US sanctions crypto exchanges utilized by Russian ransomware gangs

The U.S. Treasury Division’s Workplace of Overseas Belongings Management (OFAC) has sanctioned Cryptex and PM2BTC, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and different cybercrime teams.

Cryptex (which used the cryptex[.]internet area) reportedly gives monetary companies to cybercriminals and laundered over $51 million in funds linked to ransomware assaults.

“Cryptex is also associated with over $720 million in transactions to services frequently used by Russia-based ransomware actors and cybercriminals, including fraud shops, mixing services, exchanges lacking KYC programs, and OFAC-designated virtual currency exchange Garantex,” the Treasury stated.

PM2BTC (who used the now-seized pm2btc[.]me area) is accused of laundering digital foreign money related to ransomware and different illicit Russian actions. It allegedly facilitates currency-to-ruble conversions via U.S.-sanctioned monetary establishments for Russian menace actors whereas failing to keep up anti-money laundering safeguards.

The Treasury Division linked the crypto exchanges to Sergey Sergeevich Ivanov (also referred to as Taleon), a Russian cash launderer believed to have helped course of lots of of tens of millions of {dollars} for ransomware actors, preliminary entry brokers, darknet market distributors, and numerous different menace actors during the last 20 years.

“Through various payment processing services, including one that does business under the name ‘UAPS,’ Ivanov has served as the payment processor for various fraud shops, including OFAC-designated Genesis Market, whose website was taken down by law enforcement in 2023,” the Treasury added.

The U.S. Division of State additionally presents a reward of as much as $10 million via its Transnational Organized Crime Rewards Program for any info that would assist arrest or convict Ivanov and Timur Shakhmametov, the operator of Jokers Stash, one of many largest and most worthwhile marketplaces for stolen bank card knowledge and personally identifiable info.

OFAC sanctions Ivanov Shakhmametov

These actions are a part of a broader coordinated worldwide effort involving U.S. authorities companies and overseas legislation enforcement, in collaboration with Operation Endgame, to disrupt Russian cybercrime companies and dismantle monetary enablers of transnational organized cybercrime.

On account of at present’s sanction, U.S. residents and organizations are prohibited from partaking in transactions with Ivanov, PM2BTC, or Cryptex. Any U.S.-based property tied to them will likely be frozen, and U.S. monetary establishments or overseas entities transacting with them can even face penalties.

Cryptex domain seizure banner
Cryptex area seizure banner (BleepingComputer)

“The United States and our international partners remain resolute in our commitment to prevent cybercrime facilitators like PM2BTC and Cryptex from operating with impunity,” stated Bradley T. Smith, Performing Underneath Secretary of the Treasury for Terrorism and Monetary Intelligence.

“Treasury, in close coordination with our allies and partners, will continue to use all tools and authorities to disrupt the networks that seek to leverage the virtual assets ecosystem to facilitate their illicit activities.”

OFAC has beforehand sanctioned the Bitpapa, TOEP, and Crypto Explorer crypto exchanges in March 2024 and the Moscow-based cryptocurrency change Garantex in April 2022 for working with OFAC-designated Russian darkish net markets and banks.

It additionally designated the Sinbad, Twister Money, and Blender.io cryptocurrency mixing companies for laundering cash for the North Korean Lazarus hacking group.

Recent articles

Hackers Use Microsoft MSC Information to Deploy Obfuscated Backdoor in Pakistan Assaults

î ‚Dec 17, 2024î „Ravie LakshmananCyber Assault / Malware A brand new...

INTERPOL Pushes for

î ‚Dec 18, 2024î „Ravie LakshmananCyber Fraud / Social engineering INTERPOL is...

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

î ‚Dec 18, 2024î „Ravie LakshmananCyber Assault / Vulnerability Risk actors are...