Author: Syedur Rahman
21 September 2021
2 min read
For the first time, the US has sanctioned a crypto exchange over its alleged role in enabling illegal cryptocurrency transactions involving ransomware attackers.
The sanctions against Suex OTC, S.R.O. (Suex) come as part of a broader crackdown in the ongoing fight against ransomware attacks. Ransomware attacks are a type of cyber-attack in which hackers seize a user’s systems or data and block access to it. This is only ended when a ransom is paid, typically via a cryptocurrency, such as bitcoin.
The US Treasury Department has added Suex to its list of specially designated nationals (SDNs), along with 25 Suex cryptocurrency addresses. The sanctions have the effect of blocking US citizens and companies from doing business with the group. The Treasury’s Office of Foreign Asset Control (OFAC) is the division in charge of the SDN list. Conducting transactions with entities or individuals on OFAC’s sanctioned SDN list can lead to penalties that include fines and even prison.
Suex is a cryptocurrency over the counter (OTC) broker registered in the Czech Republic, although it operates out of Russia. At its branches, Suex converts cryptocurrency into cash and can facilitate the exchange of cryptocurrency for physical assets such as, for example, cars.
While most cryptocurrency activity is legal, technologies that facilitate cryptocurrency payments - such as exchanges -, can be exploited by cybercriminals. The US Treasury Department said that Suex helped facilitate illegal activity “for their own illicit gains.” It asserts that Suex has facilitated transactions from at least eight ransomware attacks and that around 40% of Suex’s transaction volume is linked to addresses associated with cybercrime.
The US Treasury Department has not identified any specific attacks that Suex has facilitated. However, according to Chainalysis, Suex has received over $160 million in bitcoin from illicit and high-risk sources since 2018.
In particular, it has received:
The US Treasury Department’s action is likely to be seen by many as a welcome move in the fight against cryptocurrency-based money laundering. It signals the intention of the US government to uncover and disrupt the illicit infrastructure that exchanges can provide for cybercriminals looking to conduct ransomware attacks. Sanctioned exchanges will no longer be the safe haven they once were for bad actors wishing to store or convert into cash their ill-gotten cryptocurrencies. As a result, the laundering of such proceeds will become a much more difficult process.
This sanctioning of Suex is likely to be just the first in a series of actions against crypto entities involved in illicit activity. This latest push has made it clear that the Biden administration is taking a more hands-on approach regarding control of the cryptocurrency industry.
Syedur Rahman is known for his in-depth experience of serious fraud, white-collar crime and serious crime cases, as well as his expertise in worldwide asset tracing and recovery, civil recovery, cryptocurrency and high-stakes commercial disputes.