US & Allies Crush BlackSuit Racket—Seize $1M in Crypto in Global Takedown

Law enforcement just turned ransomware gangs' favorite toy against them—crypto seizures are the new raid tactic.

BlackSuit's $1M lesson: Crime doesn't pay (unless you're a Wall Street short seller).

International task forces drained the group's digital wallets mid-ransom—proof that blockchain's transparency cuts both ways.

This takedown proves crypto tracing tools have leveled up—bad actors can run but their transactions can't hide.

BlackSuit Ransomware Targets US Sectors

BlackSuit has been active since the year 2022. The group has targeted important U.S. sectors including healthcare, government, manufacturing, and businesses. Since 2022, it has attacked over 450 known U.S. victims and has collected more than $370 million in ransom payments.

The group used a sneaky tactic called double extortion in which they locked victims’ computer systems with encryption. Further, they threatened the victims by stating that they would share the stolen data if the victims did not pay in Bitcoin (BTC) through secret darknet websites.

In 2023, one victim paid 49.3 BTC, at the time worth about $1.4 million, to unlock their data. Authorities subsequently confiscated approximately $1 million of this payment, which they traced through a cryptocurrency exchange and froze in early 2024.

BlackSuit’s ransom demands typically ranged from $1 million to $10 million, with the largest known demand reaching $60 million, according to the Cybersecurity and Infrastructure Security Agency.

This initiative of shutting down the BlackSuit servers and websites highlights that the U.S. is actively fighting against ransomware, including placing sanctions on the Aeza Group, a company that helps ransomware groups. 

Also Read: HashFlare Co-Founders Sentenced to Time Served in $577M Ponzi Scheme