Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown

The U.S. government’s aggressive anti-ransomware crackdown is showing no signs of slowing down with the Treasury Department announcing sanctions against a cryptocurrency exchange and new multi-million-dollar rewards for information on the REvil ransomware group.

The U.S. government’s aggressive anti-ransomware crackdown is showing no signs of slowing down with the Treasury Department announcing sanctions against a cryptocurrency exchange and new multi-million-dollar rewards for information on the REvil ransomware group.

On the heels of a law enforcement hack-back operation and a $10 million bounty in the hunt for the DarkSide data extortion gang, the U.S. Treasury slapped sanctions against Chatex, a company that describes itself as “a full-fledged cryptobank” for Telegram.

The Treasury Department also sanctioned three additional companies —  IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd. — for providing technology and support to Chatex.

“Chatex, which claims to have a presence in multiple countries, has facilitated transactions for multiple ransomware variants. Analysis of Chatex’s known transactions indicate that over half are directly traced to illicit or high-risk activities such as darknet markets, high-risk exchanges, and ransomware,” the department said in a statement announcing the sanction.

The U.S. government said Chatex has direct ties with SUEX OTC, S.R.O. (Suex), using Suex’s function as a nested exchange to conduct transactions. Suex was sanctioned earlier this year for facilitating financial transactions for ransomware actors. 

[ READ: US Offers $10 Million Bounty in Hunt for DarkSide Ransomware Operators ]

Separately, the U.S. State Department announced another $10 million reward for information on the identity of leaders of the Sodinokibi/REvil gang, describing the ransomware hackers as an organized crime group. 

An additional $5 million bounty is also being offered for information on “any individual conspiring to participate in or attempting to participate in a Sodinokibi variant ransomware incident.”

Advertisement. Scroll to continue reading.

The crackdown comes as ransomware incidents have disrupted critical services and businesses globally, as well as schools, government offices, hospitals and emergency services, transportation, energy, and food companies. 

Data extortion ransomware payments in the United States so far have reached $590 million in the first half of 2021, compared to a total of $416 million in 2020, the government said. “The perpetrators behind these ransomware incidents seek to harm the United States and extort the American people and our allies. Those who provide financial services to, or facilitate money laundering for, ransomware actors enable this illegal activity,” the Treasury Department said.

Related: REvil Ransomware Gang Hit by Law Enforcement Hack-Back Operation

Related: NSA’s Rob Joyce Explains ‘Sand and Friction’ Security Strategy

Related: US Offers $10 Million Bounty in Hunt for DarkSide Ransomware Operators

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...