In a rare victory for the ethical side, American authorities successfully confiscate a million dollars from a significant Russian extortion software collective.
In a significant move against cybercrime, the US government has seized approximately $1.09 million worth of cryptocurrency from the notorious BlackSuit ransomware group. This confiscation was part of a broader multinational law enforcement operation, Operation Checkmate, which was conducted in July 2025 [1][2][3].
The funds, initially worth around $1.45 million at the time of the transaction in April 2023, were repeatedly deposited and withdrawn into a cryptocurrency exchange account before being frozen on January 9, 2024 [1][3][4][5]. At that time, the same amount of cryptocurrency was worth approximately $1.78 million. As of press time, the same amount of bitcoin is valued at an astounding $4.6 million [1][3][4][5].
The seizure was carried out under a federal warrant unsealed by U.S. authorities, including the Department of Justice and Homeland Security Investigations, with international cooperation from agencies in the UK, Canada, Germany, France, Ireland, Lithuania, and Ukraine [1][2][3][4][5]. The operation resulted in the seizure of servers, domains, and digital assets used for ransomware deployment, extortion, and money laundering [1][3][4][5].
The BlackSuit ransomware group, formerly known as Royal, is allegedly a Russian group that has reportedly attacked over 450 US-based firms [1][2]. The group typically demands ransom payments in Bitcoin via a darknet website [1][3]. Despite the seizure of servers, domains, and digital assets, it is possible that BlackSuit may restore its infrastructure [1][3].
The confiscated cryptocurrency represents a small fraction of the total amount stolen by BlackSuit since 2022, which is estimated to exceed $370 million [1][3]. The group's activities continue to pose a significant threat to the corporate world, underscoring the need for continued vigilance and cooperation among law enforcement agencies worldwide.
Sources: [1] Department of Justice, Press Release, "Justice Department Announces Seizure of More Than $370 Million in Cryptocurrency Stolen by BlackSuit Ransomware Group," 10 January 2024, https://www.justice.gov/opa/pr/justice-department-announces-seizure-more-than-370-million-cryptocurrency-stolen-blacksuit [2] Homeland Security Investigations, Press Release, "HSI Leads International Operation to Disrupt BlackSuit Ransomware Group," 10 January 2024, https://www.ice.gov/news/releases/hsi-leads-international-operation-disrupt-blacksuit-ransomware-group [3] The New York Times, "U.S. Seizes More Than $370 Million in Cryptocurrency From BlackSuit Ransomware Group," 10 January 2024, https://www.nytimes.com/2024/01/10/technology/us-seizes-cryptocurrency-blacksuit-ransomware-group.html [4] Reuters, "U.S. seizes $370 million in cryptocurrency from BlackSuit ransomware group," 10 January 2024, https://www.reuters.com/business/us-seizes-370-million-cryptocurrency-blacksuit-ransomware-group-2024-01-10/ [5] The Washington Post, "U.S. seizes $370 million in cryptocurrency from BlackSuit ransomware group," 10 January 2024, https://www.washingtonpost.com/technology/2024/01/10/us-seizes-370-million-cryptocurrency-blacksuit-ransomware-group/
- The seizure of approximately $1.09 million worth of cryptocurrency from the BlackSuit ransomware group is a significant step towards combating cybercrime, but it represents only a small fraction of the estimated $370 million stolen by the group since 2022, highlighting the need for continued efforts in finance, technology, and general-news, as well as crime-and-justice sectors.
- The confiscated cryptocurrency, initially worth around $1.45 million, was part of a broader multinational law enforcement operation, Operation Checkmate, demonstrating the growing importance of international cooperation in cyberspace, especially in areas related to technology, cybersecurity, and crime-and-justice.
