The US Treasury made one of its most significant interventions against a digital assets trade group to date when it imposed sanctions on a crypto exchange. It claimed that the exchange had enabled ransomware hackers to launder payments they had extorted from victims. The Office of Foreign Assets Control of the US Treasury worked together with the FBI and announced the sanctions imposed on an exchange named SUEX. It said that the exchange had deliberately facilitated illicit activities for its own gains. As per the sanctions, US citizens and companies cannot conduct transactions on the exchange and they also includes penalties and fines.
This move is another step in the government’s fight against a horde of ransomware attacks, where a company’s systems or data are compromised by the hackers and only released when they receive a ransom. Cybersecurity experts have been calling for tougher barriers to prevent cybercriminals from receiving ransom payments and then laundering them. This has become easier for them through the use of cryptocurrencies, which are often difficult to trace. As per the US Treasury, nearly 40% of the transactions on the SUEX exchange are connected to illicit actors. It added that the company had facilitated money laundering from almost eight ransomware variants.
The website of the SUEX exchange states that they were founded in Prague in the Czech Republic. As for its LinkedIn page, it claims to be catering to thousands of people in Russia, Asia, Europe and North and South America. According to TRM Labs, the exchange operates as a ‘nesting’ exchange, which means that rather than holding its clients’ crypto funds directly, it simply provides a custom-made interface while it takes advantages of the services of a bigger exchange.
TRM Labs, which is a crypto intelligence group, said that the exchange seems to deal with transactions of $10,000 or more. Plus, it uses a system of referrals for accepting new customers from trusted intermediaries. A Russian national is the exchange’s largest shareholder. A message sent to the email address provided by the SUEX exchange on its website bounced back. Ofac stated that it would continue to impose sanctions on such actors who sponsor, assist or provide material, financial or technological support for such activities. This statement is a warning to other crypto exchanges that have not strengthened their know-your-customer and anti-money laundering capabilities.
There has been an increase in ransomware attacks, as a shift towards remote working due to the pandemic has left businesses more vulnerable to cybercriminals. Earlier this year, the trend was highlighted by a number of disruptive and audacious attacks.
On Tuesday, the Treasury had also updated its ransomware advisory and recommended that victims inform law enforcement and other agencies about breaches, especially if they are compelled to pay the ransom. If they are found to breaking sanctions later, it would provide extra leverage. The Treasury said that another important factor was whether a company would be willing to share information with law enforcement. They will update the guidance to mention explicitly that paying ransoms is discouraged.