Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested
The founder and majority owner of a Hong Kong-based cryptocurrency exchange, which law enforcement officials allege is a “haven for criminal proceeds and funds,” has been arrested for failing to comply with U.S. anti-money laundering requirements, the Justice Department announced Wednesday.
The exchange called Bitzlato moved more than $700 million dollars within the Hydra Marketplace, which was formerly the world’s longest-running and largest dark web marketplace before U.S. and German authorities took it down last April, according to the DOJ.
The arrest comes as the U.S. ramps up efforts to crack down on attempts by cybercriminals to use cryptocurrency as a means to evade financial regulations and transfer illicit funds. The exchange’s founder, Anatoly Legkodymov, is a Russian national who resides in China. Legkodymov, who operated the exchange from Miami from 2022 up until his arrest by FBI agents in Miami on Tuesday night.
“To all those exploiting the cryptocurrency ecosystem to enable cryptocrime, we have a clear message: we will not only target hackers, fraudsters, and criminals that mask their profits in cryptocurrency,” said Deputy Attorney General Lisa Monaco. “We are also unleashing the full force of the Department of Justice on the illicit actors and entities that support cybercriminals — like Legkodymov and Bitzlato.”
U.S. officials say that Bitzlato’s failure to enact know-your-customer procedures made it a haven for funds from criminal activity since its founding in 2016. Bitzlato reportedly facilitated transfers from Russian cybercriminal groups including Conti, and received more than $15 million in ransomware proceeds.
Officials said the arrest is a warning shot to Russian criminals and their enablers seeking to evade U.S. sanctions.
“At a time when Russia is waging a brutal and unjustified war in Ukraine and as it seeks to circumvent sanctions and governance controls to fill its coffers and sustained its violence, we will not tolerate criminal enterprises that enrich Russia’s malicious interests,” Wally Adeyemo, U.S. secretary of the Treasury Department.
Officials declined to answer questions about whether Bitzlato was directly used by Russian actors to evade sanctions. According to cryptocurrency analysis firm Chainalysis, Bitzlato received $2.5 billion in cryptocurrency since 2019, 27 percent of which came from illicit sources such as ransomware and sanctioned entities. The exchange also received $32,000 worth of cryptocurrency from pro-Russia paramilitary groups since the outset of the war in Ukraine.
This is the first time that the Treasury Department’s Financial Crimes Enforcement Network has issued an order designating a virtual currency exchange as a “primary money laundering concern” in connection with Russian illicit finance.
The DOJ alleges in its complaint that Legkodymov was well aware of the exchange’s illicit users. In May 2019, he wrote a message to a colleague using the exchange’s internal chat system saying users were “known to be crooks” and registering under false identities. A senior executive warned Legkodymov that Bitzlado was being used by “addicts who buy drugs” from Hydra Marketplace.
Alongside the arrest, French authorities worked with Europol and partners in Spain, Portugal and Cyprus to take down Bitzlato’s digital infrastructure and seize its assets. If found guilty, Legkodymov faces a maximum of five years in prison.
Updated Jan 18, 2023: This story has been updated to include more data on Bitzlato from Chainalysis.