The US Treasury Department Tuesday sanctioned SUEX OTC sro, a virtual bureau de change registered in the Czech Republic but mainly operating in Russia, for its role in facilitating financial transactions for ransomware players.
The designation of SUEX is the first by the United States against a virtual currency exchange, the Treasury said. Although most virtual currency transactions are legitimate, they can be used for illicit activities; some exchanges are exploited by malicious actors, but others, like SUEX, facilitate the activity for their benefit, according to the Treasury. More than 40 percent of SUEX’s known transaction history was associated with illicit actors, according to the Treasury. In addition to the designation, the Treasury also identified the digital currency addresses of SUEX.
“The Treasury will continue to use its powers against malicious cyber actors in concert with other US departments and agencies, as well as with our overseas partners, to disrupt the financial nodes linked to ransomware payments and cyber attacks,” he said. declared the department.
Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercrime activities; SUEX itself facilitated transactions involving illicit products of at least eight ransomware variants, the Treasury said.
Ransomware is a form of software designed to lock down a user’s data in which a malicious actor then demands payment for its publication. In 2020, ransomware payments have reached over $ 400 million, more than four times the amount a year ago, the Treasury said, acknowledging that the US government estimates that figure “is only a fraction. economic damage caused by cyber attacks ”. Also on Tuesday, the Treasury released an updated notice on the potential risks of sanctions to facilitate ransomware payments.
SUEX allows users to buy cryptocurrency with a credit card, and it takes about 30 minutes to complete an order, according to its website. There is a maximum limit of $ 200 in virtual currency for a user’s first transaction, but the cap increases the longer a user stays on SUEX and becomes unlimited after a month, the website says.
Egor Petukhovsky, co-founder of SUEX, owns a 40 percent stake in the company and is its largest shareholder, according to company records. Petukhovsky describes himself as a financial technology entrepreneur and has founded several companies since graduating from the Moscow Energy Engineering Institute, according to a resume posted online and reviewed by Kharon. His most recent company is a cryptobank that allows cryptocurrency transfers through the Telegram app.
Since launching in 2018, SUEX has moved hundreds of millions of dollars worth of cryptocurrency, mostly bitcoin, ether and tether, according to analysis published Tuesday by Chainanalyse, a blockchain data firm that said its tools were used by the U.S. government to investigate the exchange. SUEX has received tens of millions of cryptocurrency payments from addresses associated with several forms of cybercrime, Chainalysis discovered.
The exchange has received nearly $ 13 million from ransomware operators, over $ 24 million from cryptocurrency scam operators and over $ 20 million from darknet markets, according to Chainalysis. It also received more than $ 50 million in cryptocurrency from addresses associated with the now-closed illicit BTC-e cryptocurrency exchange well after its closure, Chainanalysis said.
Operating as a “nested” exchange, SUEX used digital currency addresses hosted by larger exchanges to tap into a larger pool of liquidity and trading pairs, according to Chainalysis.
Nested exchanges can present clients with a bespoke interface while taking advantage of the access provided by larger partners, which has enabled SUEX to convert illicit client funds into physical cash “on an alarming scale,” said TRM Labs Inc., a blockchain analytics company.
“SUEX has filled a critical niche in the ecosystem of under-regulated exchanges that, either through willful ignorance or through willful cooperation, facilitate the conversion of illicit crypto ransoms into real-world currency,” TRM Labs said. “Major exchanges are now informed that high-risk nested services like SUEX are in the government’s sights.”