September 26, 2024 at 11:52AM
The U.S. Treasury Department sanctioned Cryptex and PM2BTC, accusing them of laundering funds for Russian ransomware groups and cybercrime. The exchanges allegedly facilitated transactions for threat actors and failed to maintain anti-money laundering measures. These actions are part of a broader international effort to disrupt Russian cybercrime networks. U.S. citizens and organizations are prohibited from engaging with the sanctioned entities.
The U.S. Treasury Department has announced the sanctions on two cryptocurrency exchanges, Cryptex and PM2BTC. The sanctions were imposed due to their involvement in laundering funds from Russian ransomware gangs and other cybercrime groups.
Cryptex, which operated under the cryptex[.]net domain, is reported to have provided financial services to cybercriminals and laundered over $51 million in funds linked to ransomware attacks. It is also associated with over $720 million in transactions to services frequently used by Russia-based ransomware actors and cybercriminals.
PM2BTC, which used the now-seized pm2btc[.]me domain, is accused of laundering virtual currency associated with ransomware and other illicit Russian activities. It allegedly facilitates currency-to-ruble conversions through U.S.-sanctioned financial institutions for Russian threat actors while failing to maintain anti-money laundering safeguards.
The Treasury Department has linked these crypto exchanges to Sergey Sergeevich Ivanov (also known as Taleon), a Russian money launderer believed to have processed hundreds of millions of dollars for ransomware actors, initial access brokers, darknet marketplace vendors, and various other threat actors over the last two decades.
In addition to the sanctions, the U.S. Department of State offers a reward of up to $10 million through its Transnational Organized Crime Rewards Program for any information that could help arrest or convict Ivanov and Timur Shakhmametov, the operator of Jokers Stash, one of the largest and most profitable marketplaces for stolen credit card data and personally identifiable information.
These actions are part of a broader coordinated international effort involving U.S. government agencies and foreign law enforcement, in collaboration with Operation Endgame, to disrupt Russian cybercrime services and dismantle financial enablers of transnational organized cybercrime.
As a result of the sanctions, U.S. citizens and organizations are prohibited from engaging in transactions with Ivanov, PM2BTC, or Cryptex. Any U.S.-based assets tied to them will be frozen, and U.S. financial institutions or foreign entities transacting with them will also face penalties.
OFAC has previously sanctioned other crypto exchanges and services for their involvement with designated Russian dark web markets and banks, as well as for laundering money for the North Korean Lazarus hacking group.