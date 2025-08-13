U.S. seizes servers and $1.09m in crypto linked to BlackSuit ransomware gang

By: Crypto.news
2025/08/13 17:24
U
U$0.02036-2.58%
Moonveil
MORE$0.09995-0.92%
AssangeDAO
JUSTICE$0.00008301-3.56%

Another ransomware gang is in U.S. crosshairs, with authorities moving against the BlackSuit group, active since 2022 and linked to more than $370 million in ransom demands.

Summary
  • U.S. authorities have seized four servers, nine domains, and $1.09 million in cryptocurrency tied to the BlackSuit ransomware group.
  • BlackSuit has targeted critical infrastructure in the U.S. since 2022.
  • It emerged as a spinoff of the Royal ransomware gang.

On Monday, the Justice Department said it seized four servers, nine domains, and about $1.09 million in cryptocurrency tied to BlackSuit, working with U.S. and international partners to carry out the raid.

The July 24 takedown drew in a broad coalition of agencies, from Homeland Security Investigations and the Secret Service to IRS Criminal Investigation and the FBI, alongside law enforcement from the United Kingdom, Germany, Ireland, France, Canada, Ukraine, and Lithuania.

Officials also unsealed a federal warrant to seize the cryptocurrency, which an unnamed exchange had frozen earlier this year.

BlackSuit’s targeted critical U.S. infrastructure

BlackSuit, active since at least 2022, emerged as a spinoff of the Royal ransomware gang, a group already known for large-scale extortion campaigns against critical infrastructure. Investigators say the group began operating under the BlackSuit name in 2023 and was found to be using many of Royal’s tactics, techniques, and tools.

Over time, it built its own reputation in the cybercrime world for targeting large organizations with ransom demands ranging from $1 million to $10 million, and in one case, as high as $60 million. 

The group also operated a portal on the darknet where it listed sensitive stolen data set to be released to the public if victims did not pay the ransom.

By late 2023, the FBI and the Cybersecurity and Infrastructure Security Agency warned in a joint advisory that BlackSuit had the tools and tactics to hit sectors where an attack could cause the most disruption.

BlackSuit has struck critical infrastructure within the U.S., often hitting healthcare providers, government facilities, manufacturing plants, and commercial operators. Victims usually found themselves locked out of vital systems while facing the threat of sensitive data leaks.

In 2023, an unnamed organization paid 49.3 Bitcoin, worth about $1.44 million at the time, to regain control of its systems after a BlackSuit breach, according to the DOJ.

A portion of that ransom payment became the $1.09 million that was seized during the takedown after months of investigation. Authorities estimate that since 2022, BlackSuit has compromised over 450 known victims in the United States alone.

US moves against ransomware gangs

The U.S. has been actively fighting back against ransomware attacks through sanctions and enforcement actions, describing this in today’s announcement as a “disruption-first” approach.

As previously reported by crypto.news, earlier this year the U.S., UK, and Australia jointly sanctioned Russian hosting provider Zservers and its operators for offering bulletproof hosting to the LockBit ransomware gang.

Last month, the Justice Department filed a forfeiture action to recover $2.3 million in Bitcoin from a member of the Chaos ransomware group after the FBI’s Dallas division seized 20 BTC from a Chaos-linked address the same month.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights

You May Also Like

U.S. Treasury considers equity stake in Intel to boost domestic chip production

U.S. Treasury considers equity stake in Intel to boost domestic chip production

Scott Bessent, the U.S. Treasury Secretary, said today that any investment made by the U.S. government in Intel would be used to stabilize the chipmaker.
U
U$0.02036-2.58%
Share
Cryptopolitan2025/08/20 02:20
Share
Paxos launches new startup to help institutions offer DeFi products

Paxos launches new startup to help institutions offer DeFi products

PANews reported on June 19 that according to The Block, the stablecoin issuer Paxos launched a new startup Paxos Labs, which aims to help institutions integrate DeFi and on-chain products
DeFi
DEFI$0.001877+8.93%
Startup
STARTUP$0.006787+18.44%
Juneo Supernet
JUNE$0.092+30.12%
Share
PANews2025/06/19 00:04
Share
Circle Launches Unified Cross-Chain USDC Access Solution

Circle Launches Unified Cross-Chain USDC Access Solution

Detail: https://coincu.com/news/circle-unified-cross-chain-usdc-access/
USDCoin
USDC$1+0.06%
CROSS
CROSS$0.24883-3.10%
BRC20.COM
COM$0.021092-8.70%
Share
Coinstats2025/08/20 02:10
Share

Trending News

More

U.S. Treasury considers equity stake in Intel to boost domestic chip production

Paxos launches new startup to help institutions offer DeFi products

Circle Launches Unified Cross-Chain USDC Access Solution

Why Cold Wallet, Dogecoin, Shiba Inu, & BONK Are Watchlist Favorites Among the Top Cryptos of 2025

Web3 Infrastructure Upgrade: BNB Greenfield Boosts Data Monetization through Decentralized Storage