OFAC Sanctions List: Crypto Addresses and Sanctioned Entities

When the U.S. government targets a crypto wallet, it doesn’t just freeze a bank account-it freezes a digital trail that spans blockchains, exchanges, and anonymous networks. As of 2025, the OFAC sanctions list includes over 1,200 cryptocurrency wallet addresses linked to terrorists, hackers, state-sponsored actors, and money launderers. This isn’t theoretical. Real wallets with real funds are being frozen. Real people are being indicted. And exchanges that miss a single address risk fines in the hundreds of millions.

What the OFAC Sanctions List Actually Covers

The Office of Foreign Assets Control (OFAC), part of the U.S. Treasury, doesn’t just target banks or shell companies anymore. It now tracks individual Bitcoin, Ethereum, and Tether wallets. If a wallet is on the Specially Designated Nationals (SDN) list, any U.S.-based exchange or financial service that interacts with it is breaking the law. That means deposits, withdrawals, swaps-all blocked. Even sending a dollar to a sanctioned address can trigger legal consequences.

The list includes more than just Bitcoin. OFAC now monitors 17 different cryptocurrencies, including:

• Bitcoin (XBT)
• Ethereum (ETH)
• Monero (XMR)
• Litecoin (LTC)
• ZCash (ZEC)
• DASH
• Bitcoin Gold (BTG)
• Ethereum Classic (ETC)
• Bitcoin Satoshi Vision (BSV)
• Bitcoin Cash (BCH)
• Verge (XVG)
• USD Coin (USDC)
• USD Tether (USDT)
• Ripple (XRP)
• Tron (TRX)
• Arbitrum (ARB)
• Binance Smart Chain (BSC)

Stablecoins like USDT and USDC are especially targeted because they’re used to move value across borders without the price swings of Bitcoin or Ethereum. In March 2025, Tether froze $450 million tied to Iranian sanctions violations. That’s not a glitch-it’s policy.

How OFAC Tracks Crypto Addresses

Unlike traditional banking, where you freeze a name or account number, crypto sanctions require tracking specific wallet addresses across dozens of blockchains. OFAC doesn’t guess. It uses blockchain analysis firms like Chainalysis, Elliptic, and Scorechain to trace transactions from one wallet to another.

In May 2025, OFAC launched Blacklist v2.0, which added real-time alerts and support for Layer 2 networks like Polygon and Arbitrum. Why? Because criminals moved there to avoid detection. Now, OFAC monitors those too.

The data is published in XML format through a file called sdn_advanced.xml. Compliance teams at exchanges download this file and plug it into their systems. The best platforms update within 15 minutes of a new listing. That’s the new industry standard. Miss that window? You’re non-compliant.

Real Cases: Who’s on the List and Why

The OFAC list isn’t full of random addresses. It’s packed with known bad actors.

In September 2025, Iranian nationals Alireza Derakhshan and Arash Estaki Alivand were added to the list after moving over $600 million through Ethereum and Tron wallets. These weren’t random users-they were running a network that laundered proceeds from Iranian oil sales. Their wallets received funds from exchanges in Turkey and the UAE, then sent them to mixers and DeFi protocols to obscure the trail.

Another case: SECONDEYE SOLUTION, linked to the Internet Research Agency LLC (the Russian troll farm behind U.S. election interference), had multiple Bitcoin addresses sanctioned. One was 1NE2NiGhhbkFPSEyNWwj7hKGhGDedBtSrQ. Another: 19D8PHBjZH29uS1uPZ4m3sVyqqfF8UFG9o. These addresses received payments from fake ad campaigns and were used to fund further operations.

Then there’s Garantex. This exchange was shut down in March 2025 after U.S., German, and Finnish authorities seized over $26 million in crypto. Its executives were indicted. The company tried to rebrand as Grinex-but OFAC added the new entity to the list within 48 hours. No escape.

And in Q1 2025, the Lazarus Group-a North Korean hacking team-stole $200 million in crypto and funneled it through DeFi protocols like Thorchain and Curve. OFAC sanctioned the smart contracts involved. That’s new. You’re not just sanctioning wallets anymore-you’re sanctioning code.

What Happens When You Interact With a Sanctioned Address

If you’re an exchange, wallet provider, or even a DeFi app, you’re legally required to screen every transaction against the OFAC list. If you send ETH to a sanctioned address-even accidentally-you could be fined. The U.S. government doesn’t care if you didn’t know. Ignorance isn’t a defense.

In 2025, the Department of State started offering up to $5 million for tips leading to the arrest of sanctioned crypto operators. That’s a massive incentive for insiders to report suspicious activity.

For regular users, it’s less obvious. If you receive funds from a sanctioned wallet-even if you didn’t ask for it-your account could be frozen. You’ll get a notice. You’ll need to prove the money wasn’t yours. That process can take months. And if you can’t? The funds are gone.

How Exchanges and Businesses Stay Compliant

There’s no manual way to keep up. You need software.

Leading exchanges use automated screening tools that:

• Check every incoming and outgoing transaction against the SDN list in real time
• Scan across multiple blockchains simultaneously
• Flag mixers, tumblers, and privacy coins like Monero
• Alert compliance teams when a high-risk address is detected

It takes 3 to 6 months for a new exchange to build this system from scratch. That’s why many startups buy compliance software from companies like ComplyAdvantage or Chainalysis instead of building it themselves.

The cost? At least $50,000 a year for small platforms. Larger ones spend millions. But the alternative-fines, license revocation, or jail time-is far worse.

The New Frontier: Sanctioning AI and Smart Contracts

In February 2025, OFAC did something unprecedented: it sanctioned an AI-powered trading bot. This bot, used by a sanctioned entity, automatically moved $60 million through 12 different wallets over 11 days, switching between ETH, USDT, and BSC to avoid detection. The bot itself was added to the SDN list.

That’s a turning point. Now, it’s not just people who are sanctioned-it’s algorithms.

And it doesn’t stop there. Proposed regulations from May 2025 aim to hold smart contract developers legally responsible if their code is used for sanctions evasion. Imagine writing a DeFi protocol that lets users swap tokens anonymously-and later finding out it was used by a terrorist group. You could be charged.

This is why DeFi developers are now hiring compliance lawyers before launching their next token.

Why This Matters for Everyone

You might think, “I’m just a regular user. I don’t deal with sanctioned wallets.” But you do. Every time you buy crypto on Coinbase, Kraken, or Binance, your transaction is screened. Every time you send ETH to a friend, their wallet is checked. The system is invisible-but it’s everywhere.

If you use a privacy coin like Monero, you’re more likely to trigger a flag. If you use a mixer, you’re almost certainly flagged. If you trade on a non-U.S. exchange that doesn’t screen, you’re risking your funds being frozen if you ever move them to a U.S. platform.

The message from OFAC is clear: crypto isn’t anonymous. It’s traceable. And if you’re connected to a bad actor-even indirectly-you’re at risk.

What’s Next?

OFAC isn’t slowing down. Experts predict:

• More sanctions on privacy coins like Monero and ZCash
• Expanded targeting of cross-chain bridges used to move funds between blockchains
• Increased cooperation with the EU, UK, and Japan to create a global crypto sanctions network
• Real-time blockchain monitoring by U.S. agencies, not just after-the-fact screening

The goal isn’t to stop crypto. It’s to control it. To make sure only the right people can use it. And if you’re on the wrong side of that line? You won’t get a second chance.