The US Treasury Department has announced for the first time that it will sanction a cryptocurrency exchange for its alleged role in laundering money from ransomware attacks.
The department's Office of Foreign Asset Control (OFAC) has announced a blacklist of the SUEX exchange, due to allegedly having "facilitated transactions involving illicit proceeds from at least eight ransomware variants". It also said that more than 40% of the company's previous transactions are "associated with illicit actors".
SUEX is the first crypto exchange on OFAC's blacklist, which also contains 14 bitcoin addresses and four Ethereum addresses. US citizens are generally banned from performing transactions with blacklisted entities, and institutions that engage in certain activities with SUEX could face sanctions.
Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy."
In addition to announcing sanctions against SUEX, the Treasury Department restated its guidance on how to respond to ransomware attacks, stating that it "strongly encourages victims and related companies to report these incidents to and fully cooperate with law enforcement as soon as possible" while discouraging a ransom payment. It adds that ransomware payments reached over $400m in 2020, over four times that of 2019.
"Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy. We will continue to crack down on malicious actors," said Treasury Secretary Janet L. Yellen. "As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks."