US Officials Seize $6.1M in Crypto from Ransomware Attackers, Put Chatex on Sanctions List

The U.S. Treasury Department has announced that it will impose sanctions on cryptocurrency exchange Chatex and its support network for allegedly facilitating transactions for ransomware actors.

In a new advisory published on November 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) added Chatex, IZIBITS OU, Chatextech SIA and Hightrade Finance to its list of entities sanctioned by the U.S. government. The ministry alleges that Chatex has "direct ties" to Suex OTC, which is registered in the Czech Republic and operates in Russia, against which it sanctioned in September.

According to OFAC, Chatex helps facilitate transactions for ransomware gangs, and more than half of the exchange’s transactions “have been traced to illegal or high-risk activities such as darknet markets, high-risk transactions, and ransomware.” Listed on the exchange Before entering the sanctions list, the Latvian and Estonian authorities suspended Chatextech's business and revoked the license of IZIBITS OU, respectively.

"Unprincipled virtual currency exchanges like Chatex are critical to the profitability of ransomware campaigns, particularly through money laundering and cashing proceeds for criminals," the department said. Treasury will continue to use all available powers to disrupt malicious networks actors to stop the proceeds of illicit crime and more actions against the American people."

In the same statement, OFAC said Ukrainian citizen Yaroslav Vasinskyi and Russian citizen Yevgeniy Polyanin were involved in ransomware attacks targeting multiple U.S. government entities and many private sector entities. As part of the U.S. Treasury Department’s actions, U.S. residents are prohibited from transacting with Vasinskyi, Polyanin, Chatex, and all related entities, or they themselves may face enforcement action or sanctions.

The U.S. State Department has announced that it is offering a $10 million reward to find individuals who hold "key leadership positions" in the Sodinokibi (REvil) ransomware group. Additionally, it will offer a $5 million reward for the arrest or conviction of anyone attempting to launch a major ransomware attack.

At a news conference today, U.S. Attorney General Merrick Garland said the Justice Department indicted Vasinsky in August, accusing him of hacking into personal computers and conspiring to commit money laundering by demanding ransom payments for ransomware attacks. Polish authorities arrested Vasinsky in October and he is awaiting extradition to the United States, according to the attorney general. Additionally, a similar indictment was filed against Polyanin by the U.S. Department of Justice, which has seized $6.1 million in cryptocurrency from 3,000 Polyanin-led ransomware attacks.

"This is the second time in five months that we have announced the seizure of digital proceeds from ransomware deployed by a multinational criminal group," Garland said. "It won't be the last - the U.S. government continues to aggressively pursue the entire ransomware ecosystem and Improve our Nation's resilience to cyber threats."

Fighting ransomware attacks against critical U.S. infrastructure has been a major concern under President Joe Biden. After the Colonial Pipeline system was hacked in June, a U.S. government task force seized more than $2 million in cryptocurrency used to pay the ransom.

Cointelegraph Chinese is a blockchain news information platform, and the information provided only represents the author's personal opinion, has nothing to do with the position of the Cointelegraph Chinese platform, and does not constitute any investment and financial advice. Readers are requested to establish correct currency concepts and investment concepts, and earnestly raise risk awareness.