Russian exchange Garantex is sanctioned, and black U is spreading to the OTC industry chain on a large scale

Written by Bitrace

According to the U.S. Department of Justice (DOJ)Xiaobai Navigation According to the indictment issued on July 7, the arrest confirmation updated on March 13, and the statement of the Indian Central Bureau of Investigation (CBI), the Russian centralized cryptocurrency trading platform Garantex has been forced to shut down by cross-border joint law enforcement, and its co-founder Aleksej Besciokov has been arrested.

During this period, a large-scale freeze of Garantex-related funds also occurred on the chain. This article aims to warn Web3 practitioners to pay attention to the threat of risky USDT by sorting out the details of the sanctions and freezes.

Background of the Sanctions Against Garantex

Garantex 是一家成立于 2019 年的俄罗斯加密货币交易所，长期以来被指控为非法活动提供洗钱服务。2022 年 4 月，美国财政部外国资产控制办公室（OFAC）对 Garantex 实施制裁，称其处理了超过 1 亿美元的非法交易，包括与暗网市场、勒索软件团伙（如 Conti）、黑客以及恐怖主义相关的资金。

On March 7, 2025, the U.S. Department of Justice (DOJ) unsealed an indictment against Aleksej Besciokov and his partner Aleksandr Mira Serda, charging them with money laundering conspiracy through Garantex, violating U.S. sanctions, and operating an unlicensed money transmission business.

Garantex is said to have processed at least $96 billion in cryptocurrency transactions since its founding, including a large amount of criminal proceeds. For example, U.S. authorities have pointed out that the exchange has provided money laundering services for North Korean hacker groups such as the Lazarus Group, Russian oligarchs, and multiple ransomware gangs such as Black Basta, Play, and Conti.

On-chain law enforcement activities

The off-chain arrests were accompanied by a massive on-chain freeze by the U.S.Safety厂商与 USDT 发行商 Tether 公司响应美国政府协作执行。根据 Bitrace 的链上监测与 Garantex 在电报频道的自行披露，相关执法活动至少冻结了价值 28m 的 USDT。

早在 2022 年 Garantex 被制裁之时，该所就已经开始高频率更换其业务地址以尝试规避可能的链上制裁，但本次链上冻结活动并非直接针对 Garantex 的业务热钱包地址，而是大量用于规避资金追踪的中转与囤币地址——Aleksej Besciokov 在被捕前，他或者他背后的团队从主要的加密货币交易平台、支付平台中提取大量资金，并在高度自动化的资金清洗后，再次转入其他交易平台。

Tether’s law enforcement cooperation forcibly interrupted this process and directly led to Garantex ceasing its services.

On-chain funding threats are spreading

After investigating the on-chain activities of all frozen addresses, it is not difficult to find that Garantex made extensive use of centralized entity addresses in the process of fund laundering.

Taking the TRON address TUCUYf that was frozen in this incident as an example, the upstream source of funds for this address was a hot wallet address for withdrawals on a payment or exchange platform. Before being frozen, this address transferred part of the funds to other centralized trading platforms.

Another TRON address, TXFUjf, not only interacted with exchange users before it was frozen, but also had many connections with payment platforms and even online gambling platforms.

Obviously, in addition to the on-chain freezing activities, if the operators of such centralized institutions conduct risk control on users who receive such funds for compliance reasons, innocent OTC traders or ordinary users who receive related cash-out funds will be affected.

The article comes from the Internet:Russian exchange Garantex is sanctioned, and black U is spreading to the OTC industry chain on a large scale