U.S. officials imposed sanctions Thursday on Russian cryptocurrency exchange Garantex, its successor Grinex, and related affiliates, while also targeting its leaders for arrest with financial rewards. These measures are part of intensified efforts to halt the flow of ransomware proceeds facilitated by the platforms.

The Treasury Department’s Office of Foreign Assets Control re-designated Garantex for sanctions, accusing its operators of processing more than $100 million in illicit transactions since 2019. The State Department announced financial rewards totaling up to $6 million for information leading to the arrest or conviction of Garantex’s leaders, including up to $5 million for Russian national Aleksandr Mira Serda, the exchange’s co-founder and chief commercial officer.

Authorities expanded their targeting of Garantex, its leaders and associated companies following a sweeping international law enforcement operation in March when officials seized three domains linked to the exchange, confiscated servers, froze more than $26 million in cryptocurrency and indicted its leaders. 

One of those leaders, Aleksej Besciokov, was arrested in March while on vacation in India shortly after the Justice Department unsealed indictments against him and Mira Serda, officials said. OFAC also imposed sanctions on Sergey Mendelev, co-founder of Garantex, and Pavel Karavatsky, co-owner and regional director of Garantex.

“According to the U.S. Secret Service and FBI, Garantex received hundreds of millions in criminal proceeds and was used to facilitate various crimes, including hacking, ransomware, terrorism, and drug trafficking, often with substantial harm to U.S. victims,” Tammy Bruce, spokesperson for the State Department, said in a statement Thursday. “Between April 2019 and March 2025, Garantex processed at least $96 billion in cryptocurrency transactions.” 

Before Garantex moved its operations and funds to Grinex following the globally coordinated law enforcement disruption, the exchange received millions of dollars in cryptocurrency from Russia-linked ransomware affiliates. Officials traced those transactions to Conti, Black Basta, LockBit, Ryuk, NetWalker and Phoenix Cryptolocker. 

Grinex, which was created to avoid the sanctions placed on Garantex, has since facilitated the transfer of billions of dollars in cryptocurrency transactions, the Treasury Department said. The Treasury Department’s OFAC initially sanctioned Garatex in April 2022.

OFAC sanctioned six additional organizations Thursday, including A7, A7 Agent, Old Vector, InDeFi Bank and Exved for their alleged involvement with and material support of Garantex and Grinex.

“Exploiting cryptocurrency exchanges to launder money and facilitate ransomware attacks not only threatens our national security, but also tarnishes the reputations of legitimate virtual asset service providers,” John K. Hurley, under secretary of the Treasury for terrorism and financial intelligence, said in a statement. “By exposing these malicious actors, Treasury remains committed to and supportive of the digital asset industry’s integrity.”

The post US widens sanctions on Russian crypto exchange Garantex, its successor and affiliate firms appeared first on CyberScoop.

Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the coast of India with his family.

Aleksej Bešciokov, “proforg,” “iram”. Image: U.S. Secret Service.

On March 7, the U.S. Department of Justice (DOJ) unsealed an indictment against Besciokov and the other alleged co-founder of Garantex, Aleksandr Mira Serda, 40, a Russian national living in the United Arab Emirates.

Launched in 2019, Garantex was first sanctioned by the U.S. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking. Since those penalties were levied, Garantex has processed more than $60 billion, according to the blockchain analysis company Elliptic.

“Garantex has been used in sanctions evasion by Russian elites, as well as to launder proceeds of crime including ransomware, darknet market trade and thefts attributed to North Korea’s Lazarus Group,” Elliptic wrote in a blog post. “Garantex has also been implicated in enabling Russian oligarchs to move their wealth out of the country, following the invasion of Ukraine.”

The DOJ alleges Besciokov was Garantex’s primary technical administrator and responsible for obtaining and maintaining critical Garantex infrastructure, as well as reviewing and approving transactions. Mira Serda is allegedly Garantex’s co-founder and chief commercial officer.

Image: elliptic.co

In conjunction with the release of the indictments, German and Finnish law enforcement seized servers hosting Garantex’s operations. A “most wanted” notice published by the U.S. Secret Service states that U.S. authorities separately obtained earlier copies of Garantex’s servers, including customer and accounting databases. Federal investigators say they also froze over $26 million in funds used to facilitate Garantex’s money laundering activities.

Besciokov was arrested within the past 24 hours while vacationing with his family in Varkala, a major coastal city in the southwest Indian state of Kerala. An officer with the local police department in Varkala confirmed Besciokov’s arrest, and said the suspect will appear in a Delhi court on March 14 to face charges.

Varkala Beach in Kerala, India. Image: Shutterstock, Dmitry Rukhlenko.

The DOJ’s indictment says Besciokov went by the hacker handle “proforg.” This nickname corresponds to the administrator of a 20-year-old Russian language forum dedicated to nudity and crudity called “udaff.”

Besciokov and Mira Serda are each charged with one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison. Besciokov is also charged with one count of conspiracy to violate the International Economic Emergency Powers Act—which also carries a maximum sentence of 20 years in person—and with conspiracy to operate an unlicensed money transmitting business, which carries a maximum sentence of five years in prison.