Suex.io

History

2021: Sanctions for alleged role in facilitating crypto transactions for intruders

On September 21, 2021, the US Treasury Department announced the inclusion of the Moscow-registered Suex.io Exchange in the so-called "list of specially appointed citizens" (SDN) for its alleged role in facilitating cryptocurrency transactions for attackers using the ransomware virus.

As a result of this inclusion, which places Suex in the same category as suspected terrorists and drug traffickers, US residents and citizens are prohibited from doing business with the exchange under fear of a fine or imprisonment. The Treasury Department said in a press release that the United States will block any Suex property within its borders.

The United States imposed sanctions against the cryptographer Suex.io

US Deputy Treasury Secretary Adewale Adeyemo said during a press conference that the Suex exchange contributed to transactions of at least eight varieties of ransomware viruses and up to 40% of the exchange's transactions were related to well-known attackers.

The Treasury Department also updated its 2020 payment guide, which states that facilitating payments for ransom software on behalf of the victim may violate the rules of the Office of Foreign Assets Control (OFAC).

The report, which summarizes the TRM investigation, says that Suex began its activities under the corporate ownership of Izibits OU, a virtual asset service provider with an Estonian license. The publication claims that the exchange's leaders are Vasily Zhabykin, who may be associated with a large Russian telecommunications company and Tibor Bokor, a Czech venture capitalist. Suex is nominally based in the Czech Republic, but operates from Russia.

Later it became known that Vasily Zhabykin was fired from MTS Bank, where he led the innovative Neo bank. The dismissal is due to US sanctions. Another Suex co-founder, Yegor Petukhovsky, announced the dismissal of Chatex from the famous crypto exchange bot.

Although the US Treasury Department did not name the specific attacks ones that Suex aided, the analytical firm Chainalysis said on its blog that cryptocurrencies paid for by victims of ransomware attacks and Ryuk Conti Maze sent payments that ultimately passed through the Suex exchange. Chainalysis identified about $13 million in bitcoin transactions sent through the exchange directly related to the attacks. Fraudsters sent another $24 million in bitcoins, and another $20 million in bitcoins were associated Hydra with other Darknet markets. In general, since February 2018, the exchange has received more than $480 million in bitcoin transactions. The analytical firm was able to link at least $160 million of this amount to illegal activities.

Anne Neuberger, deputy national security adviser to the administration, during a press conference confirmed the Treasury's approach to viral software attacks, outlining a four-pronged strategy that includes destroying participants and infrastructure, strengthening possible targeted organizations, limiting cryptocurrency payments and establishing international cooperation to mitigate the consequences of future attacks.^[1]

The All-Russian social movement Stopnarkotik turned to the heads of the Central Bank and the Ministry of Internal Affairs of Russia with a description of the connection of SUEX with the largest cryptobirge in Eastern Europe, ExMo the QIWI group of companies and the Ukrainian Concord Bank. According to the organization's investigation, SUEX was involved in money laundering for the largest drug sales platform, whose turnover in Russia is at least $1.5 billion per year.

Notes