Security Experts:

US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown

The U.S. government’s aggressive anti-ransomware crackdown is showing no signs of slowing down with the Treasury Department announcing sanctions against a cryptocurrency exchange and new multi-million-dollar rewards for information on the REvil ransomware group.

On the heels of a law enforcement hack-back operation and a $10 million bounty in the hunt for the DarkSide data extortion gang, the U.S. Treasury slapped sanctions against Chatex, a company that describes itself as “a full-fledged cryptobank” for Telegram.

The Treasury Department also sanctioned three additional companies --  IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd. -- for providing technology and support to Chatex.

“Chatex, which claims to have a presence in multiple countries, has facilitated transactions for multiple ransomware variants. Analysis of Chatex’s known transactions indicate that over half are directly traced to illicit or high-risk activities such as darknet markets, high-risk exchanges, and ransomware,” the department said in a statement announcing the sanction.

The U.S. government said Chatex has direct ties with SUEX OTC, S.R.O. (Suex), using Suex’s function as a nested exchange to conduct transactions. Suex was sanctioned earlier this year for facilitating financial transactions for ransomware actors. 

[ READ: US Offers $10 Million Bounty in Hunt for DarkSide Ransomware Operators ]

Separately, the U.S. State Department announced another $10 million reward for information on the identity of leaders of the Sodinokibi/REvil gang, describing the ransomware hackers as an organized crime group. 

An additional $5 million bounty is also being offered for information on “any individual conspiring to participate in or attempting to participate in a Sodinokibi variant ransomware incident.”

The crackdown comes as ransomware incidents have disrupted critical services and businesses globally, as well as schools, government offices, hospitals and emergency services, transportation, energy, and food companies. 

Data extortion ransomware payments in the United States so far have reached $590 million in the first half of 2021, compared to a total of $416 million in 2020, the government said. “The perpetrators behind these ransomware incidents seek to harm the United States and extort the American people and our allies. Those who provide financial services to, or facilitate money laundering for, ransomware actors enable this illegal activity,” the Treasury Department said.

Related: REvil Ransomware Gang Hit by Law Enforcement Hack-Back Operation

Related: NSA's Rob Joyce Explains 'Sand and Friction' Security Strategy

Related: US Offers $10 Million Bounty in Hunt for DarkSide Ransomware Operators

view counter
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. Ryan is a veteran cybersecurity strategist who has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and Kaspersky GReAT. He is a co-founder of Threatpost and the global SAS conference series. Ryan's past career as a security journalist included bylines at major technology publications including Ziff Davis eWEEK, CBS Interactive's ZDNet, PCMag and PC World. Ryan is a director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world. Follow Ryan on Twitter @ryanaraine.