On Tuesday, the US Treasury Department’s Office of Foreign Assets Control (OFAC) added Over-The-Counter (OTC) broker Suex to its list of Specially Designated Nationals in an advisory update meaning that its “assets are blocked and U.S. persons are generally prohibited from dealing with them.” In the update, the government agency listed Suex broker offices in Prague and Moscow, the broker’s website, and a total of twenty-five crypto addresses for Bitcoin (BTC), Tether (USDT), and Ethereum (ETH).
This follows a spree of ransomware attacks on United States companies for which the government has largely blamed hackers from Russia, claiming that they are the ones behind the attacks.
The government agency imposed sanctions on OTC broker Suex for allegedly enabling hackers to access crypto payments sent to them as payment for ransomware attacks. The Suex OTC broker is based in Russia and the Czech Republic.
At the same time, the government agency also intends to impose additional sanctions on financial institutions, companies, and cyber insurance firms involved in activities that facilitate payments sent to ransomware attackers.
In its statement, the federal agency said, “Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations,” and that “the U.S. government strongly discourages all private companies and citizens from paying ransom or extortion demands and recommends focusing on strengthening defensive and resilience measures to prevent and protect against ransomware attacks.”
Wally Adeyemo, Deputy Secretary of the Treasury, also told Reuters that ransomware attackers can access crypto funds through exchanges like Suex, saying that the sanctions were aimed at disrupting the illicit infrastructure used during the ransomware attacks.
In another report, blockchain analytics firm Chainalysis indicated that it had been probing Suex’s involvement in money laundering activities and found out that most of its funds came from “illicit and high-risk sources.”
The investigation found out that cryptocurrency payments to Suex worth tens of millions came from addresses associated with cybercrimes.
“In Bitcoin alone, Suex’s deposit addresses hosted at large exchanges have received over $160 million from ransomware actors, scammers, and darknet market operators,” said Chainalysis, “$13 million from ransomware operators … $24 million from cryptocurrency scam operators … $20 million from darknet markets … $50 million worth of cryptocurrency from addresses associated with BTC-e.”
Rampant Ransomware Attacks On US Companies
Joe Biden’s administration has had to deal with a spree of ransomware attacks on US companies.
The first major attack was the attack on the Colonial Pipeline Company in May where hackers demanded close to $5 million in ransom.
It was then followed by an attack on JBS, a US-based food packing firm, where hackers demanded $11 million.Following the ransomware attacks, US officials have turned their focus to cryptocurrencies, which are frequently used as the medium of exchange in these ransom payments. Jake Sullivan, who is Biden’s national security advisor, said that cryptocurrencies lie at the center of the payment transaction in these ransom attacks and also cited cyberattacks as a national security priority.