Home > Security > Security News

DOJ Seizes $2.8 Million in Cryptocurrency Linked to Zeppelin Ransomware

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
US Cryptocurrency

The U.S. Department of Justice (DOJ) has unsealed six warrants and announced the seizure of cryptocurrency, cash, and a luxury vehicle, linked to ransomware proceeds. This operation is part of an ongoing cybercrime crackdown targeting illicit financial flows from ransomware attacks.  

Details of the Seizure  

The seized cryptocurrency was traced to a wallet controlled by Ianis Aleksandrovich Antropenko, who was indicted and faces charges of conspiracy to commit both computer fraud and money laundering, as well as computer fraud and abuse.

Seized assets that were identified as proceeds of ransomware operations included:

Authorities revealed that Antropenko reportedly targeted individuals, businesses, and organizations worldwide, including in the U.S., using the Zeppelin ransomware, a Ransomware-as-a-Service (RaaS) derivative of the Delphi-based Vega malware family.

Investigators noted that significant laundering activities were performed using platforms like ChipMixer, a cryptocurrency mixing service dismantled through international efforts in 2023. Funds were further laundered via structured deposits and cryptocurrency-to-cash conversions.  

Implications and Progress  

The DOJ report continues to say that since 2020, the DOJ’s Computer Crime and Intellectual Property Section (CCIPS) has disrupted multiple ransomware groups, recovering over $350 million in stolen funds and preventing $200 million in ransom payouts.  

A Unified Fight Against Cybercrime  

The DOJ's recent success highlights the importance of global collaboration among law enforcement agencies in combating sophisticated threats, such as ransomware. 

This month, a BlackSuit Ransomware takedown disabled nine domains and four servers, resulting in the seizure of $1 million. Yet, the new Chaos Ransomware group targets businesses globally, displaying overlaps with BlackSuit.

In other news, a North Korean crypto laundering crackdown seized over $7.7 million, and Avast released a free FunkSec ransomware decryptor.

Add a Comment
Related
Hacker in Interview
Six Months On: Manpower Confirms Data Breach After RansomHub’s December–January Access
Hacker - Building
Qilin Ransomware Claims Formacompany & Co. Real Names Leak, Accuses the Offshore Company of Money Laundering
Mailchimp Email - Hacker - Laptop
Everest Ransomware Claims a 2025 Mailchimp Data Breach Affecting Personal and Customer Information
Screen, codes, lock, break, man
FunkSec Falls Silent, Avast Releases Free Tool to Rescue Encrypted Files
Scattered Spider, Man, Network
Scattered Spider Reportedly Deploys DragonForce Ransomware, CISA Advisory Notes Enhanced TTPs
Chaos, Ransomware, Codes
Novel Chaos Ransomware Group Attacks Target Businesses Globally, Overlaps with BlackSuit
Most Popular
Dark Web Sales of Government Email Addresses
Dark Web Sales of Government Email Addresses from the US and More Expose Global Risks
flood
Texas Flood Scams Expose Disaster Relief Vulnerabilities, Over 70 Suspicious Domains Registered
Scam alert
Beware of Labubu Toy Scams Targeting Thousands of Unwary Shoppers, Over 70 People Tricked
One unlocked padlock among locked padlocks
Automotive Data Exposed in Git File Leak at Major Roadside Assistance and Insurance Vendor
Hacker, Screen
Norway Counter-Intelligence Agency Attributes Dam Sabotage to Russian Hackers
NordVPN Offers Regional Discounts Up to 77% Until October 15
NordVPN Launches Global Special Offer With Up to 77% Off and 3 extra months with a 2-year plan - A 100% Steal Deal
Dark Web Sales of Government Email Addresses from the US and More Expose Global Risks
Texas Flood Scams Expose Disaster Relief Vulnerabilities, Over 70 Suspicious Domains Registered
Beware of Labubu Toy Scams Targeting Thousands of Unwary Shoppers, Over 70 People Tricked
Automotive Data Exposed in Git File Leak at Major Roadside Assistance and Insurance Vendor
Norway Counter-Intelligence Agency Attributes Dam Sabotage to Russian Hackers
NordVPN Launches Global Special Offer With Up to 77% Off and 3 extra months with a 2-year plan - A 100% Steal Deal

Most Popular
Dark Web Sales of Government Email Addresses
Dark Web Sales of Government Email Addresses from the US and More Expose Global Risks
flood
Texas Flood Scams Expose Disaster Relief Vulnerabilities, Over 70 Suspicious Domains Registered
Scam alert
Beware of Labubu Toy Scams Targeting Thousands of Unwary Shoppers, Over 70 People Tricked
One unlocked padlock among locked padlocks
Automotive Data Exposed in Git File Leak at Major Roadside Assistance and Insurance Vendor
Hacker, Screen
Norway Counter-Intelligence Agency Attributes Dam Sabotage to Russian Hackers
NordVPN Offers Regional Discounts Up to 77% Until October 15
NordVPN Launches Global Special Offer With Up to 77% Off and 3 extra months with a 2-year plan - A 100% Steal Deal
Dark Web Sales of Government Email Addresses from the US and More Expose Global Risks
Texas Flood Scams Expose Disaster Relief Vulnerabilities, Over 70 Suspicious Domains Registered
Beware of Labubu Toy Scams Targeting Thousands of Unwary Shoppers, Over 70 People Tricked
Automotive Data Exposed in Git File Leak at Major Roadside Assistance and Insurance Vendor
Norway Counter-Intelligence Agency Attributes Dam Sabotage to Russian Hackers
NordVPN Launches Global Special Offer With Up to 77% Off and 3 extra months with a 2-year plan - A 100% Steal Deal

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: