US Authorities Seize $1 Million from Russian Ransomware Gang

On Monday, the U.S. Department of Justice revealed it has seized servers and $1 million in bitcoin from the infamous Russian ransomware group linked to the BlackSuit and Royal malware.

According to the press release, a coalition of global law enforcement agencies, including representatives from the U.S., Canada, Germany, Ireland, France, the U.K., and others, conducted the seizure of four servers and nine domains on July 24. In addition, around $1 million in cryptocurrency was confiscated.

BlackSuit and Royal are two separate forms of ransomware, believed to be developed by the same Russian cybercriminal group that has targeted critical infrastructure both in the U.S. and abroad.

“The individuals behind BlackSuit have made ransom demands exceeding $500 million USD in total, with the highest single demand reaching $60 million,” noted the U.S. cybersecurity agency CISA in a report last year.

“The ongoing targeting of U.S. critical infrastructure by the BlackSuit ransomware group presents a significant threat to public safety,” stated Assistant Attorney General for National Security John A. Eisenberg in the press release.

As reported by ICE’s Homeland Security Investigations, which led the inquiry, Royal and BlackSuit have impacted over 450 victims in the U.S., affecting various sectors such as healthcare, education, public safety, energy, and government. Since 2022, the cybercriminals have reportedly gathered over $370 million in ransom payments.

The confiscated bitcoin was sourced from a digital currency exchange account, with its assets being frozen since January of last year, as noted in the announcement.

We’re constantly striving for improvement, and by sharing your thoughts and feedback on TechCrunch, our coverage, and our events, you can help us out! Please fill out this survey to let us know how we’re doing and also have a chance to win a prize!