When you hear about OFAC sanctions and Iranian cryptocurrency, it’s not just about politics or policy-it’s about real people trying to move money, and real exchanges trying to stay out of trouble. Since 2015, the U.S. Treasury’s Office of Foreign Assets Control has been quietly but aggressively reshaping how Iranians interact with global crypto markets. And the changes aren’t subtle. They’re written into blockchain addresses, enforced by exchange shutdowns, and echoed in multi-million-dollar settlements.
How OFAC Targets Iranian Crypto Transactions
OFAC didn’t start by banning Iranian users outright. Instead, it went after the infrastructure. In 2018, it made history by publishing the first-ever cryptocurrency wallet addresses tied to sanctioned individuals. These weren’t random guesses-they were exact, traceable addresses used by Iranian facilitators to convert ransomware payments from SamSam into Iranian rials. The move sent shockwaves through the crypto world. Suddenly, every exchange had to check not just IP addresses or IDs, but blockchain history.Before that, many platforms assumed crypto was anonymous. But Bitcoin, Ethereum, and Tron don’t lie. Every transaction is public. OFAC realized that if you could track where money came from and where it went, you could freeze it-even if the user hid behind a VPN or fake ID.
By September 2025, this approach had scaled dramatically. OFAC targeted a $600 million shadow banking network linked to Iran’s military. This wasn’t just a few wallets. It was a full ecosystem: front companies in Hong Kong, trading hubs in Dubai, and tech firms in Shenzhen supplying military equipment under fake labels. The money flowed through crypto. And OFAC mapped it all.
Wallets That Got Frozen
OFAC doesn’t just name people anymore. It names addresses.In the September 2025 action against Arash Estaki Alivand, five specific digital wallets were listed:
- Ethereum: 0xe3d35f68383732649669aa990832e017340dbca5
- Ethereum: 0x532b77b33a040587e9fd1800088225f99b8b0e8a
- Tron: TYDUutYN4YLKUPeT7TG27Yyqw6kNVLq9QZ
- Tron: TRakpsE1mZjCUMNPyozR4BW2ZtJsF7ZWFN
- Tron: TQ5H49Wz3K57zNHmuXVp6uLzFwitxviABs
These aren’t just random strings. They’re permanent blackmarks on the blockchain. Any exchange that sees a transaction going to or from one of these addresses is legally required to freeze it. That means if an Iranian user tries to send ETH to a friend-and that friend’s wallet was ever used by a sanctioned person-even a tiny amount gets blocked.
This system works because blockchain is immutable. Once an address is listed, it stays listed. And exchanges don’t take chances. They screen every incoming and outgoing transaction against OFAC’s public list. It’s not optional. It’s survival.
How Exchanges Got Hit
ShapeShift AG learned this the hard way. In 2025, they paid $750,000 to settle charges that they allowed users from Iran, Cuba, Sudan, and Syria to trade over $12.5 million in crypto between 2019 and 2021. ShapeShift wasn’t trying to break the law. But they didn’t have robust screening tools. They assumed users were who they said they were. That assumption cost them.The lesson? If you run a crypto exchange and you’re based anywhere near U.S. jurisdiction-or even just serve U.S. customers-you can’t afford to ignore sanctions. It doesn’t matter if you’re in Estonia, Singapore, or the Philippines. If your platform can be accessed from Iran, and you don’t block it, you’re at risk.
ShapeShift shut down in 2021. But the damage was done. The case set a precedent: exchanges must implement real-time wallet screening, not just KYC forms. They must monitor transaction patterns. They must update their lists daily.
The Rise of Shadow Exchanges
When Garantex was shut down in March 2025, its operators didn’t vanish. They built Grinex.Grinex didn’t just copy Garantex’s interface. It copied its entire business model-with one key difference: it openly advertised that it was created to replace Garantex after U.S. sanctions froze its assets. Its marketing materials said it clearly: “We’re here because they shut us down.”
Grinex didn’t stop there. To help users regain access to their frozen funds, it introduced A7A5-a digital token backed by Russian rubles and issued by a company in Kyrgyzstan. Iranian users could deposit crypto into Grinex, convert it to A7A5, then withdraw it as something else. The whole system was designed to bypass OFAC’s address lists.
And it worked-for a while. Grinex processed billions in transactions before it, too, got sanctioned. But this pattern is now common. When one exchange dies, another rises in its place. And each one gets smarter about hiding its trail.
What Iranian Users Do Now
Iranians aren’t locked out of crypto. They’ve just been pushed underground.Most major exchanges-Coinbase, Binance, Kraken-geo-block Iranian IP addresses and refuse service. So users turn to:
- Peer-to-peer (P2P) platforms like LocalBitcoins or Paxful, where buyers and sellers negotiate directly
- Decentralized exchanges (DEXs) like Uniswap or PancakeSwap, which don’t require sign-up
- Privacy coins like Monero and Zcash, which obscure transaction details
- Over-the-counter (OTC) traders in Turkey, UAE, or Thailand who cash out in person
But there’s a cost. P2P trades often carry 10-20% premiums. DEXs have low liquidity for Iranian rial pairs. Privacy coins are harder to convert into usable cash. And OTC traders? Many are now under U.S. scrutiny.
For many Iranians, crypto isn’t about speculation. It’s about survival. It’s how they pay for medicine, send money to family abroad, or buy tools for small businesses when banks refuse to touch them.
The Bigger Picture: Enforcement vs. Adaptation
OFAC’s strategy is working-but not perfectly. They’ve blocked hundreds of millions in transactions. They’ve shut down major platforms. They’ve forced exchanges to upgrade their compliance systems.But they haven’t stopped the flow. Iranian actors have adapted. They now use:
- Multi-layered wallet chains-moving funds through 5-10 addresses before cashing out
- Layer-2 networks and bridges to avoid detection
- Stablecoins like USDT to bypass volatile crypto prices
- Shell companies registered in non-cooperative jurisdictions
Blockchain analytics firms like Chainalysis and Elliptic now work closely with OFAC. They use AI to detect patterns: sudden spikes in small transfers, repeated use of certain wallet clusters, or transactions that match known evasion routes. These tools are becoming the new frontline of sanctions enforcement.
Meanwhile, privacy-focused blockchains like Monero and Zcash are gaining traction-not because they’re better, but because they’re harder to trace. That’s a growing problem. If the next wave of evasion uses privacy tech, OFAC’s public-address model could lose its edge.
What This Means for the Future
The game has changed. It’s no longer about whether Iran can access crypto. It’s about how they access it-and at what cost.For Iranian users: access is possible, but harder, slower, and more expensive. For exchanges: compliance isn’t optional anymore. For regulators: they’re winning battles but not the war. For blockchain: transparency is both its strength and its vulnerability.
One thing is clear: as long as Iran is sanctioned, crypto will remain a lifeline. And as long as crypto remains open, someone will find a way to use it.