Russian admits to operating a crypt exchange that ransomware gangs used

Anatoly Legkodymov, a citizen of Russia, entered a guilty plea to running the Bitzlato cryptocurrency exchange, which facilitated the money laundering of ransomware groups and other cybercriminals totaling over $700 million.

Legkodymov (also known as “Gandalf” and “Tolik”), a co-founder of Bitzlato and major shareholder, has consented to dissolve the cryptocurrency exchange and give up all claims to almost $23 million in confiscated assets, under the terms of the plea deal.

It is further stated that Legkodymov and other management knew that many users had registered their accounts using stolen identities, and that there was widespread unlawful behavior occurring throughout Bitzlato accounts.

Moreover, Bitzlato advertised a user registration procedure that needed nothing in the way of identity verification, making it clear that “neither selfies nor passports [are] required.” When Bitzlato asked for user identity, it permitted the usage of data from registrants who were referred to as “straw man” users.

“As a result of these deficient know-your-customer (KYC) procedures, Bitzlato became a haven for criminal proceeds and funds intended for use in criminal activity,” the Justice Department stated.

A Chainalysis research on illegal behavior involving cryptocurrencies states that between 2019 and 2021, Bitzlato transacted more over $2 billion in cryptocurrencies. Roughly $966 million, or over 48% of the total, was considered illegal and connected to high-risk bitcoin transactions.

Additionally, the study notes that the cryptocurrency exchange was paid $206 million via darknet marketplaces, $224.5 million from frauds, and $9 million from ransomware attackers.

“Hydra Market users exchanged more than 700 million dollars’ worth of cryptocurrency with Bitzlato, either directly or through intermediaries, until Hydra Market was shut down because of seizures made by U.S. and German law enforcement in April 2022,” the Department of Justice stated.