OFAC sanctions 10 wallets linked to LockBit takedown

Europol said authorities have frozen over 200 crypto accounts linked to LockBit

by Katherine Ross /
article-image

Artwork by Crystal Le

share

The Treasury’s Office of Foreign Assets Control added several wallet addresses tied to two Russian nationals to its specially designated nationals list. 

Artur Sungatov and Ivan Kondratyev were indicted on charges related to ransomware deployment. The two were tied to LockBit, a ransomware group that received over $120 million in ransom payments, according to the Department of Justice. 

OFAC identified 10 wallet addresses tied to Sungatov and Kondratyev.

The US worked with the UK and other law enforcement agencies across the world to charge and take action against LockBit. 

Newsletter

Subscribe to Blockworks Daily

A press release from Europol said that law enforcement agencies from 10 countries worked together to freeze over “200 cryptocurrency accounts linked to the criminal organization, underscoring the commitment to disrupt the economic incentives driving ransomware attacks.”

Read more: Crypto money laundering activity down 29% from 2022: Chainalysis 

Sungatov and Kondratyev, the DOJ said, were designated due to their cyberattacks.

The Cybersecurity and Infrastructure Security Agency put out a cybersecurity advisory on LockBit in June, noting that the ransomware variant continued to be “prolific in 2023” after becoming the most deployed variant in 2022.

“LockBit ransomware operation functions as a Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure,” the warning said.

The takedown, dubbed Operation Cronos, took 34 servers down across the Netherlands, US, Finland, France and the UK. 

The UK’s National Crime Agency, according to Europol, took control of the “technical infrastructure that allows all elements of the LockBit service to operate, as well as their leak site on the dark web, on which they previously hosted the data stolen from victims in ransomware attacks.”

Chainalysis, earlier this month, said that ransomware payments topped $1 billion in 2023 after the figure declined to $567 million in 2022.

Read more: North Korea is still a threat to crypto: Chainalysis

The $1 billion marked the “highest number ever observed,” the firm noted.

Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

Upcoming Events

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research Report Templates.jpg

Research

Evaluating Bluefin’s Precarious Market Position

Bluefin possibly stands at an inflection point. The token is near an all-time low yet the protocol’s spot volume market share and derivatives exchange usage have been increasing month over month since its November launch. Given its current market position and the upcoming upgrades (for both Bluefin and SUI), there may be upside potential before the increased supply growth in December. However, strong opposition from existing competitors (like Cetus and Suilend), as well as new entrants (like Aftermath), pose key challenges to Bluefin’s medium-term success.

by Marc-Thomas Arjoon, CFA

/

news

article-image

Policy

Trump’s SEC pick grilled on past agency actions, conflicts of interest 

Top Committee Democrat Sen. Elizabeth Warren in her opening statement accused Atkins of “helping billionaire CEOs like Sam Bankman-Fried”

by Casey Wagner /
article-image

0xResearch NewsletterDeFi

COTI launches V2 mainnet: A new era of privacy-focused L2 solutions

Introducing garbled circuits for enhanced privacy and regulatory compliance

by Donovan Choy /
article-image

AnalysisSupply Shock

How Silk Road carved the fault line that separates ‘bitcoin’ and ‘crypto’

Ross Ulbricht was a freedom maximalist building freedom tech, powered by Bitcoin

by David Canellis&Pete Rizzo /
article-image

DeFiLightspeed Newsletter

Solana startups spin up validators for revenue and ‘soft power’

Solana validators can reap benefits including payments, votes and community clout

by Jack Kubinec /
article-image

Sponsored

WCT’s Role in the Onchain Economy

WalletConnect is cementing itself as the essential connectivity layer, ensuring wallets remain the entry point for billions of users

article-image

Business

Galaxy to pay $200M to New York over alleged LUNA manipulation

According to a legal filing, Galaxy Digital helped boost the price of LUNA while quietly selling its tokens

by Katherine Ross /