Nine cryptocurrency exchange websites that enabled money laundering for scammers and hackers, including ransomware operators, have been taken down by the FBI and Ukrainian police. According to a press release from the FBI, the ‘crypto exchanges’ operation was supported by the Virtual Currency Response Team, the National Police of Ukraine, and regional prosecutors.
Nine websites and their servers were stolen in this operation: (“24xbtc.com”, “100btc.pro”, “pridechange.com,” “101crypta.com”. Also included are “uxbtc.com,” “trust-exchange.org”, “bitcoin24.exchange”, “paybtc.pro” “owl.gold.”)
The seizure banner below, which alternates its message in Russian and English, is displayed when you visit any of these domains right now.
Users could anonymously exchange cryptocurrencies into coins that are more difficult to track down on the seized websites, which helped hackers conceal the source of their stolen funds and avoid detection by law authorities.
A wide range of cybercriminal communities were covered by the majority of these sites, which provided users with live help and instructions in both Russian and English.
According to the FBI’s announcement, noncompliant virtual currency exchanges that operate in violation of Title 18 United States Code, Sections 1960 and 1956, serve as significant hubs in the ecosystem of cybercrime and have lax anti-money laundering programs or collect little to no Know Your Customer information.
By offering these services, virtual currency exchanges intentionally aid in the illegal behavior of their customers and join forces with them in criminal enterprises.
The law enforcement operation also resulted in the seizure of the website’s servers, which were situated in the United States, Ukraine, and other European nations.
Law enforcement can use the infrastructure they’ve confiscated to identify the cybercriminals who used the sites to launder money, possibly leading to more arrests down the road.
In order for hackers to carry out their extortion schemes unchecked and use the money they have stolen in the real world, bitcoin laundering networks must be taken down.
In addition to impeding ransomware groups’ financial operations, law enforcement agencies also send a clear message to the owners of these platforms that unlawful or dubious activity will not be permitted by shutting down these sites.
The ‘ChipMixer‘ cryptocurrency mixing business, made use of by threat actors, ransomware gangs, and scammers to launder their money, was confiscated by the FBI, Europol, and the German authorities in March 2023.
More recently, on April 24, 2023, the Office of Foreign Assets Control (OFAC) of the U.S. Dept. of the Treasury imposed sanctions on brokers who alligned with North Korean cryptocurrency money laundering networks.
Lastly, at the beginning of the year, the U.S. DoJ detained the creator of Bizlato, a cryptocurrency exchange registered in Hong Kong, on suspicion of assisting hackers in the laundering of illicitly obtained funds.
In a risky combined operation, the FBI and Ukrainian police brought down nine ‘crypto exchanges’ websites that were well known for serving as money launderers for ransomware groups and cyber criminals. The daring action is part of an organized campaign to interfere with and destroy the digital infrastructure that allows cybercriminals to make money off of their malicious actions. These illegal exchanges made it possible for users to change cryptocurrency into coins that are more difficult to track, obfuscating the money trail and allowing crooks to launder their illicit gains covertly. Many of the sites that were taken down offered live assistance and instructions in both Russian and English, serving a variety of online criminal communities.
According to the FBI’s release, noncompliant virtual currency exchanges act as key nodes in the ecosystem of cybercrime and are in violation of Sections 1960 and 1956 of Title 18 of the United States Code. These virtual currency exchangers intentionally supported illicit behavior, taking part in a number of criminal operations. Law enforcement will now examine seized servers in the US, Ukraine, and several other European nations. This analysis could reveal the identities of cybercriminals who used the sites to launder money and result in additional arrests.