red 
EDIT: On 11/01/2024, the address with these NFTs, 0x6acdfba02d390b97ac2b2d42a63e85293bcc160e, was removed from Chatex’s OFAC designation.
A digital monkey, a domain address and virtual parcels of land are among the $342.5 million held in cryptoasset wallets subject to new OFAC sanctions – the first time NFTs have been linked to OFAC-sanctioned entities.
New sanctions, announced yesterday in connection with a a major international law enforcement operation against the REvil ransomware group, include 57 cryptocurrency addresses linked to ransomware, money laundering and US election interference.
The move marks the eighth time cryptocurrency addresses have been added to OFAC’s sanctions list, and only the second time a virtual asset service provider — in this case Latvia-based “cryptobank” Chatex — has been sanctioned in its entirety. The first, the Russian cryptocurrency exchange SUEX, it was sanctioned on September 21. The new sanctions against Chatex are perhaps not surprising, given that they were instituted by one of SUEX’s co-founders.
Much of the crypto assets received by Chatex can be traced back to ransomware payments or sales from the Russian darknet market Hydra. Among the $324.3 million in crypto assets held by the 30 Chatex addresses listed by OFAC are 42 non-volatile tokens (NFTs), with a total value of about $531,600, hold an account called ‘weery’.
NFTs collected in this account include digital magazine covers, superhero figures and powers, digital land parcels, and relatively little-known digital art collections. It also interacted with the native GHST tokens of the popular NFT gaming collectible “Aavegotchi”. The account also self-mined (created) four of its 42 NFTs.
US-based NFT traders and marketplaces must now ensure that they do not engage in NFT transactions involving sanctioned addresses or facilitate NFT transactions. One of Chatex’s addresses is used buy NFT for $3,360 some 90 minutes after OFAC listed them.
In addition to NFTs, the 57 wallets sanctioned on Monday contain a wide range of other cryptoassets, including Monero and dozens of ERC-20 tokens linked to DeFi protocols. Stable coins like Tether, USD Coin and Dai appear to be preferred over more volatile assets like Bitcoin or Ether for storing illicit earnings – a trend also seen with other sanctioned entities and terrorist organizations like Hamas.
REvil Affiliates sanctioned
Two individuals associated with the REvil ransomware group were also included in the latest round of sanctions, Yevgeny Igorevich Polyanin and Jaroslav Vasinski.
According to US Treasury announcementboth Polyanin and Vasinskyi worked as operators for REvil, which used ransomware against US companies. In addition, Vasinskyi was identified as responsible for the attack on the Kaseya supply chain that occurred in July 2021.
On November 8, 2021, Vasinskyi was arrested in Poland and is currently in custody pending extradition proceedings. In addition, the US Treasury announced that they successfully seized $6.1 million in ransomware proceeds from Poljanin. At the time of writing, Poljanin has not been arrested and is believed to be currently in Russia.
Elliptic’s analysis shows that sanctioned addresses associated with Poljanin and Vasinski received more than $18 million in various cryptocurrencies, including BTC, ETH and USDT.
On the same date that OFAC announced the sanctions against Poljanin and Vasinski, Europol also announced the latest results of their global law enforcement operation, Operation Gold Dust, launched to combat REvil. Law enforcement agencies from 17 countries, in addition to Europol and Interpol, participated in this operation. As published yesterday, Operation Gold Dust has so far led to the arrest of seven people associated with REvil and its predecessor, GandCrab.
Sanctions updates for Artem Mihajlovic Lifšic and Southfront
In its latest anti-election meddling action, OFAC also added or changed cryptocurrency addresses associated with Artem Mikhailovich Lifshic, a Russian national sanctioned for meddling in the US election, and Southfront, a Russian disinformation site.
How we can help
With NFTs and DeFi governance tokens now joining the growing list of cryptoassets held by sanctioned entities, the responsibility of virtual asset service providers to verify transactions has further increased. The sanctions do not only cover digital asset transactions – financial services will need to ensure that they do not facilitate any fiat currency payments to or from these sanctioned entities.
,We at Elliptic offer blockchain analytics solutions to help regulated cryptoasset businesses and financial institutions comply with US and international sanctions, including those related to ransomware.
Our wallet viewing solution, Elliptical Lensand our transaction tracking solution, Elliptical Navigatorallow you to review the OFAC list to ensure you avoid dealing with blacklisted entities and addresses. Elliptic clients can review addresses from today’s actions in our solutions, ensuring they remain compliant.
Contact us for a demo and to learn more about how Elliptic’s leading blockchain analytics solutions can enable you to address the dual challenges of sanctions and ransomware.
You can also download Elliptic’s May 2021 Cryptocurrency Sanctions Compliance Guide for case studies and examples of how to use blockchain analytics for OFAC compliance.
Sanctions NFTs crypto crime
