Cryptocurrency, cryptojacking on the rise in Iran as sanctions loom
With the rial getting hammered, Iranians are looking at crypto.
According to the Wall Street Journal, cryptocurrency is generally on the rise in Iran as sanctions loom. It also cites a specious Accenture report which makes the stretch of attributing the malware to the Iranian government in retaliation for sanctions.
It's slightly ridiculous to conclude that the Iranian government is directly involved. Accenture's dramatisations notwithstanding, the rise in malware originating from Iran is probably just people looking to make ends meet.
Alireza Miryousefi, head of the press office at Iran's United Nations Mission has commented on the Accenture report, describing it as a shoddy attempt at scaring government customers into overpaying for unnecessary software by using Iran as a bogeyman for its exaggerated claims.
"These claims come from private firms that have repeatedly embellished their capabilities and claimed spectacular findings in order to convince other private firms and foreign governments into buying their products. This simply is a poorly made and false advertisement," he said.
He has a point.
Accenture has already been cashing in on the White House's laser focus on specific issues, such as border control, by popping up with very timely and very expensive solutions when the time is right. With Iran currently being front of mind for the administration, it would be a commercially prudent time to spin routine malware findings into an international spy thriller.
Incidentally, the most common source of malware is actually the USA by a very large margin and it's one of few countries whose government is known to have used targeted cyberattacks before. But that's not news.
It's also doubtful whether Accenture can profitably create and sell a solution to prevent ransomware or cryptojacking that's more effective than the tools currently available for free. Adblockers have started blocking cryptojackers, and at the end of the day, security is mostly just about not opening suspicious email attachments.
It's also worth putting the software in its proper context.
"Iranian hackers are developing software attacks that render computer systems inoperable" - The WSJ discusses basic malware.
The reason ransomware encrypts data rather than wreaking havoc in other ways is because it lets the hackers sell the data back to the victims, usually for bitcoin. But ransomware has declined sharply in recent months. At its peak in June 2017, it accounted for about 70% of malware infections. Now it's more like 5%. At the same time, cryptojacking slid in to take its place. This is because it's just as easy to infect computers, can remain undetected for potentially long periods of time and can pay out directly in cryptocurrency.
The Iranian government has taken a hard line against cryptocurrency though, while simultaneously preparing for its own digital currency. It's unlikely that it would be interested in picking up the relatively meagre, by government standards, profits to be found in cryptocurrency-related malware.
But it does make sense that more Iranian citizens would start turning to cryptojacking and ransomware in the face of turbulent economic times, especially right now. In July, the Iranian rial was in a "death spiral," and the current state of international relations might suggest a problem that's going to get worse before it gets better.
Cryptocurrency became common in Venezuela for the same reason, and it's likely that forward-looking Iranians expect to get the same benefits from cryptocurrency. Digital currencies have always been most popular in the countries with the least faith in local government, and Iran might be joining its numbers.
Given the state of things, it's quite expected that cryptocurrency malware would be on the rise in Iran as people turn to new ways to make ends meet.
Dumping the blame on the Iranian government might be a great way of making a buck by tapping the zeitgeist, and a fantastic way of conveniently ignoring the role US foreign policy played in the shift. But it's probably a poor way of understanding what's actually happening.
If nothing else, it's a clear use case for mineable cryptocurrencies.
Disclosure: At the time of writing, the author holds ETH, IOTA, ICX, VET, XLM, BTC and ADA.