The Department of Treasury announced that, in collaboration with domestic Federal law enforcement partners, its Office of Foreign Assets Control (OFAC) levied sanctions against Hydra, the world’s largest darknet market, and Garantex, a virtual currency exchange.
Both are largely based out of Russia, with the former actively working to enable ransomware criminals and the latter sanctioned for working in the Russian financial sector.
“The global threat of cybercrime and ransomware that originates in Russia, and the ability of criminal leaders to operate there with impunity, is deeply concerning to the United States,” Secretary of the Treasury Janet L. Yellen said in an April 5 release.
“Our actions send a message today to criminals that you cannot hide on the darknet or their forums, and you cannot hide in Russia or anywhere else in the world,” Yellen added. “In coordination with allies and partners, like Germany and Estonia, we will continue to disrupt these networks.”
Treasury called Hydra Russia’s “most prominent” darknet market and the largest left in the world. The market was shut down in coordination with the German Federal Criminal Police, who shut down Hydra servers in Germany and seized $25 million in bitcoin in the process.
The market had been known to have offerings such as ransomware-as-a-service, hacking services and software, stolen virtual currency, and more. Treasury said OFAC had traced roughly $8 million in ransomware profits to the market through its investigation.
As far as Garantex, the virtual currency exchange was originally established in Estonia, but Treasury said the majority of its operations have been carried out in Moscow, Russia. The sanctions and investigation were carried out in collaboration with Estonian authorities, with the former designed to help prevent sanction avoidance by Russian nationals.
“Russia is a haven for cybercriminals. Today’s action against Hydra and Garantex builds upon recent sanctions against virtual currency exchanges SUEX and CHATEX, both of which, like Garantex, operated out of Federation Tower in Moscow, Russia,” Treasury said in the release. “Treasury is committed to taking action against actors that, like Hydra and Garantex, willfully disregard anti-money laundering and countering the financing of terrorism (AML/CFT) obligations and allow their systems to be abused by illicit actors.”
Under the sanctions, any property or interests in Hydra or Garantex that are either in the United States or in possession by United States’ citizens must be reported to OFAC.
The actions follow a ramp-up by the Federal government to stop cybercriminals by targeting virtual currencies, including the launch of the FBI’s Virtual Asset Unit, the Department of Justice’s indictment of a crypto-fraudster, and the Department of Justice’s largest seizure ever, in the form of $3.6 billion in seized bitcoin.