back to article Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants

The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime. Suex is registered in the Czech Republic but operates out of offices in …

  1. Blank Reg

    Just put all the crypto exchanges on the Office of Foreign Assets Control designated entities list. Then get the rest of the G20 to impose similar restrictions. That will put a dent in the ransomware industry

    1. Anonymous Coward
      Anonymous Coward

      Probably would help the environment, too.

    2. doublelayer Silver badge

      No, it would just put a dent in the cryptocurrency industry. Which isn't really a problem for me, but since you're proposing it with a stated goal you will not get, perhaps not the best argument for it.

      Ransomware operators use cryptocurrency for three reasons: it's easy to move large chunks, they can exchange it for actual money more easily, and it can't be taken away from them. For the avoidance of doubt, they don't do it because it's untrackable (it's not), easy for the victims to hide (it's not), or effectively anonymous (it can be but they're not). The most successful ransomware operations have also moved to attacking a smaller number of big targets, looking for payouts in the millions. The result of this is that it's now easier to handle small costs in convenience to receive a ransom. If the ransom is for a personal computer and paid for by an individual, requesting the user take extra steps to get the payment could be so expensive for the user that they won't be paid. If a business is going to pay millions, they can ask for that. If they find themselves miraculously unable to exchange cryptocurrency for something they want, they'll do that.

      If you could eliminate cryptocurrency's value entirely, which you can't, ransomware has several other methods to move money. They would be better at ranking the options as I'm sure they've already made plans, but they would include making transfers to international banks and quickly withdrawing money (more complex, easier for victims), physical movement of cash (bulky), and physical movement of something more compact like gold (victim must exchange for it). These aren't simple, but for a payout in the millions, it is worth figuring out how to do it. In addition, as most ransomware operators are insulated from legal consequences by corrupt countries, they can use that to their advantage--receiving the ransom physically in a country where the police want to catch you is risky, but if the police don't care, it's fine.

  2. sanmigueelbeer

    Is this the answer to the ransomeware scourge? Go after the "banks"?

    What about the elephant in the room -- IT security? What IT security?

    Have a look at After ransomware attack, company finds 650+ breached credentials from NEW Cooperative CEO, employees:

    * The password "chicken1" was common among the company's 120 employees and was used over 10 times.

    Kahn added that the firm's CEO Brent Bunte appeared to have the second highest number of instances of breached credentials while other current executives also had passwords that had been leaked.

    * We saw that the Colonial Pipeline breach was ultimately a result of a bad password

    The US Government's strategy of going after the hackers, affiliates and their "banks" without acknowledging that the bigger problem is actually the victim's poor response(s) to IT security is not going to fix this.

    Not only did the victims shot-themselves-in-the-foot by having very poor IT security, they also made sure their critical systems were exposed to the internet. It was a perfect storm and self-inflicted injury packed in one neat box. Ready for the picking hacking.

    We kept making jokes among ourselves about "admin/password" but, in reality, it is way more common and very widespread.

    There are many instances that the hacks could've/would've been avoided if someone actually took simple IT security seriously.

    1. Adelio

      But a lot of this is probably due to companies ignoring IT and not allowing them to spend the money to harden their systems. When accountants run companies, anything NOT making a return is hard to get approved.

  3. Potemkine! Silver badge

    "Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy," said Treasury Secretary Janet L. Yellen in a statement. "We will continue to crack down on malicious actors."

    Unless it's JP Morgan, or another major US bank.

    1. Anonymous Coward
      Anonymous Coward

      Unless

      Presumably the test might be along the lines of "what proportion of the funds and/or transactions flowing through the bank result from criminal activity".

      I can imagine that a large bank like JP Morgan might - entirely inadvertently, of course - handle quite large volumes of criminal transactions, and perhaps even in excess of those at Suex, but they would still be a very small proportion of JP's total activities. Whereas, to quote the article on Suex, "According to the US Treasury, more than 40 per cent of the firm's known transaction history involves illicit entities".

  4. Andy The Hat Silver badge

    If a single entity in the banking system was dealing with multi-million pound illicit transactions it would be shut down as complicit (there are examples of this).

    Yet this extortion system extends to hundreds of millions of pounds across multiple "institutions" and there seems to be little push-back against it.

    Unfortunately this is the dark side of the crypto system and the one the public sees. I'm sure "currency" flies around the world purely with the aim of being laundered rapidly yet the authorities appear either powerless or unwilling to act against this activity - the criminals are in full control. Something (eg banning cypto) has got to happen before the system melts down into a sea of extortion, drug money and payment for pizzas.

    1. Aitor 1

      Illicit transactions

      You mean HSBC and pals?

      It seems yes, they do get fined but still keep doing it.

      As long as it is profitable, they will do it.. meanwhile small fish like us get quite a few inconviniences for small transactions.

      Crypto is anything BUT opaque. All transactions are public, while banks do not share that info on the open. What you don't know is WHO is behind a wallet/transaction.. unless they want the money out in FIAT, then you need an exchange.. so it is only fair that money laundering exchanges get heavily fined (should be closed, really)

      Links for HSBC still being "problematic":

      https://www.buzzfeednews.com/article/anthonycormier/hsbc-money-laundering-drug-cartels

      https://www.icij.org/investigations/fincen-files/hsbc-moved-vast-sums-of-dirty-money-after-paying-record-laundering-fine/

      https://www.thebureauinvestigates.com/stories/2021-07-28/money-laundering-ring-pushed-4.2bn-through-hsbc

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like