US authorities urge not to pay ransomware operators under the threat of sanctions

The United States Treasury’s Office of Foreign Assets Control (OFAC) has published guidance for ransomware victims. The agency said that paying ransoms to operators of ransomware software that are subject to U.S. sanctions would also be considered a sanction violation.

Ofac Ransomware Advisory by ForkLog on Scribd

According to the document, companies or firms paying ransoms to hackers, ‘facilitating payments to cybercriminals on behalf of victims’, not only encourage cybercrime but also risk violating regulatory rules.

OFAC urged ransomware-affected companies to report the hacking incident to the regulator immediately.

If the ransomware operators are sanctioned by the United States, a victim company’s approach to law enforcement would be a substantial mitigating factor for it, the statement says.

Among the groups on OFAC’s sanctions list are the cryptolocker developer Evgeniy Bogachev, the creators of ransomware SamSam, the hacking group Lazarus and its subgroups linked to WannaCry 2.0 ransomware, as well as Evil Corp and its leader Maxim Yakubets.

At the same time, the OFAC statement notes that the guidance is merely explanatory and has no legal force.

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.