The US Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in running cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitaliyevich Ostapenko and Aleksandr Evgenievich Olynyk were arrested on December 1, 2024, in cooperation with the Financial Intelligence and Investigative Service of the Netherlands, the National Bureau of Investigation of Finland, and the US Federal Bureau of Investigation (FBI).
It was not said where they were caught. A third person, Anton Vyachalovich Tarasov, is still at large.
The defendants are accused of operating cryptocurrency mixers (a.k.a. Tumblr) that served as safe havens for “laundering criminally obtained funds,” including ransomware and wire fraud proceeds, the state said. It allowed hacking groups and cybercriminals to profit from their illicit activities. .
In particular, they allowed their paying customers to send cryptocurrencies to specific recipients in order to clarify the source of the cryptocurrencies and the fact that they originated from various cyber crimes.
“Blender.io and Sinbad.io were allegedly used by criminals around the world to launder funds stolen from victims of ransomware, virtual currency theft and other crimes,” said Ryan K. Buchanan, U.S. Attorney for the Northern District of Georgia.
Blender, was launched in 2018. Approved In May 2022, the U.S. Treasury Department found that the North Korean-linked Lazarus Group used the service to launder cybercrime proceeds, including proceeds from the Ronin Bridge hack. .
“The service was advertised on a popular Internet forum as having a ‘no logs policy’ and deleting any traces of user transactions,” the DoJ said. “Furthermore, in the ad, Blender stated that users do not need to sign up, register or provide any details other than a ‘recipient address!'”
It is also accused of facilitating money laundering for Russia-linked ransomware gangs such as TrickBot, Conti (formerly Ryuk), Sodinokibi (aka REvil), and Gandcrab. While Blender shut down a month before the bans were announced, blockchain intelligence firm Elliptic Disclosure In May 2023 the service was “highly likely” to be rebranded and relaunched as Sinbad in early October 2022.
More than a year later, international law enforcement agencies Confiscated The online infrastructure associated with Sinbad and the Lazarus Group approved Mixer to process millions of dollars worth of virtual currency from the heists.
Ostapenko, 55, is charged with one count of conspiracy to commit money laundering and two counts of operating an unlicensed money transmission business.
Olynyk, 44, and Tarasov, 32, are charged with one count of conspiracy to commit money laundering and one count of operating an unlicensed money transmission business. All three defendants could face a maximum of 25 years in prison for the charges if convicted.
The development comes as Chainalysis said it identified more than 1,100 victims of cryptocurrency scams. Operation Spincaster and Operation De Cloak in partnership with Canadian law enforcement authorities, resulting in an estimated collective loss of more than $25 million.
In these scams, victims are typically instructed by the scammers to set up their own self-custodial wallet, buy crypto from centralized exchanges (CEXs) in Canada, and send those funds to the self-custodial wallet.
“Fraudsters make payments to victims, tricking them into adding funds to their self-custodial wallets,” Channelsys said. said. “Scammers then trick victims into sending crypto to destination addresses, thereby draining the victim’s wallet/funds.”