International Law Enforcement Operation Leads to Garantex Seizure
Garantex, a notorious Russian cryptocurrency exchange favored by ransomware groups and illicit darknet markets, has been dismantled following a coordinated international law enforcement effort. This significant development was announced by the U.S. Department of Justice (DOJ) on Friday.
Coordinated Action Freezes $28 Million in Cryptocurrency
On Thursday, a coalition of law enforcement agencies from the United States, Germany, and Finland executed a successful operation that led to the seizure of Garantex’s domains and servers. In this operation, nearly $28 million in cryptocurrency associated with the exchange was frozen, aided by stablecoin issuer Tether.
Previous Sanctions and Continued Operations
The U.S. Treasury’s Office of Foreign Asset Control (OFAC) had previously sanctioned Garantex in 2022, accusing the exchange of facilitating money laundering activities for notorious ransomware groups like Conti and Black Basta. It was also linked to notorious darknet markets, including Hydra, which was once the largest of its kind before its closure in 2022. Remarkably, despite the sanctions, Garantex continued to thrive, processing over $60 billion in cryptocurrency transactions after the restrictions were placed, bringing its total transactions to more than $96 billion.
Failing to Implement Basic Security Measures
Court documents reveal that Garantex maintained a lax approach to know-your-customer (KYC) protocols, collecting minimal identification information from its clients. This negligence allowed criminals to exploit the platform with ease. Accounts were often registered under suspicious names such as “Drug,” “Hacker,” “Taliban,” “Cashout,” “Cleancoins,” and “God.”
Connections to High-Profile Criminal Activity
In addition to serving ransomware operators and darknet markets, Garantex allegedly had ties to North Korea’s state-sponsored hacking unit, the Lazarus Group, which was implicated in the staggering $1.5 billion Bybit heist last month. The exchange also reportedly catered to Russian oligarchs seeking to evade international sanctions related to the ongoing conflict in Ukraine. Furthermore, sophisticated firms like TGR Group, known for assisting Russian elites in avoiding sanctions, have been connected to Garantex.
Criminal Charges Filed Against Operators
Following the seizure of Garantex’s servers and domains, two of its operators have been charged with various criminal offenses in the United States. Aleksej Besciokov, a 46-year-old Lithuanian national residing in Russia, faces charges of conspiracy to commit money laundering, conspiracy to violate sanctions, and conspiracy to operate an unlicensed money transmitting business. Aleksandr Mira Serda, a 40-year-old Russian citizen currently living in the United Arab Emirates, is charged with conspiracy to commit money laundering.
Conclusion
The dismantling of Garantex underscores the ongoing international efforts to combat cryptocurrency-related crime and enforce sanctions against individuals and entities that threaten global security. As law enforcement agencies continue to track down illicit operations in the crypto space, the future of these exchanges remains uncertain.
