The Treasury’s Office of Foreign Assets Control labeled Suex.io a “specially designated national,” putting the exchange in a category with suspected terrorists.
The U.S. government has sanctioned a cryptocurrency exchange for the first time as part of its ongoing fight against ransomware attacks.
The Treasury Department announced Tuesday it is adding Russia-based Suex.io to its list of specially designated nationals (SDNs) for its alleged role in facilitating cryptocurrency transactions for ransomware attackers.
As a result of the designation, which puts Suex in a category with suspected terrorists and drug traffickers, U.S. residents and citizens are forbidden to do business with the exchange, on penalty of fines or prison.
Deputy Treasury Secretary Adewale Adeyemo said in a press call ahead of the announcement that Suex facilitated transactions from at least eight ransomware variants, and as much as 40% of Suex’s transaction volume was associated with addresses linked to known malicious actors.
“Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attacks. Today’s action is a signal of our intention to expose and disrupt the illicit infrastructure used in these attacks,” Adeyemo said.
The Wall Street Journal reported Friday the Treasury Department intends to impose sanctions to take on ransomware.
The Treasury Department said in a press release the U.S. would block any Suex property within its borders.
Treasury’s Office of Foreign Asset Control (OFAC), the division in charge of the SDN list, has sanctioned individual middlemen who process crypto transactions since 2018, when it added two people charged with facilitating transactions from victims of the SamSam ransomware.
At the time, OFAC added bitcoin addresses to its SDN list as well. It added another 14 XBT addresses, four ETH addresses and seven USDT addresses to the blacklist on Tuesday.
The Treasury did not sanction any individuals working for the exchange at press time. Spokespeople for the department did not respond to a question about whether any employees would be added.
The Treasury Department also updated its 2020 guidance on ransomware payments, which states that “facilitating ransomware payments on behalf of a victim may violate OFAC regulations.”