-e Cryptocurrency Exchange

WEX is a successor of BTC-e cryptocurrency exchange whose founder, Alexander Vinnik allegedly took part in laundering Bitcoin worth $4 billion. The latest event surrounding Vinnik reveals that he has agreed to end his hunger strike which began in November 2018. Tatyana Moskalkova, the commissioner for Human Rights in Russia also requested his extradition to Russia.

Enjoyed this article?
Subscribe to our mailing list and receive the hottest news directly to your inbox!

More Articles