CipherTrace Links 72,000 Iranian IP Addresses to Over 4.5 Million Bitcoin Addresses


Surveillance corporation CipherTrace was able to link 72,000 Iranian IP addresses to over 4.5 million Bitcoin addresses. The post, which is actually an excerpt from a larger report, explains how CipherTrace had a seen recent spike in Iranian IP addresses associated with Bitcoin activity, particularly (as their surveillance was able to identify) mining.

These Iranian IP addresses were either involved in direct cryptocurrency transactions or were used to query the blockchain to verify funds in cryptocurrency addresses that they control.

One likely explanation for this uptick in Iranian IPs is the abundant increase of Bitcoin mining by Iranian actors. Many of the new Iran-associated addresses interact with mining pools.

The post goes on to say that the U.S. Office of Foreign Assets Control (OFAC) only blacklists “a small handful” of cryptocurrency addresses used by sanctioned individuals, and that CipherTrace’s products and services can help “uncover the additional addresses” not listed on government blacklists. It concludes by using subtle scare tactics encouraging centralized services to use surveillance products that gather IP address data in order reduce the risk of “inadvertently transacting with sanctioned jurisdictions”:

Unlike traditional financial institutions, Virtual Asset Service Providers (VASPs) have an increased risk of inadvertently transacting with sanctioned jurisdictions simply because of the pseudonymous, cross-border nature and global reach of cryptocurrency transactions. VASPs should use IP data derived though blockchain analytics to enhance their compliance programs and reduce sanctions risk exposure.



Marathon Mining Pool Mines Its First Compliant Block
PayPal Bans Tor Supporter Larry Brandt