The U.S. Treasury Department has struck a significant blow against a major Russian cybercrime network.
At a Glance
- The U.S. Treasury sanctions Russian virtual currency exchanges and cybercrime facilitators.
- Sergey Sergeevich Ivanov identified as a money laundering concern by FinCEN.
- OFAC sanctions Ivanov and Cryptex, a Russian virtual currency exchange.
- The U.S. Secret Service and other agencies seize infrastructure related to PM2BTC, UAPS, and Cryptex.
- The State Department offers a reward for information on Ivanov.
Sanctions Against Russian Cybercrime Network
The U.S. Department of the Treasury has undertaken coordinated actions against Russian virtual currency exchanges and cybercrime facilitators. This move targets PM2BTC, associated with Sergey Sergeevich Ivanov, who has been identified as a significant money laundering concern. The Office of Foreign Assets Control (OFAC) has sanctioned Ivanov and Cryptex, a virtual currency exchange operating in Russia.
The U.S. Secret Service, Netherlands Police, and Dutch Fiscal Intelligence and Investigation Service have seized web domains and infrastructure related to PM2BTC, UAPS, and Cryptex. Additionally, the U.S. Department of State has offered a reward of up to $10 million for information leading to Ivanov’s arrest or conviction.
The US and the UK have sanctioned PRC state-sponsored hackers who have endangered US national security through malicious cyber operations targeting US critical infrastructure. Treasury is focused on leveraging our tools to protect against these threats. https://t.co/Ej7kNDgAfl
— Treasury Department (@USTreasury) March 25, 2024
Ivanov and the Cybercrime Network
The PM2BTC exchange has been operational since 2014 and has facilitated the laundering of convertible virtual currency (CVC) linked to ransomware and other illicit activities in Russia. PM2BTC has been criticized for failing to implement effective anti-money laundering (AML) and Know Your Customer (KYC) programs. The Cryptex exchange has also been implicated, having received over $51.2 million in illicit proceeds from ransomware attacks and advertising its services directly to cybercriminals.
“The United States and our international partners remain resolute in our commitment to prevent cybercrime facilitators like PM2BTC and Cryptex from operating with impunity,” said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith.
Cryptex has been estimated to have received $720 million in transactions linked to illegal services used by Russia-based ransomware actors and cybercriminals. Ivanov has been charged with laundering hundreds of millions of dollars for cybercriminals over the past 20 years, supporting the carding website Rescator, and laundering funds from Joker’s Stash. Additionally, the sanctioned entities UAPS and Cryptex processed over $7.5 billion worth of transactions since their inception.
.@USTreasury’s Financial Crimes Enforcement Network and the Office of Foreign Assets Control are taking action against illicit Russian virtual currency exchanges. https://t.co/ciwRyy9Oix
— Treasury Department (@USTreasury) September 26, 2024
Impact and Future Implications
The sanctions block all property and interests in property of the designated persons in the U.S. or controlled by U.S. persons. Financial institutions engaging with sanctioned entities may face sanctions or enforcement actions. This asserts the U.S. stance that the ultimate goal of sanctions is to foster positive behavioral change, not merely punitive measures.
Guidance and FAQs are available for foreign financial institutions and others affected by the sanctions. The actions aim to disrupt the infrastructure used by illicit actors to facilitate money laundering and other transnational cybercrime, demonstrating a robust response to ongoing cyber threats from Russia-based entities.