State hackers breach defense, energy, healthcare orgs worldwide
MediaMarkt hit by Hive ransomware, initial $240 million ransom
REvil ransomware affiliates arrested in Romania and Kuwait
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
New PowerShell version comes with Microsoft Update support
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks
Medical software firm urges password resets after ransomware attack
Unlock 250 IT certification courses in our pre-Black Friday sale
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
US sanctions Chatex cryptoexchange used by ransomware gangs
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions.
The Treasury also sanctioned the Russian-linked Suex crypto exchange in September for helping at least eight ransomware groups, with over 40% of its known transaction linked to illicit actors.
“Analysis of Chatex’s known transactions indicate that over half are directly traced to illicit or high-risk activities such as darknet markets, high-risk exchanges, and ransomware,” the Treasury Department said.
“Chatex is being designated pursuant to Executive Order (E.O.) 13694, as amended, for providing material support to Suex and the threat posed by criminal ransomware actors.”
Just as in Suex’s case, by sanctioning Chatex the US administration aims to take down the main channel used by ransomware operations to collect ransom payments from their victims.
The Treasury also designated IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd for providing assistance to Chatex by setting up infrastructure and enabling Chatex operations.
By sanctioning crypto exchanges that provide material support to ransomware gangs, the US hopes to drain their funding and disrupt their operations.
“Unprincipled virtual currency exchanges like Chatex are critical to the profitability of ransomware activities, especially by laundering and cashing out the proceeds for criminals,” the Treasury added.
“Treasury will continue to use all available authorities to disrupt malicious cyber actors, block ill-gotten criminal proceeds, and deter additional actions against the American people.”
FinCEN’s Financial Trend Analysis report was issued on the heels of governments worldwide saying they will crack down on cryptocurrency payment channels used by ransomware gangs.
One year ago, the Treasury Department’s Office of Foreign Assets Control (OFAC) also warned that ransomware negotiators that they could face civil penalties for facilitating ransom payments if their deals involve ransomware gangs already on its sanctions list.
The US government has also levied sanctions against other entities and threat actors associated with ransomware operations in recent years.
The list of ransomware-linked sanctions includes the developer of Cryptolocker ransomwaretwo Iranians for providing material support to SamSam ransomware, the Lazarus Group and two sub-groups, Bluenoroff and Andariel
The US also charged multiple Evil Corp members for stealing over $100 million and added them to the Office of Foreign Assets Control (OFAC) sanctions list. This group is associated with multiple ransomware families, including WastedLocker, Hades, Phoenix CryptoLocker, PayLoadBin, DoppelPaymer, Grief, and Macaw Locker.
Today, the Treasury also sanctioned REvil affiliates Yaroslav Vasinskyi and Yevgeniy Polyanin for their part in deploying ransomware payloads in love 5,500 attacks.
The US Department of State also announced on Thursday a $10,000,000 reward for the identification or location of DarkSide ransomware core members and $5,000,000 for information leading to the arrest of affiliates and other participants in DarkSide attacks.
The total amount of ransoms that ended in ransomware groups’ wallets amounted to over $400 million in the last 12 months, over four times more when compared to the entirety of 2019, according to the Treasury.
Last month, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) identified roughly $5.2 billion worth of outgoing Bitcoin transactions likely tied to the top 10 most commonly reported ransomware variants.
US sanctions cryptocurrency exchange used by ransomware gangs
US links $5.2 billion worth of Bitcoin transactions to ransomware
U.S. to sanction crypto exchanges, wallets used by ransomware
FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud
Governments worldwide to crack down on ransomware payment channels
Not a member yet? Register Now
MediaMarkt hit by Hive ransomware, initial $240 million ransom
Microsoft: New Windows driver deployment service coming soon
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Windows 10 KB5007186 & KB5007189 updates released

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

BotenaGo botnet targets millions of IoT devices with 33 exploits

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…

Discord malware campaign targets crypto and NFT communities

Hackers exploit Microsoft MSHTML bug to steal Google, Instagram credsApple sues spyware-maker…

Finland warns of Flubot malware heavily targeting Android users

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangsEwDoor botnet targets…