The US Treasury has told members of the crypto community they are responsible for making sure they do not “directly or indirectly” help facilitate deals prohibited by the US sanctions.

Suspected ransomware payments totaling $590m were made in the first half of 2021, while more than $416m were reported for the whole of 2020.

The US Treasury Department, which once branded cryptocurrencies a “national security threat“, now says the approximate amount of reported ransomware transactions per month in 2021 was $102.3m, with REvil/Sodinokibi, Conti, DarkSide, Avaddon, and Phobos the most prevalent strains reported.

Geolocation tools needed

The new guidance said the virtual currency industry plays an increasingly critical role in preventing those blacklisted from exploiting virtual currencies to evade sanctions.

“Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity,” Deputy Treasury Secretary Wally Adeyemo said.

The Treasury also advised crypto exchanges to use geolocation tools in order to block access from countries under American sanctions.

According to the report, hackers use ransomware to take down systems that control everything from hospital billing to manufacturing. They stop only after receiving hefty payments, typically in cryptocurrency.