2026-06-24 –, Track 1
Modern sanctions evasion has moved beyond traditional shell companies and into a parallel digital economy. This session presents a forensic deconstruction of a multi-billion dollar state-sponsored laundering infrastructure that successfully bypassed Western oversight for over a decade. This network represents "Laundering 2.0"—a sophisticated architecture of synthetic identities and automated shadow-banking nodes.
Based on an intensive multi-year investigation into one of the world's largest evasion networks, this talk moves beyond the headlines to reveal the specific OSINT "pivots" used to link phantom Western corporate entities to state-sponsored actors. We will analyze the technical failures in corporate registries that allow these "Identity Exploits" to persist.
Attendees will learn:
The "CEO Cat" Methodology: A forensic walkthrough of moving from a single stock-footage identity to unmasking a multi-billion dollar node using metadata analysis and digital "tells."
Identity Spoofing & Registry Exploitation: Technical signatures for detecting forged documentation and "synthetic" directors used to bypass KYC verification in high-value corporate registries.
Infrastructure Evolution: An analysis of how state-sponsored evasion has "patched" its vulnerabilities, moving toward decentralized digital identities and the exploitation of systemic gaps in global corporate infrastructure.
I. The 2.0 Threat Architecture (3 mins)
The "Laundering 1.0" Baseline: A rapid retrospective of legacy evasion methodologies (physical gold transfers, kinetic Hawala networks) and how Western financial intelligence (FININT) made these methods obsolete.
The Digital Upgrade: Defining the adversary's pivot toward digital obfuscation: large-scale identity spoofing, the weaponization of golden passports, automated shadow banking, and the exploitation of Western corporate registry loopholes.
II. Case Study: Deconstructing the Zanjani Infrastructure (7 mins)
State-Backed Infrastructure Spoofing: How the network engineered a parallel synthetic economy by standing up "phantom" entities designed to mimic legitimate financial nodes.
The "CEO Cat" OPSEC Failure: A high-speed forensic deep-dive into the critical vulnerability that unraveled the network. I will demonstrate how our team exploited a single operational security (OPSEC) failure—leveraging social media metadata and a stock-footage "CEO"—to pivot into a multi-billion dollar illicit node.
III. The "Identity Exploit" & Live Network Pivot (8 mins)
KYC Circumvention & Heuristics: A technical analysis of how the adversary utilizes golden passports and sophisticated forgeries to systematically bypass Know Your Customer (KYC) controls within the UK Companies House. I will highlight the specific registry "Red Flags" and behavioral fingerprints of state-sponsored phantom firms hiding in plain sight.
Live Correlation Engine: A rapid, unscripted demonstration of an advanced OSINT pivot. I will show the audience how to transition from a single anomalous corporate filing to mapping out a vast illicit network in real-time, synthesizing highly fragmented digital footprints.
IV. Conclusion: The Attribution Gap (2 mins)
Closing the Loop: Why the systemic failure to verify digital identity against physical reality remains the ultimate vulnerability in global security, and how OSINT bridges this intelligence gap.
Mahtab Divsalar is a Senior Investigative Journalist and OSINT Researcher specializing in the intersection of state-sponsored illicit finance, sanctions evasion, and adversarial corporate infrastructure. With over two decades of experience analyzing Iranian geopolitics and closed-regime dynamics, she bridges the gap between high-stakes investigative reporting and technical threat research.
Her recent high-impact collaborative investigations, including Dubai Unlocked and Dominica: Passports of the Caribbean, exposed how sanctioned threat actors weaponize global real estate, offshore registries, and "Golden Passports" to successfully bypass Western compliance.
Beginning her career in Tehran in the 1990s, Mahtab relocated to the U.S. in 2003 to operate free from state surveillance and political constraints. Over the course of her career, she has driven complex investigations and held senior editorial roles across major international platforms, including OCCRP, Voice of America, and Radio Free Europe/Radio Liberty.