FBI seizes $2.3 million in BTC from Russian ransomware operator

  • The FBI recently announced that it had seized 39 BTC from the wallet of a Russian ransomware operator affiliated with REvil, a notorious cybercrime gang.
  • FBI managed to seize the Exodus wallet of the operator, recovering the BTC, but it didn’t give details about how it did this.

Bitcoin is no longer the crime haven that it was in its early days. In yet another clear proof of this, the Federal Bureau of Investigations has seized over 39 BTC, worth over $2 million from a Russian ransomware operator linked to the notorious cybercrime gang REvil.

According to court documents first seen by Bleeping Computer, the FBI filed a Complaint for Forfeiture in the Northern District of Texas yesterday, November 30. This followed the seizure of 39.891 BTC from an Exodus wallet previously owned by a Russian citizen. Exodus is a non-custodial desktop and mobile wallet supporting over 130 cryptocurrencies.

According to the FBI, the wallet contained REvil ransom payments belonging to Alexander Sikerin whose email address is ‘[email protected].’ While the FBI doesn’t reveal more details about the actor, the alias ‘engfog’ is linked to a well-known affiliate of the GandCrab and REvil ransomware gangs known as ‘Lalartu.’

Related: Ransomware Attack: REvil Demands $70 Million in Bitcoin after Striking 200 US Firms

The Defendant Property constitutes, was derived from, and is traceable to ransomware attacks committed by Sikerin The Defendant Property is also involved in and traceable to the money laundering conspiracy involving [REvil] ransom payments.

The seizure, while not the largest in recent times, signifies the continued crackdown on criminals that use Bitcoin and other cryptocurrencies for their illicit acts. Ransomware operators have been the biggest culprits, wreaking havoc globally and demanding payments in Bitcoin.

Between April 2019 and July 2021, ransomware victims paid over $200 million to these criminals, with an overwhelming majority of these funds being paid in Bitcoin. Some of the more famous cases involve JBS, the world’s largest meat processor and Colonial Pipeline, the largest pipeline system in the U.S. The two paid $11 million and $4.4 million to the criminals to recover their data and systems.

However, further proving that Bitcoin is not for criminals, U.S authorities were able to recover $2.3 million from the Colonial Pipeline ransom.

David Carlisle, an executive at London-based blockchain analytics firm Elliptic commented:

It [the recovery]also points to the underlying traceability of crypto, which can be used as a powerful tool and asset against criminals. Law enforcement is becoming very adept in its use of blockchain analytics capabilities to disrupt illicit activity, and this is one of the best examples of that we’ve seen to date.