The United States government has taken significant steps to crack down on cryptocurrency exchanges used by Russian cybercriminals to process illegal funds. The Office of Foreign Assets Control (OFAC) has imposed sanctions on Cryptex, a crypto exchange based in St. Vincent and the Grenadines that operates in Russia. Additionally, Sergey Sergeevich Ivanov, a Russian citizen linked to the virtual currency exchanger PM2BTC, has also been sanctioned.
Ivanov has been identified as a payment processor for various fraudulent activities, including working with a company known as “UAPS.” The Treasury’s Financial Crimes Enforcement Network (FinCEN) has labeled PM2BTC as a primary concern for money laundering in connection with Russian illicit finance.
These sanctions have led to the freezing of all assets and interests in the US belonging to the designated individuals and entities. Any financial institutions or individuals engaging in transactions with these sanctioned parties could face legal consequences.
In a bid to further clamp down on these activities, the US Department of State has offered a reward of up to $10 million for information leading to the apprehension and conviction of Ivanov. Working closely with Dutch law enforcement, US authorities have seized web domains and infrastructure associated with PM2BTC, UAPS, and Cryptex.
The sanctioned entities have been implicated in processing hundreds of millions of dollars in funds derived from cybercrime. Cryptex alone has received over $51.2 million from ransomware attacks and has facilitated transactions totaling over $720 million to services commonly used by Russian ransomware actors and cybercriminals.
Ivanov is accused of laundering vast sums of virtual currency for ransomware groups, darknet vendors, and other criminal entities over the past two decades. This includes serving as a payment processor for fraud shops, including the now-defunct Genesis Market.
These actions are part of a broader effort by US authorities to combat Russian cybercriminals. In July 2024, two Russian nationals were convicted for their involvement in the LockBit ransomware group, while in May, an indictment was unsealed against LockBit leader Dmitry Yuryevich Khoroshev as part of Operation Cronos, a collaborative effort involving the US, UK, and Australian governments.