Particle.news
Download on the App Store
13 ARTICLES
·
2d ago

U.S. and Allies Seize $1.09M in Crypto and Disrupt BlackSuit Ransomware Infrastructure

Unsealing the seizure warrants demonstrates authorities’ use of crypto tracing to recover ransomware proceeds.

Blacksuit
Image
Image
Image

Overview

  • On July 24, law enforcement from the U.S., UK, Germany, Ireland, France, Canada, Ukraine, and Lithuania seized four servers and nine domains used by BlackSuit (Royal).
  • The $1,091,453 in Bitcoin was linked to an April 4, 2023 ransom payment and frozen by a cooperating exchange in January 2024.
  • Seizure warrants were unsealed on August 11 by U.S. Attorneys’ offices in the Eastern District of Virginia and the District of Columbia using evidence collected by federal prosecutors.
  • No arrests or public identifications of suspects have been announced, highlighting the difficulty of pursuing transnational ransomware operators.
  • Cisco Talos researchers warn that former BlackSuit members are reemerging under the Chaos ransomware brand, risking renewed extortion campaigns.