Sanctioned Russian developer interacts with Garantex, Chainalysis finds

Chainaliz said the Treasury Department’s OFAC sanctioned the Russian developer of LockBit, which transferred cryptocurrencies to various illegal services, including the sanctioned Russian exchange Garantex.

Dmitry Khoroshev, the Russian developer of the ransomware program called LockBit, which was recently approved by the Treasury Department’s Office of Foreign Assets Control (OFAC), frequently interacts with sanctioned Russian crypto services such as Garantex and Bitzlato.

According to a blog post from blockchain intelligence firm Chainalysis, at least one Bitcoin address associated with Khoroshev (also known as LockBitSupp, LockBit, and putinkrab) received “several thousands of dollars” in crypto from a mixing service into his personal wallet.

A Bitcoin address associated with Khoroshev | Source: Chainaliz

According to the address’s on-chain activity, it received over 0.75 BTC, worth approximately $36,000 at current prices, with the last transaction recorded in September 2021. But as U.S. attorney Philip Sellinger of Khoroshev, District of New Jersey, put it, “He personally pocketed the $100 million extorted from Lockbit’s victims.” The full list of crypto addresses associated with Khoroshev has not been disclosed.

Crypto.news has reached out to Chainalysis and will update this article if we hear back.

The New York-based firm said Khoroshev transferred funds to a variety of illegal services, including OFAC-approved services such as Russian exchange Garantex, crypto mixer Sinbad and Bitzlato, as well as “bulletproof hosting services, malware, scam shops and KYC” services. “You underground exchanges,” the protocols say.

Khoroshev allegedly served as the developer and administrator of the LockBit ransomware group since its founding in September 2019 until May of this year, according to U.S. officials, and the group has been exploited in at least 120 countries, including 1,800 victims in the United States. It is emphasized that he attacked more than 2,500 victims.

The U.S. Department of Justice said Khoroshev and his accomplices “extorted at least $500 million in ransom payments from their victims and caused broader losses in the billions of dollars in lost revenue, incident response, and recovery.”