U.S. Treasury Takes Action Against Russian Cryptocurrency Platforms
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has renewed its sanctions against the Russian cryptocurrency exchange Garantex. This action comes in the wake of evidence that the platform facilitated significant illegal activities, processing more than $100 million in transactions linked to cybercriminals since 2019.
Sanctions Against Garantex and Its Successor
Alongside Garantex, the Treasury has also imposed sanctions on its successor, Grinex. The penalties extend to three co-founders of Garantex—Sergey Mendeleev, Aleksandr Mira Serda, and Pavel Karavatsky—as well as six companies associated with them, located primarily in Russia and the Kyrgyz Republic. The listed companies include:
- Independent Decentralized Finance Smartbank and Ecosystem (InDeFi Bank)
- Exved
- Old Vector
- A7 LLC
- A71 LLC
- A7 Agent LLC
John K. Hurley, the Under Secretary of the Treasury for Terrorism and Financial Intelligence, emphasized that the U.S. is committed to preventing the abuse of digital assets for supporting cybercrime and evading sanctions. “Digital assets play a crucial role in global innovation and economic development,” he stated, underscoring the authenticity of the U.S. stance on this issue.
History of Garantex’s Illicit Activities
Garantex first came under U.S. sanctions in April 2022, following its involvement in facilitating transactions from darknet markets and illicit actors, including the notorious Hydra and Conti groups. A coordinated law enforcement operation led to the seizure of Garantex’s website in March 2025 and the arrest of co-founder Aleksej Besciokov in India.
Reports from TRM Labs indicated that almost immediately after these sanctions, Garantex attempted to evade them by rebranding as Grinex. Despite this change, Garantex reportedly continued to process substantial amounts—over $100 million—of transactions tied to individuals and organizations already under U.S. sanctions. Alarmingly, about 82% of Grinex’s transaction volume was associated with these sanctioned entities.
The Underlying Mechanisms of Cybercrime
The U.S. Treasury described how criminal users exploited Garantex to launder illicit funds. The platform was used to process money from various ransomware groups, including Conti, Black Basta, LockBit, NetWalker, and Phoenix Cryptolocker variants. Following law enforcement action in March, Garantex transferred its infrastructure and customer accounts to Grinex.
Additionally, a ruble-backed stablecoin, the A7A5 token—issued by a Kyrgyz firm called Old Vector—was used to assist affected customers in restoring account access. Reports indicate that A7A5 has facilitated a staggering $1 billion in transactions daily, with an overall valuation reaching $41.2 billion.
Garantex also provided services to actors connected to high-profile ransomware gangs like Ryuk. Notable among those involved was Ekaterina Zhdanova, who was reported to have exchanged over $2 million in Bitcoin for Tether (USDT) via Garantex. Zhdanova had previously been sanctioned for her role in laundering virtual currency for elite cybercriminal groups.
Broader Implications of the Sanctions
The U.S. Department of Justice (DoJ) has made moves to dismantle financial networks aiding in cybercrime. Recently, they unsealed six warrants allowing for the seizure of over $2.8 million in cryptocurrency and a luxury vehicle linked to Ianis Aleksandrovich Antropenko. Charged with using Zeppelin ransomware to attack various targets, Antropenko’s case underscores the importance of ongoing efforts to halt cybercrime through stringent financial scrutiny.
The DoJ linked seized assets to laundering activities, facilitated through methods like the now-defunct cryptocurrency mixing service ChipMixer.
In a parallel operation, authorities froze assets exceeding $300 million associated with various cybercrime ventures, further illustrating a global commitment to dismantling these networks. This coordinated effort highlights the serious ramifications of cybercrime on national security and the integrity of financial systems.
The recent sanctions against Garantex and Grinex signify a broader strategy aimed at curbing illegal digital activities that pose risks not just to the U.S. but to the global economy at large.
