The US Treasury Department has imposed sanctions on Suex, a virtual currency exchange, that allegedly helped at least eight ransomware gangs launder virtual currency. The move is a part of a series of actions aimed at disrupting criminal networks and virtual currency exchanges responsible for laundering ransoms.
The Treasury Department said that over 40 percent of Suex known transactions is associated with illegal activity.
“This action is the first sanctions designation against a virtual currency exchange,” the Department said.
“Some virtual currency exchanges are exploited by malicious actors, but others, as is the case with SUEX, facilitate illicit activities for their own illicit gains. Treasury will continue to use its authorities against malicious cyber actors in concert with other U.S. departments and agencies, as well as our foreign partners, to disrupt financial nodes tied to ransomware payments and cyber-attacks.”
The Treasury also shared a list of the cryptocurrency accounts known to be operated by Suex for daily transactions.
While legally registered in the Czech Republic, Suex has no known physical presence there and operates out of branches in Moscow and St. Petersburg, Russia, where users can cash out their virtual currency, according to crypto transaction-tracking firm Chainalysis.
“Since opening its doors in 2018, Suex has moved hundreds of millions of dollars worth of cryptocurrency, mostly in Bitcoin, Ether, and Tether, much of which is from illicit and high-risk sources. In Bitcoin alone, Suex’s deposit addresses hosted at large exchanges have received over $160 million from ransomware actors, scammers, and darknet market operators,” said Chainalysis.
The company’s investigation also showed that Suex received over $50 million worth of Bitcoin sent from addresses hosted at illicit cryptocurrency exchange BTC-e from 2018 through 2021, well after BTC-e shutdown and the arrest of its owner.
“Suex is one of the biggest and most active of those services. Shutting them down would represent a significant blow to many of the biggest cyber threat actors operating today, including leading ransomware attackers, scammers, and darknet market operators,” the company said.