Cryptonator seized for laundering ransom payments, stolen crypto

Summary: U.S. and German law enforcement have seized the domain of the cryptocurrency wallet platform Cryptonator, which was allegedly used by various criminal enterprises, and indicted its operator, Roman Boss, for money laundering and operating an unlicensed money service. The platform reportedly facilitated over $235 million in illicit transactions linked to ransomware, darknet markets, and other illegal activities.

Threat Actor: Roman Boss | Roman Boss
Victim: Cryptonator | Cryptonator

Key Point :

  • Cryptonator allowed users to create accounts with minimal identification, failing to comply with anti-money laundering regulations.
  • The platform facilitated significant transactions with darknet markets, scams, and other illicit services, totaling over $235 million.
  • Law enforcement agencies from the U.S. and Germany collaborated in the seizure and indictment process against Boss.

DOJ

U.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces, and other illicit services, and indicted its operator.

The alleged Cryptonator’s operator, Roman Boss, has been charged with money laundering and running an unlicensed money service business operation.

Cryptonator is an online cryptocurrency wallet launched in 2014 that allows users to store crypto and exchange between other cryptocurrencies within their personal wallet.

Blockchain investigation firm TRM reports that Cryptonator failed to implement anti-money laundering controls, enabling anonymous or pseudonymous users to use the service, including for illicit activity.

The Cryptonator project’s primary domain at “cryptonator.com” has now been seized, displaying the below notice from “seized-domain.s3-us-gov-east-1.amazonaws.com.”

Seizure banner on cryptonator.com
Seizure notice on cryptonator.com
Source: BleepingComputer

The law enforcement action involves the U.S. Department of Justice, the FBI, the IRS:CI, the National Cryptocurrency Enforcement Team, the German Federal Criminal Police Office (BKA), and the Attorney General’s Office in Frankfurt am Main.

The Department of Justice complaint against the Cryptonator administrator, Roman Boss, says that between 2014 and 2023, Cryptonator wallet addresses exchanged the following :

  • $25,000,000 with darknet markets and fraud shops
  • $34,500,000 with scam addresses
  • $80,000,000 with high-risk exchanges
  • $8,000,000 with addresses associated with ransomware campaigns
  • $54,000,000 with addresses associated with hacks and crypto theft operations
  • $34,000,000 with illegal cryptocurrency mixers
  • $17,000,000 with sanctioned addresses

Blockchain intelligence firm TRM says wallet transactions were linked to Hydra Market, Blender.io, Finiko, Bitzlato, Garantex, Nobitex, and an unknown terrorist entity.

The U.S. government previously sanctioned Hydra Market, Bitzlato, Garantex, and Blender.io.

Cryptonator's links to illegal services
Cryptonator’s links to illegal services
Source: TRM

The DOJ alleges that Cryptonator only required users to open an account using an email and password, which is insufficient to adhere to know-your-customer (KYC) rules required by the applicable anti-money laundering laws.

The complaint also accuses Boss of knowingly allowing illicit activity on Cryptonator, presenting evidence of him discussing the addition of cryptocurrency accepted on darknet markets such as Monero and offering API key integrations with those illegal platforms.

“Tickets also indicate that Cryptonator offers API keys to darknet marketplaces and the like, such as a bullet-proof hosting service, and a shop selling cached credentials for credit card companies,” reads the complaint.

“Based on my training and experience, and in my investigation to date in this case, this is important b ecause it means that Cryptonator is offering its customers the ability to easily access criminal services.”

In addition to penalties for money laundering and operating an unlicensed money service business, the complaint seeks injunctions against Boss, the approval of damage relief, and the seizure of his assets.

The U.S. DoJ shared the indictment with BleepingComputer, commenting that Boss faces charges for operating a platform that processed over $235 million in illicit funds.

Source: https://www.bleepingcomputer.com/news/cryptocurrency/cryptonator-seized-for-laundering-ransom-payments-stolen-crypto