US Treasury Sanctions Nobitex Crypto Exchange for Enabling IRGC‑Linked Ransomware Payments
What Happened — The U.S. Treasury’s Office of Foreign Assets Control (OFAC) placed sanctions on Nobitex, Iran’s largest cryptocurrency exchange, citing its role in processing over half of Iranian digital‑asset inflows and facilitating payments for the Islamic Revolutionary Guard Corps (IRGC) and IRGC‑affiliated ransomware groups. Executives and founders of Nobitex were also designated, and three additional Iranian exchanges were added to the sanctions list.
Why It Matters for TPRM —
- Third‑party crypto platforms can become conduits for sanctioned entities, exposing partners to regulatory and reputational risk.
- Ransomware actors leveraging sanctioned exchanges increase the likelihood of illicit fund flows through legitimate supply‑chain partners.
- Sanctions trigger asset freezes and prohibitions that may disrupt services for businesses that rely on the affected exchange.
Who Is Affected — Financial services (crypto exchanges, payment processors), technology SaaS providers handling crypto payments, and any organization with exposure to Iranian digital‑asset transactions.
Recommended Actions —
- Review any contracts or transaction pipelines that involve Nobitex, Wallex, Bitpin, or Ramzinex.
- Conduct enhanced due‑diligence on crypto‑payment partners for sanctions compliance.
- Update AML/KYC controls to flag transactions routed through Iranian wallets or addresses linked to the IRGC.
Technical Notes — The sanction stems from OFAC’s identification of wallet addresses tied to IRGC‑linked ransomware actors and the exchange’s role in stable‑coin conversions used to prop up the Iranian rial. No specific software vulnerability is disclosed. Source: BleepingComputer