Chatex

🔴 High Risk

The Chatex cryptocurrency exchange case exemplifies the growing risk posed by virtual currency platforms facilitating illicit financial activities, especially money laundering tied to ransomware attacks targeting the United States. Designated by the U.S. Treasury’s Office of Foreign Assets Control (OFAC) in late 2021, Chatex was a critical conduit for cybercriminals to launder ransom payments and obscure the origin of illicit funds through layered, cross-border transactions. Its operations were closely linked to previously sanctioned entities such as Suex, highlighting a sophisticated network of nested exchanges exploiting legitimate infrastructures to convert and move illegal proceeds. The case underscores the US government’s increasing vigilance against unregulated crypto platforms that enable cyber-enabled financial crime, disrupting victim recovery efforts and undermining the stability of the financial system.

The Chatex cryptocurrency exchange was designated by the US Treasury’s Office of Foreign Assets Control in November 2021 for its involvement in laundering ransomware payments and other illicit cryptocurrency transactions tied to cybercriminal groups. Operating across multiple countries, Chatex played a pivotal role in converting ransom extorted from American companies into cryptocurrency, thereby enabling cybercriminal groups to profit. The exchange was linked to Suex, another exchange previously sanctioned for similar offenses. Through nested exchange techniques, Chatex enabled criminals to mask the origin of illicit proceeds. The US government responded with sanctions, asset freezes, and cooperation with foreign authorities to disrupt Chatex’s activities and deter further cyber-enabled financial crimes targeting the US. The case underscores the persistent threat posed by unregulated or loosely regulated cryptocurrency platforms in the global financial system and the US commitment to address these risks aggressively.

Countries Involved

United States, Russia, Czech Republic, Latvia, Estonia

Sanctions and enforcement actions reported primarily in late 2021, notably November 2021.

Various cryptocurrencies used in ransomware payments

Money laundering, facilitating ransomware payments, illicit cryptocurrency transactions.

Chatex cryptocurrency exchange, associated entities such as Izibits OU, Chatextech SIA, Hightrade Finance, and related exchange Suex OTC.

No documented Politically Exposed Person (PEP) involvement reported

Chatex acted as a virtual currency exchange that facilitated laundering by enabling ransomware actors to convert illicit funds into cryptocurrency. It was connected to nested or parasitic exchanges like Suex that exploited larger exchanges’ infrastructure for laundering. Techniques included mixing illicit ransomware payments with legitimate transactions, use of darknet markets, high-risk exchanges, and layering transactions to obscure origins.

Specific total value is not publicly disclosed, but significant sums are implied including at least $6.1 million seized in related operations by US authorities from ransomware actors using Chatex.

Majority of Chatex transactions were traced to illicit or high-risk activities including ransomware payments. Chatex provided a conduit for criminal actors to cash out ransomware proceeds by laundering and moving funds across borders, leveraging its global operations spanning Eastern Europe and beyond. Analysis by US Treasury’s Office of Foreign Assets Control (OFAC) highlighted Chatex’s role as “critical to the profitability of ransomware activities.”

In November 2021, the US Treasury’s OFAC sanctioned Chatex and associated entities for facilitating ransomware-related activities. These sanctions followed parallel enforcement actions including suspension of Chatextech operations by Latvian authorities and license revocation for Izibits OU in Estonia. The DOJ and State Department were also involved in coordinated actions. Sanctions targeted freezing of assets and cutting off Chatex from the US financial system, including freezing of crypto holdings with institutional custodians.

  1. U.S. Treasury Office of Foreign Assets Control (OFAC) announcement on Chatex sanctions

  2. TRM Labs analysis on Treasury designation of Chatex exchange

  3. CoinDesk article on Chatex user impact and sanctions

Chatex
Case Title / Operation Name:
Chatex Cryptocurrency Exchange Money Laundering Case
Country(s) Involved:
Czech Republic (Czechia), Estonia, Russia, United States
Platform / Exchange Used:
Chatex, Suex OTC, Izibits OU, Chatextech SIA, Hightrade Finance
Cryptocurrency Involved:

Various cryptocurrencies used in ransomware payments

Volume Laundered (USD est.):
Estimated value not fully disclosed; at least $6.1 million seized in related enforcement actions
Wallet Addresses / TxIDs :
Specific wallet addresses not publicly disclosed
Method of Laundering:

Exchange facilitation of ransomware payments, nested exchange layering, mixing illicit and legitimate transactions, darknet market use

Source of Funds:

Ransomware payments, cybercriminal extortion proceeds

Associated Shell Companies:

Entities such as Izibits OU, Chatextech SIA, Hightrade Finance linked to the scheme

PEPs or Individuals Involved:

N/A

Law Enforcement / Regulatory Action:
US Treasury OFAC sanctions, asset freezes, license revocations, international cooperation on investigations
Year of Occurrence:
2021
Ongoing Case:
Closed
AML Network Risk Rating:
🔴 High Risk
Quick Links:
Popular Pages:
Disclaimer & Legal:
Facebook-f Twitter Youtube Pinterest-p Instagram Tiktok
© 2025 AML Network. – All Rights Reserved.