The U.S. Department of the Treasury has announced sanctions against Grinex, the successor to Russian cryptocurrency exchange Garantex, which was previously sanctioned for helping ransomware gangs launder their money.
A TRM Labs report, released in April, revealed that Grinex has strong ties to Garantex’s previous operations, but stopped short of providing evidence that it was being used for illicit transactions.
Grinex was promoted on Telegram channels linked to Garantex soon after U.S. authorities seized Garantex’s domains in early March 2025 for processing $100 million worth of illicit transactions and laundering money for cybercriminals. Two Garantex administrators, Aleksandr Mira Serda and Aleksej Besciokov, were later charged, with Besciokov being arrested days later while vacationing in India.
Garantex was sanctioned by the Treasury Department’s Office of Foreign Assets Control (OFAC) in April 2022, following its association with darknet markets and cybercrime groups, including the Hydra dark web market, the notorious Conti Ransomware-as-a-Service (RaaS) operation, and the Black Basta, LockBit, NetWalker, Ryuk, and Phoenix Cryptolocker ransomware gangs.
“Immediately following the March 6, 2025 law enforcement actions led by the U.S. Secret Service, Garantex officers created the infrastructure to continue to provide key services to Garantex, specifically transferring Garantex customer deposits to Grinex,” OFAC said on Thursday.
“Grinex’s promotional materials state that the exchange was formed in response to sanctions and asset freezes that affected Garantex. Since its creation, Grinex has facilitated the transfer of billions of dollars in cryptocurrency transactions.”
Yesterday, OFAC has also renewed sanctions against Garantex, three of its co-founders (Sergey Mendeleev, Aleksandr Mira Serda, and Pavel Karavatsky), and six partner companies in Russia and Kyrgyzstan, including InDeFi Bank, Exved, Old Vector, A7, A71, and A7 Agent, for their alleged involvement with the two sanctioned crypto-exchanges.
On Thursday, the Department of State also announced a reward of up to $6 million for any information leading to the arrests or convictions of Garantex executives.
“Exploiting cryptocurrency exchanges to launder money and facilitate ransomware attacks not only threatens our national security, but also tarnishes the reputations of legitimate virtual asset service providers,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley. “By exposing these malicious actors, Treasury remains committed to and supportive of the digital asset industry’s integrity.”
The Department of State said that Garantex processed over $96 billion in cryptocurrency transactions between April 2019 and March 2025.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.
Source link
-
-
-
-
-
