U.S warns Russia may bypass heavy sanctions using Ransomware payments.

The Treasury Department’s FinCEN (Financial Crimes Enforcement Network) sent a warning to U.S. Financial Institutions this week for increased ransomware attacks as heavy sanctions are being imposed on Russia.

FinCEN mentioned that the cryptocurrency exchanges and other financial bodies related to the convertible virtual currency will continue to say an increase in transactions, crypto wallet expansion and more with those related to the sanctioned countries including Russia, Belarus and other affiliate entities. For those cases, FinCEN demands for increased vigilance, and due diligence to identify and report suspicious activity.

“In addition, FinCEN reminds financial institutions of the dangers posed by Russian-related ransomware campaigns,” said the U.S Treasury Department.

FinCEN share tips to stay vigilant against ransomware payments

FinCEN share some examples of red flags that will facilitate to identify suspicious activity that could be linked to sanction evasion and requests organizations to report such incidents. The red flags are,

• Cryptocurrency received from an external wallet and instantly multiplies, rapid trades within other crypto-currencies without apparent purpose, which is then followed by transaction off the platform. This action indicates attempts taken to break the chain of custody on respective blockchains or  obfuscate the transaction further.
• A user initiates transfer of funds that involves cryptocurrency mixing service.
• A user has direct or indirect transaction exposure identified by blockchain tracking software that is linked to ransomware.

This warning from FinCEN came after the U.S. Senators asked the Treasury to look for potential sanctions evading options and to reinforce cryptocurrency and transactional compliance across industries.

“In the face of mounting economic pressure on Russia, it is vitally important for U.S. financial institutions to be vigilant about potential Russian sanctions evasion, including by both state actors and oligarchs,” said FinCEN Acting Director Him Das.

“Although we have not seen widespread evasion of our sanctions using methods such as cryptocurrency, prompt reporting of suspicious activity contributes to our national security and our efforts to support Ukraine and its people.”

In Sept 2021, the U.S. Treasury made its first-ever sanctions against a cryptocurrency exchange for facilitating ransom transactions linked to ransomware gangs.

One month after, a FinCEN Financial Trend Analysis identified approximately $5.2 billion worth of outgoing BTC transactions linked to top 10 ransomware variants with major of those variants originating from Russia. Publicly disclosed ransomware payments reached $500 million worth of cryptocurrency globally in the last two years.

Governments across the world also decided that they would analyze cryptocurrency payment channels used by ransomware operators with virtual Anti-Ransomware Initiatives among the officials from 31 countries and the European Union.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.