The United States Treasury Department stated today that the Chatex cryptocurrency exchange had been sanctioned for assisting ransomware groups in evading sanctions and conducting ransom transactions. In September, the Treasury sanctioned the Russian-connected Suex crypto exchange for assisting at least eight ransomware gangs, with over 40% of its known transactions tied to illegal actors.
According to the Treasury Department, more than half of Chatex’s known transactions can be linked to illegal or high-risk operations such as darknet marketplaces, high-risk exchanges, and ransomware.
As modified, executive Order (E.O.) 13694 has classified Chatex for providing material support to Suex and the danger presented by criminal ransomware perpetrators. By punishing Chatex, the US administration hopes to shut off the primary conduit used by ransomware operations to collect extortion payments from its victims, much as it did with Suex.
The Treasury has also selected IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd to help Chatex put up infrastructure and enable Chatex operations.
The United States seeks to drain ransomware groups’ funds and hinder their operations by penalizing crypto exchanges that offer substantial assistance.
The Treasury said that untrustworthy virtual currency exchanges like Chatex are essential to the profitability of ransomware operations, mainly through laundering and paying out the earnings for criminals.
Treasury will continue to employ all available tools to disrupt criminal cyber actors, stop the flow of ill-gotten wealth, and discourage future attacks on the American people.
FinCEN’s Financial Trend Analysis report comes after governments worldwide said they would crack down on ransomware groups’ use of bitcoin payment methods. The US government has imposed penalties on various businesses and threat actors linked to ransomware activities in recent years.
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) recently discovered $5.2 billion in departing Bitcoin transactions likely linked to the top ten most regularly reported ransomware variants.