The US Justice Department on Friday announced the seizure of the online infrastructure used to run Garantex, a major cryptocurrency exchange accused of facilitating multi-billion dollar money laundering and sanctions violations.
The department said it worked with law enforcement partners in Europe to seize three domain names — garantex.org, garantex.io, and garantex.academy — effectively shuttering a cryptocurrency exchange linked to ransomware extortions and services to “transnational criminal organizations, including terrorist groups”.
According to court documents, Garantex processed at least $96 billion in cryptocurrency transactions since April 2019.
In tandem with the shutdown, the DOJ also unsealed an indictment charging Lithuanian Aleksej Besciokov and Russian Aleksandr Mira Serda with money laundering and conspiracy to violate sanctions and operate an unlicensed money transmitting business.
The Department alleges that Besciokov served as Garantex’s primary technical administrator and was responsible for maintaining the exchange’s critical infrastructure and reviewing transactions.
Mira Serda, identified as the exchange’s co-founder and chief commercial officer, is accused of helping to conceal the illicit activities taking place on the platform.
The indictment details how both men allegedly knew that criminal proceeds were being laundered through Garantex and took deliberate steps to hide these activities, including providing incomplete account information to law enforcement.
In April 2022, the US government sanctioned Garantex for its role in laundering funds from ransomware attacks and darknet markets. Despite these sanctions, the DOJ now says the admins redesigned Garantex’s operations to evade US rules. One method involved moving operational cryptocurrency wallets to new virtual currency addresses daily to obscure transactions and hinder detection by US exchanges.
In the seizure operation, German and Finnish law enforcement agencies also took control of servers hosting Garantex’s operations, while US officials recovered earlier copies of customer and accounting databases.
More than $26 million in funds linked to the money laundering activities have been frozen, the department said.
Founded in late 2019, Garantex operates out of Moscow and St Petersburg and the US government has linked its transactions with illicit actors and darknet markets, including from Russian ransomware gangs Conti and Hydra.
In February 2022, Garantex lost its license to provide virtual currency services after supervision by Estonia’s Financial Intelligence Unit revealed critical AML/CFT deficiencies and found connections between Garantex and wallets used for criminal activity.
“Garantex received hundreds of millions in criminal proceeds and was used to facilitate various crimes, including hacking, ransomware, terrorism, and drug trafficking, often with substantial impact to US victims,” the department added.
Related: US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown
Related: Germany Shuts Down Darknet Platform Specializing in Drugs
Related: FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge
Related: Social Engineering Sparked $1.4 Billion Supply Chain Cryptocurrency Heist
