The US government has sanctioned cryptocurrency exchanges used by Russia-based cybercriminals to process illicit funds.
The US Office of Foreign Assets Control (OFAC) has issued sanctions to Cryptex – a crypto currency exchange registered in St. Vincent and the Grenadines and operating in Russia.
One individual has also been sanctioned, Sergey Sergeevich Ivanov, a Russian citizen associated with virtual currency exchanger PM2BTC.
Ivanov has served as the payment processor for various fraud shops using various payment processing services, including one that does business under the name “UAPS.”
Concurrently, the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued an order identifying PM2BTC as being of “primary money laundering concern” in connection with Russian illicit finance.
The orders mean all property and interests in property of the designated persons and entities described above that are in the US or in the possession or control of US persons are blocked and must be reported to OFAC.
Any financial institutions and other persons who engage in transactions with the sanctioned individuals and exchanges could be subject to law enforcement action.
Read now: US Targets Crypto Firms Aiding Russia Sanctions Evasion
The US Department of State has also offered up to $10m as a reward for information leading to the arrest and/or conviction of Ivanov.
In coordination with the sanctions, US authorities working with Dutch law enforcement have seized web domains and/or infrastructure associated with PM2BTC, UAPS, and Cryptex.
Hundreds of Millions of Dollars of Cybercrime Funds Processed
The sanctioned entities and persons are responsible for processing hundreds of millions of dollars of funds derived from cybercriminal activities, according to the US government.
Cryptex has received over $51.2m in funds obtained from ransomware attacks. The crypto exchange is also associated with over $720m in transactions to services frequently used by Russia-based ransomware actors and cybercriminals, including fraud shops, mixing services, exchanges lacking KYC programs, and OFAC-designated virtual currency exchange Garantex.
Ivanov has alleged laundered hundreds of millions of dollars’ worth of virtual currency for ransomware actors, initial access brokers, darknet marketplace vendors, and other criminal actors for approximately the last 20 years.
This includes serving as the payment processor for various fraud shops, including OFAC-designated Genesis Market, whose website was taken down by law enforcement in 2023.
The announcement follows several other legal actions taken in the US to tackle Russia-based cybercriminals this year. This includes the conviction of two Russian nationals for their involvement in the notorious LockBit ransomware group in July 2024.
In May, the US, UK and Australian governments unsealed an indictment against LockBit leader Dmitry Yuryevich Khoroshev following the law enforcement action Operation Cronos.