The US Treasury Department has announced the first sanctions against the cryptocurrency exchange, Suex, which is linked to Russia, to facilitate ransom transactions for ransomware gangs and help them avoid sanctions.
Suex is registered in the Czech Republic but has no physical presence there. Instead, it operates outside of Moscow and St. Petersburg branches and in other locations in Russia and the Middle East, according to Chainalysis.
"SUEX facilitated transactions involving illegal revenue from at least eight ransomware variants. "The analysis of known SUEX transactions shows that more than 40% of the known SUEX transaction history is related to illegal agents", the Ministry of Finance stated today.
"This is the first sanction against a fictitious currency exchange and was carried out with the help of the Federal Bureau of Investigation."
The move is designed to disrupt the main channel used by ransomware companies to collect ransoms from their victims, which, the Treasury Department added, amounted to more than $ 400 million last year.
By imposing sanctions on crypto exchanges that provide material support to ransomware groups, the US hopes to disrupt its operations.
The Office of External Assets Control (OFAC) also issued a tip today, highlighting the "risks of ransomware-related penalties for malicious cyber activities".
As Chainalysis revealed today, Suex has received more than $ 2018 million in Bitcoin since its inception in February 481, including funds received by cybercriminals:
- Nearly $ 13 million from ransomware operators including Ryuk, Conti, Maze and several others
- More than $ 24 million from cryptocurrency operators, including the fraudsters behind Finiko, a fraud that stole more than $ 1 billion worth of cryptocurrencies from victims mainly in Russia and Ukraine
- More than $ 20 million from darknet purchases, mainly from the Russia-based Hydra Market
Part of a larger effort to shut down ransomware
The Biden government is expected to impose sanctions this week on cryptocurrency exchanges, wallets and traders used by ransomware groups, the Wall Street Journal reported on Friday.
These are not the first sanctions imposed by American government to entities or threatening entities associated with ransomware gangs.
In 2019, the USA accused members of Evil Corp of stealing more than $ 100 million and added to the Office of Foreign Assets Control (OFAC) sanctions list.
Over the years, Evil Corp has been associated with many ransomware families, including WastedLocker, Hades, Phoenix CryptoLocker and PayLoadBin.
In October, the Treasury Department also warned that ransomware traders could face civil penalties for facilitating ransom payments to ransomware gangs on the sanctions list.
Source of information: bleepingcomputer.com