The US Treasury Adds Russian Cryptocurrency Exchange to Sanctions List
The US Treasury has recently announced the addition of a Russian cryptocurrency exchange, SUEX, to its sanctions list. The firm, which is incorporated in the Czech Republic but reportedly operates out of Russia, has been accused of facilitating ransomware payments for numerous criminal groups. The Treasury estimated that 40% of SUEX’s transaction history is linked to illicit actors.
Questionable Transaction History
According to reports, SUEX has received over $160 million in Bitcoin from illegal and high-risk sources, including ransomware groups like Ryuk, Conti, and Maze, dark web sites such as Hydra Market, and cryptocurrency scammers. The Treasury’s designation means that all property and interests in property of SUEX that are subject to US jurisdiction are now blocked, and US persons are prohibited from engaging in transactions with the exchange.
Reminder of Risks
In a separate update, the Treasury’s Office of Foreign Assets Control (OFAC) emphasized the risks involved in paying ransomware groups. Victims who pay certain groups on sanctions lists, like Evil Corp, may face penalties from the government. The FBI recorded victim ransomware losses of $29 million last year, while organizations paid out $400 million in ransom payments alone.
Industry Response
Industry experts have welcomed the sanctions but believe that further actions are necessary to combat the ransomware threat effectively. Adam Flatley, director of threat intelligence, emphasized the need for a coordinated, intelligence-driven campaign against criminal organizations. Similarly, Sam Curry, chief security officer at Cybereason, highlighted the adaptability of ransomware cartels and the importance of ongoing efforts to combat them.
The announcement from the White House is a positive step in addressing the ransomware issue, but more actions will be needed to disrupt the ransomware economy effectively. With the first move made in sanctioning SUEX, the focus now shifts to the evolving tactics of ransomware groups and the need for continued vigilance in cybersecurity efforts.