The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange Bitzlato, with helping cybercriminals allegedly launder illegally obtained money.
Legkodymov was arrested on Tuesday night in Miami and will be arraigned today in the U.S. District Court for the Southern District of Florida.
French authorities also dismantled Bitzlato’s digital infrastructure as part of an operation where they worked with Europol and partners in Spain, Portugal, and Cyprus.
To put things in perspective, according to a Chainalysis report on cryptocurrency-based money laundering activity, Bitzlato received more than 2 billion worth of crypto between 2019 and 2021, over $966 million representing illicit and risky cryptocurrency (amounting to roughly 48% of the total).
Chainalysis added that, according to its estimations, the crypto exchange “received $206 million from darknet markets, $224.5 million from scams, and $9 million from ransomware attackers.”
Today, the DOJ said that because of “deficient know-your-customer (KYC) procedures, Bitzlato allegedly became a haven for criminal proceeds and funds intended for use in criminal activity.”
“Bitzlato’s largest counterparty in cryptocurrency transactions was Hydra Market, [..] the largest and longest running darknet market in the world,” before being taken down by U.S. German authorities in April 2022.
Hydra Market users have exchanged over $700 million in cryptocurrency with Bitzlato, directly or using intermediaries, and more than $15 million in what the DOJ tagged as ransomware proceeds.
Legkodymov and other Bitzlato managers were also allegedly aware that illicit activity was widespread across Bitzlato accounts and that many users registered their accounts using stolen identities.
Additionally, while the crypto exchange claimed not to allow users from the United States to register accounts, reports received by Legkodymov showed substantial traffic to the platform from U.S.-based IP addresses, amounting to more than 250 million visits in July 2022 alone.
Bitzlato warned users this morning that the crypto exchange was hacked and told them that, despite the incident, all their funds were safe.
“Our service was hacked, part of the funds was withdrawn from the service. We ask you DO NOT REPLENISH our service during the proceedings! Withdrawals will also be suspended indefinitely,” Bitzlato’s users were warned.
“We want to inform you that the funds are completely safe. The attackers were able to withdraw a small part of the funds, but for all victims, we guarantee a refund! As a security measure, we have disabled the service, we ask you not to replenish the wallets of our service until the work is restored,” the Blitzlato team said seven hours later.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) also designated the Bitzlato crypto exchange today as a “primary money laundering concern” in connection with illicit Russian finance.
“Bitzlato plays a critical role in laundering Convertible Virtual Currency (CVC) by facilitating illicit transactions for ransomware actors operating in Russia, including Conti, a Ransomware-as-a-Service group that has links to the Government of Russia,” FinCEN said.
“Bitzlato poses a global threat by allowing Russian cybercriminals and ransomware actors to launder the proceeds of their theft,” FinCEN Acting Director Himamauli Das added on Wednesday.
“As criminals and criminal facilitators evolve, so too does our ability to disrupt these networks.”
Update: Added info on Bitzlato warning users of a hack and alleged money laundering activity reported by Chainalysis.
