the US Department of the Treasury (Treasury) and its US Office of Foreign Assets Control (OFAC):

As a result of OFAC's SDN designation actions, all property and interests in property of the sanctioned parties and any entity that is at least 50% percent owned by a sanctioned party that is subject to US jurisdiction is blocked, meaning US persons are prohibited from engaging in transactions with such party. Any financial institution or other persons engaging in blocked transactions or activities with a blocked entity may be exposed to sanctions or enforcement action (See Practice Note, OFAC Due Diligence in Securities Offerings: Overview of OFAC).

According to OFAC, SUEX is a VC exchange based in Russia that was added to the SDN list for facilitating financial transactions of ransomware actors. OFAC's analysis of SUEX transactions showed that over 40% of SUEX’s transactions were associated with illicit actors. SUEX has been designated as an SDN under Executive Order 13694 for providing material support to the threat posed by criminal ransomware actors (see Legal Update, New Executive Order Authorizes OFAC to Impose Sanctions on Perpetrators of Malicious Cyber Threats).

On November 8, 2021 OFAC designated Chatex and its associated support network for facilitating financial transactions for ransomware actors. According to OFAC, Chatex has facilitated transactions for multiple ransomware actors. OFAC reports that analysis of Chatex’s known transactions indicate that over half are directly traced to illicit or high-risk activities such as darknet markets, high-risk exchanges, and ransomware. OFAC asserts that Chatex has direct ties with SUEX and used SUEX’s function as a nested exchange to conduct transactions. OFAC states that Chatex is being designated to the SDN list pursuant to Executive Order 13694, as amended, for providing material support to SUEX and the threat posed by criminal ransomware actors. OFAC included on its sanctions list one of Chatex's Ethereum addresses, which contained NFTs worth more than $500,000 at the time.

On November 8, 2021, OFAC also designated Izibits OU, Chatextech SIA, and Hightrade Finance Ltd, to the SDN list over the alleged roles of these entities in providing material support and assistance to Chatex by setting up its infrastructure and enabling its operations.

On November 8, 2021, OFAC also designated two foreign nationals, Ukrainian citizen Yaroslav Vasinskyi and Russian citizen Yevgeniy Polyanin, for their part in perpetuating a prolific dark-web ransomware-as-a-service (RaaS) operator referred to as Sodinokibi/REvil used in ransomware incidents against US entities in July 2021. OFAC has made its designations of Vasinskyi and Polyanin along with a company owned by Polyanin pursuant to Executive Order 13694, as amended.

According to OFAC, Vasinskyi deployed ransomware against at least nine US companies, including the July 2021 ransomware attack against Kaseya, a multinational information software company, which caused significant disruptions to the computer networks of Kaseya’s customer base. OFAC also stated that Polyanin deployed ransomware targeting several US government entities and private-sector companies including businesses and government entities in Texas during August 2019.

These two foreign nationals, according to OFAC, are part of a cybercriminal group that has engaged in ransomware activities and received more than $200 million in ransom payments paid in Bitcoin and Monero a cryptocurrency focused on private and censorship-resistant transactions.

In a related action, on November 8, 2021, the US Department of Justice (DOJ) announced: