DOJ Seizes $2.8 Million in Cryptocurrency Linked to Zeppelin Ransomware
Published on August 15, 2025
- Seized assets: U.S. authorities confiscated cryptocurrency, cash, and a car linked to Zeppelin ransomware proceedings.
- Who was indicted: The seized cryptocurrency was traced to a wallet controlled by Ianis Aleksandrovich Antropenko.
- Money laundering: The individual reportedly used platforms like ChipMixer, a cryptocurrency mixing service dismantled in 2023.
The U.S. Department of Justice (DOJ) has unsealed six warrants and announced the seizure of cryptocurrency, cash, and a luxury vehicle, linked to ransomware proceeds. This operation is part of an ongoing cybercrime crackdown targeting illicit financial flows from ransomware attacks.
Details of the Seizure
The seized cryptocurrency was traced to a wallet controlled by Ianis Aleksandrovich Antropenko, who was indicted and faces charges of conspiracy to commit both computer fraud and money laundering, as well as computer fraud and abuse.
Seized assets that were identified as proceeds of ransomware operations included:
- Over $2.8 million in cryptocurrency
- $70,000 in cash
- 1 luxury car
Authorities revealed that Antropenko reportedly targeted individuals, businesses, and organizations worldwide, including in the U.S., using the Zeppelin ransomware, a Ransomware-as-a-Service (RaaS) derivative of the Delphi-based Vega malware family.
Investigators noted that significant laundering activities were performed using platforms like ChipMixer, a cryptocurrency mixing service dismantled through international efforts in 2023. Funds were further laundered via structured deposits and cryptocurrency-to-cash conversions.
Implications and Progress
The DOJ report continues to say that since 2020, the DOJ’s Computer Crime and Intellectual Property Section (CCIPS) has disrupted multiple ransomware groups, recovering over $350 million in stolen funds and preventing $200 million in ransom payouts.
A Unified Fight Against Cybercrime
The DOJ's recent success highlights the importance of global collaboration among law enforcement agencies in combating sophisticated threats, such as ransomware.
This month, a BlackSuit Ransomware takedown disabled nine domains and four servers, resulting in the seizure of $1 million. Yet, the new Chaos Ransomware group targets businesses globally, displaying overlaps with BlackSuit.
In other news, a North Korean crypto laundering crackdown seized over $7.7 million, and Avast released a free FunkSec ransomware decryptor.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular