Policy
Share this article

U.S. Bans Crypto Addresses Tied to LockBit Ransomware Group From Financial System

LockBit hit more than 2,000 different victims, who forked out north of $120 million in payments, according to a DOJ press release.

By Nikhilesh De|Edited by Sheldon Reback
Updated Mar 8, 2024, 9:48 p.m. Published Feb 20, 2024, 4:57 p.m.
LockBit's site has been taken over by federal authorities. (UK National Crime Agency)
LockBit's site has been taken over by federal authorities. (UK National Crime Agency)
  • The Office of Foreign Asset Control named two Russian nationals and identified 10 bitcoin and ether addresses after an international operation gained control of the organization's website.
  • Law enforcement agencies said they will distribute decryption keys to victims.

The U.S. Treasury Department's sanctions watchdog added nearly a dozen bitcoin and ether addresses to its global blacklist, alleging they were used by ransomware purveyors.

The Office of Foreign Asset Control (OFAC) named Artur Sungatov and Ivan Kondratyev, two Russian nationals indicted on charges tied to the deployment of ransomware, and identified 10 bitcoin and ether addresses (none of which containing any funds as of press time), in a statement on Tuesday, banning U.S. entities from providing any kind of financial services to the two. According to OFAC and the U.S. Department of Justice, they are part of the LockBit ransomware group, one of the world's most prolific ransomware distributors accused of stealing more than $120 million from over 2,000 victims in the past few years.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the State of Crypto Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

Ransomware attacks let malicious actors lock victims out of their computers and networks unless they pay a fee, often in cryptocurrency.

An international effort by the DOJ, Europol, the U.K. National Crime Agency and agencies in several other countries seized LockBit's website and various pages earlier this week in an effort dubbed Operation Cronos. The law enforcement agencies announced they would be distributing decryption keys to victims, allowing them to regain access to their devices.

According to a press release from Europol, more than 200 cryptocurrency accounts tied to LockBit have been frozen, while authorities in the U.S., U.K. and EU have all seized various parts of the ransomware group's infrastructure.

Some of the addresses listed by OFAC on Tuesday were deposit addresses for KuCoin, Coinspaid and Binance, according to data from Arkham Intelligence.

LockBit's victims included municipal entities and private companies around the world.

"The LockBit ransomware variant, like other major ransomware variants, operates in the 'ransomware-as-a-service' (RaaS) model, in which administrators, also called developers, design the ransomware, recruit other members — called affiliates — to deploy it, and maintain an online software dashboard called a 'control panel' to provide the affiliates with the tools necessary to deploy LockBit," the DOJ press release said.

RegulationsRansomwareEuropolDOJOFACSanctions

Más para ti

KuCoin Hits Record Market Share as 2025 Volumes Outpace Crypto Market

Por CoinDesk Research
22 dic 2025
logo
Commissioned byKuCoin
16:9 Image

KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.

Lo que debes saber:

  • KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
  • This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
  • Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
  • Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
  • Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
View Full Report

Más para ti

Ukraine banned Polymarket and there’s no legal way for it to come back

Por Francisco Rodrigues|Editado por Aoyon Ashraf
hace 14 horas
Kyiv in Ukraine (Glib Albovsky/Unsplash/Modified by CoinDesk)

Polymarket and similar platforms are considered unlicensed gambling operators, leading to blocked access.

Lo que debes saber:

  • Ukraine has no legal framework for Web3 prediction markets, and current legislation provides no recognition for such platforms.
  • Polymarket and similar platforms are considered unlicensed gambling operators, leading to blocked access.
  • Legal changes are unlikely in the near future, as Parliamentary revisions to gambling definitions are extremely improbable during wartime, leaving prediction markets in a legal deadlock.
Leer la noticia completa