U.S. Treasury designates Chatex crypto exchange connected to SUEX, sets up award for tips on cybercriminals

U.S. Treasury has designated virtual asset exchange Chatex connected to SUEX, complicit in facilitating transactions for ransomware perpetrators.

Continuing its campaign against malicious cyber activities and ransomware attacks that intensified during the COVID-19 pandemic, Treasury today has sanctioned a virtual asset exchange complicit in laundering the proceeds of cybercriminal activities.

 

Deputy Secretary of the Treasury Wally Adeyemo said “Ransomware groups and criminal organizations have targeted American businesses and public institutions, seeking to undermine the backbone of our economy” and declared combating “future threats to the economy of the United States” in the form of ransomware groups to be a “top priority” for the Biden Administration.

 

Chatex, a virtual currency exchange and its support network is designated for facilitating financial transactions for criminals in a coordinated action by U.S. government organs and international partners.

 

More than half of Chatex’s transactions is found to be linked to darknet activities, high risk exchanges and ransomware variants and the exchange has been designated pursuant to the EO 13694 for providing support to SUEX. SUEX OTC, S.R.O. (Suex), was sanctioned on September 21, 2021, for routing transactions for ransomware actors.

 

Latvia’s State Revenue Service and the Latvian government have suspended with immediate effect the activities of Chatextech and imposed a penalty for the violations of company registration and regulations. Current and former board members of the crime facilitating company are included in the list of high-risk individuals. Estonian FIU has also cancelled the license of Izibits OU following cooperation with the U.S.

 

 

Designations of Ransomware operators

 

Pursuant to the rewards offered, OFAC has designated Yaroslav Vasinskyi of Ukrainian origin and Yevgeniy Polyanin of Russian origin for their involvement in Sodinokibi/REvil ransomware attacks against U.S. government entities and private sector companies. Vasinskyi is responsible for attacks against at least nine U.S. enterprises.

 

The perpetrators are stated to have received more than $200M in ransom payments paid in cryptocurrencies. The Office has also designated a company owned by Polyanin.

 

Rewards for Information leading to the organized crime group Sodinokibi/REvil

 

The Department of State also announced a Transnational Organized Crime Reward that offers up to $10M for tips leading to the ID or the location of the leaders of Sodinokibi/REvil ransomware organized crime group; and up to $5M award for information leading to the arrest of any individual complicit in the Sodinokibi variant ransomware attacks.