ArchiveDisruptive TechnologyOODA Original

In the Bitzlato Case, the Crackdown on Crypto Exchanges and Russian Cybercrime Activities are One in the Same

As reported by Aaron Schaffer at the Washington Post:

“The Biden administration debuted a new power yesterday for fighting Russian cybercrime and rolled out the first major public move of a new government team devoted to battling the illicit use of cryptocurrency.  Both steps came as part of an international effort to punish Bitzlato, a cryptocurrency exchange that U.S. authorities say helped criminals profit from ransomware attacks and drug trafficking.

‘It is really evident that they are rolling out both — not only new soldiers but also new weapons — against crypto fraud or crime,’ John Melican, chief legal officer of the blockchain analysis firm Elliptic, MElcican [told the WP’s Schaffer].

About Bitzlato

Hong Kong-registered Bitzlato has received $2.5 billion in cryptocurrency since 2019, according to blockchain data firm Chainalysis. More than a quarter of it came from illicit sources, the company said.

“The biggest sources of illicit cryptocurrency sent to Bitzlato were addresses associated with crypto scams, dark net markets, and sanctioned entities such as the high-risk exchange Garantex, which was designated last year,” the company said in a blog post.

The New Powers for Law Enforcement

It’s the first public enforcement action led by the department’s national cryptocurrency enforcement team (NCET), which was announced in October 2021 and given a director in February 2022.  When the Justice Department set up the team, ‘We said that NCET would investigate those who enable the use of digital assets to facilitate crime, with a particular focus on virtual currency exchanges and services,’ Assistant Attorney General Kenneth Polite Jr. said in prepared remarks at a Wednesday news conference.

  • ‘And we said that NCET would enhance the department’s collaboration with domestic and foreign partners in aggressively investigating and prosecuting crimes involving cryptocurrency,’ Polite said.
  • ‘Today’s actions against Bitzlato — the first public enforcement action led by NCET — are precisely what we had in mind,’ he said.

It was also the first time the Treasury Department used more muscular authorities Congress gave it in 2020 to take on Russian money laundering.  The agency’s Financial Crimes Enforcement Network (FinCEN) deemed Bitzlato a ‘primary money laundering concern,’ which under the fiscal 2021 defense authorization law allows Treasury to take extra steps against entities connected to Russian illicit finance. Those steps are similar to imposing sanctions, but they also have advantages for U.S. authorities:

  • The punishment can be administered through an order, instead of having to go through a slower rulemaking process, as the department explained.
  • The punishment can last an indeterminate amount of time, Melican said, instead of having to be renewed or extended.

The new power is focused on money laundering, and Keating said he had cryptocurrency fraud and ransomware in mind when he drafted the provision to update it in the fiscal 2022 defense authorization law.

“These are people that are just operating with impunity,” he said. ‘You really want to do some damage because otherwise, it’s whack-a-mole. You can go after an individual, and then another one will just pop up. But if you go after the money, you’re striking at the heart of things.'” (1)

Is the Conti Ransomware Gang Stronger Apart Then Together?

The Russian Ransomware Gang Conti is at it Again

“The Treasury Department named Conti — a Russia-based ransomware gang that as of last January had reaped more than $150 million, according to the FBI — as one of the outfits that benefited from Bizlato’s services of facilitating illicit transactions.” (1)

The Conti Gang figures prominently in OODA Loop News Brief and original research posts.

What Next?

  • The arrest of the Bitzlato Founder:  As they say in the prison system:  “You will mind someone.”  Clearly, DOJ is signaling to global cybercriminals that the loss of personal freedom, prosecution, fines, and long-term incarceration should now be priced into their risk profile – which should act as a strategic law enforcement “defending forward”/deterrence mechanism:   “A complaint was unsealed this morning in federal court in Brooklyn charging Anatoly Legkodymov, a Russian national and senior executive of Bitzlato Ltd. (Bitzlato), a Hong Kong-registered cryptocurrency exchange, with conducting a money transmitting business that transported and transmitted illicit funds and that failed to meet U.S. regulatory safeguards, including anti-money laundering requirements.  Legkodymov was arrested last night in Miami and is scheduled to be arraigned this afternoon in the U.S. District Court for the Southern District of Florida. French authorities and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) are taking concurrent enforcement actions.” (2)  Schaffer provided further details of the arrest:  “The Justice Department announced that it had arrested Russian national Anatoly Legkodymov on Tuesday night in Miami, charging him with running a business that transmitted illicit funds without meeting U.S. regulatory safeguards, including anti-money laundering requirements. Legkodymov, who the Justice Department said lives in China, faces a maximum of five years if convicted, but prosecutors warned that they could still accuse him of committing more crimes.  ‘Today’s actions send the clear message: whether you break our laws from China or Europe — or abuse our financial system from a tropical island — you can expect to answer for your crimes inside a United States courtroom,’ Deputy Attorney General Lisa Monaco said in a news release announcing the arrest. (1)
  • New York, New York: “If I can make it there…”:  The United States Attorney for the Eastern District of New York was the source of the presser on the arrest of Legkodymov, evidence that New York remains the tip of the crypto regulatory spear.
  • The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) and the Department of Justice’s National Cryptocurrency Enforcement Team (NCET): So far, FinCEN and NCET join the New York’s Department of Financial Services (DFS) as THE crypto law enforcement agencies of record.  OODA Loop is on the lookout for leadership of note in the space and SEC’s main crypto regulation department.  We will keep th readership posted as we learn more about the people and departments in this nascent law enforcement and regulatory space.
  • Put Binance on your risk awareness tracking radar: Be on the lookout for an OODA Loop breakdown of the current fate of Binance, which seems to be the Mr. Magoo of crypto (and not in a good way) as Binance was named as a counterparty in the FinCEN order against Bitzlato:  “Approximately two-thirds of Bitzlato’s top receiving and sending counterparties are associated with darknet markets or scams. For example, Bitzlato’s top three receiving counterparties, by the total amount of BTC received between May 2018 and September 2022 were: (1) Binance, a VASP; (2) the Russia-connected darknet market Hydra; and the alleged Russia-based Ponzi scheme “TheFiniko,” the order said. (3)
  • Crypto also figured prominently in our 2022 Year-end Review: Cybersecurity “The fraud that is happening in FTX is not something that is unique to the crypto space.  We have  Greensill Capital.  We have 1MDB.  We have these other instances where there’s been incredible large-scale fraud linked to very significant players. FTX should have been doing better due diligence, but I think we do a disservice if we track just the fraud in the crypto space without recognizing that large-scale, multi-billion-dollar fraud is happening in these other ecosystems as well.  FTX, for me, is first and foremost, a question of the fact that I don’t like seeing people get hurt financially. I think the fact that these systems are crumbling will allow us to create new solutions and apply scrutiny – because there was a lot of shady behavior by shady people, but also by people who were not necessarily shady, but were operating out in the open with some of these investments and some of these schemes. So I see it as a net positive overall that we are going through this churn. And I do believe that the underlying technologies have a lot of promise in the future.”

Crypto, The Future of Money, Blockchain and National Security

The Global Crypto and Digital Currency Initiatives Series is our mechanism for tracking the global adoption rate of these technologies and platforms  – and their long-term impact on the traditional global financial system.  Moving forward, besides adoption rates, “crypto” (crypto exchanges, Defi, DAOs, etc.) will need to address:

  1. Enhanced security measures; and
  2. Regulation (or Overregulation).

In 2023, we will continue to track global adoption rates, but be on the lookout for posts –  just like this one- as we surface further research and analysis of the “disintermediation” of the global financial system, crypto (write large) and blockchain cybersecurity, enhanced security measures  – and the development of a regulatory environment of this space.

We also to continue to ‘silo’ a blockchain tracking effort – in the hopes of launching a series on cross-sector/industry sector blockchain initiatives that differentiate and delineate blockchain as separate from the crypto meltdown – and focus on “the long view” and the true promise of web3/blockchain and exponential innovation.

Finally, the most important filter we will be applying to this space in 2023 is regulation and overregulation as it relates to national security.  OODA Loop CEO Matt Devost put a ‘stake in the ground’ on the subject in his post last year – Is Bitcoin a National Security Risk? – which expressed his general concern that overregulation of bitcoin would stifle American innovation and the strategic opportunities for advantage through the “future of money” and the underlying blockchain technology.  The collapse of FTX since Matt’s initial post, unfortunately, will severely pivot regulators in the direction of something that either feels uncannily similar to or is a clear movement toward an environment of overregulation (which is also clearly having an effect on innovation).   We will try to review and quant these impacts and outcomes as they emerge in 2023.

Also, various perspectives on “crypto’s threat to national security” have been voiced by the DOJ crypto chief, the CEO of Coinbase (‘crypto is up there with chips and 5G as a matter of ‘national security‘), and the Chair of the Commodities Futures Trading Commission (CFTC).  And DARPA, of course, is on the scene with research efforts we took a look at back in November.

We will synthesize these perspectives relative to Matt’s initial concerns in the weeks and months ahead.

Russian cryptocurrency owner arrested in Miami for allegedly transmitting over $700M in illicit funds

Costa Rica in a State of Emergency: Is Conti Gang Cyber Attack a “Sphere of Influence” Shot Across the Bow?

With Coinbase Investigation and $100M Settlement, New York is the Tip of the Crypto Regulatory Spear


Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.


In the Bitzlato Case, the Crackdown on Crypto Exchanges and Russian Cybercrime Activities are One in the Same