In brief

  • Russia has yet again been implicated in a ransomware scandal.
  • The Biden administration has focused on ransomware as a national security threat for months.

In Moscow’s city center, Russia’s tallest skyscraper—known as Vostok—is facilitating business for hackers, cybercriminals, and money launderers.

According to Bloomberg, experts have successfully linked at least four companies that are either based or operating in Vostok to launder money associated with ransomware activity. 

These four companies are Suex OTC, EggChange, 

Suex OTC, per cited Chainalysis data, has processed—at a minimum—$160 million in Bitcoin from illicit and high-risk sources in the last three years. Previously, Suex OTC also faced sanctions for helping ransomware groups launder their funds. 


EggChange faces investigations in both the United States and Europe for alleged money laundering. The Treasury Department reportedly declined to comment., per Chainalysis, has also processed thousands of dollars worth of ransomware funds. A chunk of these funds was processed for Hydra, one of the largest darknet markets in the world—and the largest in Russia. 

CashBank, the final of the four companies, was reportedly affiliated with accounts that were flagged by Binance for “potentially illicit activities.” 

Binance, in turn, has spent the larger part of a year dealing with regulatory problem after problem


Back in crypto crosshairs

This is not the first time Russia has served as the epicenter of a ransomware—and cryptocurrency—scandal. 

Last year, Russian spies were found to have used $1 million worth of cryptocurrency to meddle in the U.S. 2018 midterm elections. Russian nationals, a member of Ukraine’s parliament, and a suspected Russian spy were sanctioned as a result. 

Last year, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned 16 groups and a further 16 individuals for meddling in the 2020 presidential election. 

One company, Secondeye Solution (SES)—which provides fraudulent identity documents to buyers—had received over $2.5 million worth of cryptocurrencies since 2013. 

U.S. foreign policy pivots to ransomware

One of the Biden administration’s most significant foreign policy decisions has been its emphasis on ransomware—and the national security threat posed by cryptocurrencies. 

A report released by the administration last month warned that digital assets like cryptocurrencies pose a risk to the United States’ sanctions regime, which, in turn, is a cornerstone of American foreign policy. 

“These technologies offer malign actors opportunities to hold and transfer funds outside the collar-based financial system. They also empower our adversaries seeking to build new financial and payment systems intended to diminish the dollar’s global role,” the report read. 

At the time of writing, the U.S. has over 9,000 sanctions in place, targeting rogue states like North Korea, Iran, and others. 


But the administration’s crypto and ransomware anxiety go back further than the Treasury’s report. 

High-profile attacks against the Colonial Pipeline and meat processing firm JBS prompted the administration to take early steps against the illicit side of the industry. Following both attacks, the Justice Department announced that it would elevate ransomware to a similar priority level as terrorism

This summer, the administration also set up a ransomware task force with the explicit task of combating cyberattacks and tracing cryptocurrency ransom payments. 

What’s more, rumors have long circulated that the administration is planning a cryptocurrency-focused executive order, which speculation suggests may further equip President Biden to combat what he perceives to be a serious national security threat.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.