CyberSecurityBoard
Sponsor Register Login

US seizes domain of Garantex crypto exchange used by ransomware gangs

Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found links between Garantex and wallets used for criminal activity and critical compliance issues with Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policies. ​The Russian exchange was previously sanctioned by the Treasury Department's Office of Foreign Assets Control (OFAC) in April 2022 after over $100 million in Garantex transactions were linked to darknet markets and cybercrime actors, including the notorious Conti Ransomware-as-a-service (RaaS) operation and the Hydra dark web market. Earlier today, Garantex was also forced to suspend services due to Tether blocking its digital wallets after the European Union sanctioned the crypto exchange as part of its 16th package of sanctions against Russia, which targets 542 individuals and entities. "Despite losing its Estonian license to provide virtual currency services following the Estonian Financial Intelligence Unit's investigation, Garantex continues to provide services to customers through unscrupulous means," OFAC added. The U.S. Secret Service has seized the domain of the sanctioned Russian cryptocurrency exchange Garantex in collaboration with the Department of Justice's Criminal Division, the FBI, and Europol. Other law enforcement authorities involved in this action include the Dutch National Police, the German Federal Criminal Police Office, the Frankfurt General Prosecutor's Office, the Estonian National Criminal Police, and the Finnish National Bureau of Investigation. Two years later, OFAC sanctioned the Cryptex and PM2BTC crypto exchanges for laundering funds for Russian ransomware gangs and other cybercrime groups. It also targeted the Bitpapa, TOEP, and Crypto Explorer crypto exchanges in March 2024 and designated the Sinbad, Tornado Cash, and Blender.io crypto-mixing services for laundering money for the North Korean Lazarus hacking group. Tether entered the war against the Russian cryptographic market and blocked our wallets in the amount of more than 2.5 billion rubles," the Garantex team said in a Telegram post on Thursday.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 06 Mar 2025 19:10:17 +0000


Cyber News related to US seizes domain of Garantex crypto exchange used by ransomware gangs

US charges Garantex admins with money laundering, sanctions violations - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found critical compliance issues with Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policies and ...
1 month ago Bleepingcomputer.com
Garantex crypto exchange admin arrested while on vacation - Besciokov (aka "proforg" and "iram") controlled Garantex with 40-year-old Russian national and United Arab Emirates resident Aleksandr Mira Serda (the crypto exchange's other co-founder) between 2019 and 2025. According to court ...
1 month ago Bleepingcomputer.com
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
1 month ago Cybersecuritynews.com
US seizes domain of Garantex crypto exchange used by ransomware gangs - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found links between Garantex and wallets used for criminal activity and critical compliance issues with Anti-Money Laundering ...
1 month ago Bleepingcomputer.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
1 week ago Cybersecuritynews.com
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation | The Record from Recorded Future News - Russian cryptocurrency exchange Garantex was taken down in an apparent seizure by U.S. and European law enforcement Thursday, shortly after the company said $28 million had been frozen by another cryptocurrency firm. U.S. officials said at the time ...
1 month ago Therecord.media
The ticking time bomb of Microsoft Exchange Server 2013 - This is, of course, a common issue since 2021 or so, due to Exchange Server security woes- however there has been an abnormally high increase in the past few months, making me think there was some kind of Exchange Server zero day perhaps. In my own ...
1 year ago Doublepulsar.com
Alleged Co-Founder of Garantex Arrested in India – Krebs on Security - Besciokov is also charged with one count of conspiracy to violate the International Economic Emergency Powers Act—which also carries a maximum sentence of 20 years in person—and with conspiracy to operate an unlicensed money transmitting ...
1 month ago Krebsonsecurity.com Lazarus Group
Microsoft: Exchange 2016 and 2019 reach end of support in six months - This week's warning comes after Microsoft reminded IT admins in January that Exchange Server 2016 and Exchange Server 2019 will no longer receive technical support starting in October. The Exchange Server Engineering Team also shared guidance for ...
8 hours ago Bleepingcomputer.com
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com LockBit Snatch
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
1 year ago Securityboulevard.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com Scattered Spider LockBit
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
1 year ago Bleepingcomputer.com LockBit Qilin Noescape
Ransomware review: January 2024 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In February, there were 376 ransomware victims, marking an unusually active month for the historically subdued time period. February didn't ...
1 year ago Malwarebytes.com LockBit Black Basta
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
2 years ago Bleepingcomputer.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
1 year ago Bleepingcomputer.com LockBit Akira
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group
Microsoft: Over 100 Threat Actors Deploy Ransomware in Attacks - Microsoft revealed that its security teams are tracking over 100 threat actors deploying ransomware during attacks. The company monitors over 50 unique ransomware families that were actively used until the end of last year, including Lockbit Black, ...
2 years ago Bleepingcomputer.com LockBit Cuba Black Basta
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
More than $100 million in ransom paid to Black Basta gang over nearly 2 years - The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 victim organizations ...
1 year ago Therecord.media FIN7 Black Basta
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
Russian pleads guilty to running crypto-exchange used by ransomware gangs - Russian national Anatoly Legkodymov pleaded guilty to operating the Bitzlato cryptocurrency exchange that helped ransomware gangs and other cybercriminals launder over $700 million. As a Bitzlato co-founder and principal stakeholder, Legkodymov has ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)