Feds Seize $1M in Crypto as BlackSuit’s Ransomware Empire Crumbles

Another day, another crypto-fueled cybercrime syndicate gets a federal haircut. This time it's BlackSuit—the ransomware crew that just lost its ill-gotten digital fortune.

Operation 'Wallet Wipeout'

The DOJ didn't just disrupt their operations—they vacuumed $1 million straight from the group's crypto coffers. No polite seizure warrants here; this was a full-on digital asset strip search.

Ransomware's Reckoning

While blockchain's transparency helped investigators follow the money trail, let's not pretend this stops the next attack. Cybercriminals are already migrating to privacy coins—and Wall Street's still laundering more money daily through 'legitimate' channels.

The irony? These clowns probably lost more on crypto volatility than they'll ever forfeit to the feds.

International Law Enforcement Action

A statement from the Justice Department says investigators worked with partners in the UK, Germany, Ireland, France, Canada, Ukraine and Lithuania to carry out the takedown.

Michael Prado, deputy assistant director at the Homeland Security Investigations Cyber Crimes Center, said law enforcement aimed to dismantle the systems that let these groups operate, not just pull a few servers offline.

The MOVE followed other recent steps by the US, including sanctions against a ransomware hosting provider in July.

Justice Department Announces Coordinated Disruption Actions Against BlackSuit (Royal) Ransomware Operations

Law Enforcement Seizes Servers, Domains, and Approximately $1 Million In Laundered Proceeds Owned By BlackSuit (Royal) Ransomware

“The BlackSuit ransomware gang’s… pic.twitter.com/EIXS7X0Su3

— National Security Division, U.S. Dept of Justice (@DOJNatSec) August 11, 2025

Scope Of The BlackSuit Campaign

Based on reports, BlackSuit first appeared as a spinoff of the Royal ransomware gang and has been active since at least 2023.

Officials say the group targeted critical infrastructure across sectors — healthcare, government facilities, manufacturing and commercial sites.

Since 2022 investigators have linked the gang to more than 450 known victims in the US and reported that it has received over $370 million in ransom payments.

Ransom demands have typically ranged from about $1 million to $10 million in BTC, and Cybersecurity and Infrastructure Security Agency data lists the largest single demand at $60 million.

Reports disclose that a 2023 ransom payment of 49 BTC — worth roughly $1.4 million at the time — was involved in the funds now seized, and that part of that payment was deposited and withdrawn repeatedly from a crypto exchange until the account was frozen in early 2024.

The DOJ did not name the exchange. Officials say this kind of tracing and cooperation with private firms is what allowed agents to follow the money trail and secure assets connected to the scheme.

This operation removed infrastructure and recovered roughly $1 million tied to a gang accused of hundreds of attacks and hundreds of millions in ransom takings.

The clampdown is a strong tactical win and a clear sign that authorities and international partners are working together — but disruption alone won’t stop every attack.

Featured image from Bing Create, chart from TradingView