For the first time ever, U.S. authorities imposed sanctions against a virtual currency exchange for its role in facilitating financial transactions for ransomware actors, the Department of the Treasury’s Office of Foreign Assets Control (OFAC), said in a statement Tuesday.
“All property and interests in property of the designated target that are subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them,” read the statement.
OFAC claims that SUEX OTC enabled transactions involving at least eight ransomware variants’ illegal proceeds, and that a study revealed that illicit actors were involved in more than 40% of the company’s known transaction history.
While the majority of virtual currency transactions are legal, “peer-to-peer exchangers, mixers, and exchanges” can be used for illegal purposes, such as the “facilitation of sanctions evasion, ransomware schemes, and other cybercrimes,” according to the statement.
Malicious actors can use virtual currency exchanges in some situations, but in the case of SUEX, as OFAC stated, the corporation enabled illegal activity for its own gain.
OFAC warned that ransomware attacks are “increasing in scale, sophistication, and frequency, victimizing governments, individuals, and private companies around the world.”
“In 2020, ransomware payments reached over US$400 million, more than four times their level in 2019,” read the statement. It further stated that the U.S. government estimates that these payments constitute only a portion of the economic damage caused by cyber-attacks, emphasizing the goals of those who aim to weaponize technology for personal gain.
The Federal Bureau of Investigation (FBI) assisted OFAC in the case.
By Zdravko Ljubas, September 22, 2021, published on OCCRP