US Strikes Back: Massive Sanctions Hit Russian Crypto Exchange Garantex, Grinex, and Affiliates

Listen to this Post

Featured Image

A Global Crackdown on Digital Crime

In a sweeping escalation of its fight against cybercrime, the United States has expanded sanctions against Russian cryptocurrency exchange Garantex, its successor Grinex, and a network of affiliated companies. The move, announced Thursday, is part of a coordinated global effort to dismantle illicit financial channels used by ransomware groups, hackers, and other criminal syndicates. Authorities are not just freezing assets but also putting bounties on the heads of the exchange’s top figures, signaling that the U.S. is stepping up its cyber warfare to unprecedented levels.

Major Enforcement Actions and Arrest Warrants

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has re-designated Garantex under its sanctions list, accusing the platform of handling over \$100 million in illicit transactions since 2019. The State Department is offering up to \$6 million in rewards for information leading to the capture of its leaders — with \$5 million earmarked for the arrest of co-founder and chief commercial officer Aleksandr Mira Serda. These financial incentives underscore Washington’s intent to see these figures face justice.

This aggressive targeting follows a high-profile international law enforcement operation in March that seized three Garantex domains, confiscated servers, froze \$26 million in cryptocurrency, and brought indictments against key leaders. Aleksej Besciokov, another co-founder, was captured in India while vacationing shortly after the indictments were made public.

Expanding the Sanctions Net

Additional individuals facing sanctions include Sergey Mendelev, Garantex’s co-founder, and Pavel Karavatsky, a regional director and co-owner. The U.S. government accuses these figures of knowingly enabling the laundering of hundreds of millions in criminal proceeds. The allegations extend beyond cybercrime, implicating them in activities tied to terrorism, drug trafficking, and ransomware operations that caused significant harm to U.S. victims.

From April 2019 to March 2025, Garantex reportedly processed an astronomical \$96 billion in cryptocurrency transactions. Before its disruption, the exchange was a hub for funds linked to notorious ransomware groups such as Conti, Black Basta, LockBit, Ryuk, NetWalker, and Phoenix Cryptolocker.

The Rise of Grinex

In a bid to dodge sanctions, Garantex shifted its operations to Grinex, a successor platform accused of facilitating billions in cryptocurrency transfers since its creation. However, the U.S. Treasury asserts that Grinex is simply a rebranded continuation of Garantex’s illicit operations.

Thursday’s crackdown also saw sanctions leveled against six other entities — A7, A7 Agent, Old Vector, InDeFi Bank, and Exved — for their alleged roles in supporting or enabling Garantex and Grinex’s financial activities.

The Message to the Digital Asset World

Officials stress that these actions are not aimed at legitimate cryptocurrency businesses but at dismantling bad actors exploiting the industry. As Under Secretary for Terrorism and Financial Intelligence John K. Hurley put it, the laundering of ransomware proceeds “threatens national security and tarnishes the reputations of legitimate virtual asset service providers.” The U.S. aims to set an example — criminals using crypto as a safe haven will face international consequences.

What Undercode Say:

The sanctions against Garantex and Grinex mark a significant turning point in how global authorities are confronting the abuse of cryptocurrency infrastructure. This is not just about punishing a single exchange — it is a strategic maneuver targeting the underlying ecosystem that enables ransomware gangs and organized crime to thrive.

Garantex’s alleged \$96 billion in processed cryptocurrency is a staggering figure. Even if a fraction of that was tied to illicit activity, the scale indicates how deeply entrenched these operations have become in the cybercrime economy. By seizing domains, freezing funds, and arresting key players, law enforcement is striking at both the financial and operational lifelines of these networks.

The arrest of Aleksej Besciokov in India is particularly telling. It highlights how sanctions and indictments are not mere symbolic gestures but carry real risks for those involved, especially when traveling abroad. This sets a precedent that high-profile crypto crime figures are no longer untouchable, even outside the United States.

The shift from Garantex to Grinex illustrates a well-known tactic in illicit finance — rebranding and relocating to evade sanctions. However, the rapid follow-up by OFAC to include Grinex in its sanctions list shows that authorities are becoming more agile in tracking and shutting down these attempts at evasion.

From a geopolitical perspective, the focus on Russian-linked exchanges also reflects the growing intersection between cybercrime and state-affiliated actors. While not all Russian crypto platforms are criminally involved, the concentration of ransomware groups in the region raises legitimate concerns about tacit state tolerance or even support for these activities.

The sanctions on affiliated companies such as InDeFi Bank and Exved signal a widening scope of enforcement. This approach aims to disrupt not just the direct operators but also the broader financial infrastructure enabling illicit transactions. Such pressure can isolate these entities from the global financial system, making it harder for them to operate even in less regulated jurisdictions.

Economically, these moves are intended to deter legitimate service providers from taking risks with questionable clients. By making high-profile examples of Garantex and Grinex, regulators send a warning to the industry — compliance is no longer optional, and the penalties for negligence can be severe.

For the crypto industry at large, this crackdown could have both positive and negative ripple effects. On one hand, it reinforces the need for transparency, strong anti-money laundering measures, and cooperation with authorities. On the other hand, it might also lead to heightened scrutiny that burdens smaller, compliant exchanges with increased compliance costs.

Ultimately, the U.S. strategy here is one of attrition — choking off financial pipelines, dismantling technical infrastructure, and targeting leadership until criminal operations become too costly and risky to sustain. If sustained, this could meaningfully weaken the global ransomware economy, which has relied heavily on permissive crypto exchanges as money-laundering hubs.

🔍 Fact Checker Results

✅ Garantex sanctioned by OFAC since April 2022 and re-designated in 2025
✅ \$96 billion in transactions processed between 2019 and 2025
✅ Arrest of Aleksej Besciokov in India confirmed by U.S. officials

📊 Prediction

Expect more aggressive cross-border crypto crackdowns in the coming months, with joint operations between the U.S., EU, and Asia targeting exchanges suspected of enabling cybercrime. Secondary sanctions could extend to payment processors, mixers, and wallet services that indirectly support ransomware payouts. If this trend continues, many high-risk exchanges will either shut down or move deeper into the dark web economy.

🕵️‍📝✔️Let’s dive deep and fact‑check.

References:

Reported By: cyberscoop.com
Extra Source Hub:
https://www.stackexchange.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon