1 min read

US Treasury Department Sanctions Russian Woman Accused of Laundering Funds for Ryuk Ransomware Group


November 06, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
US Treasury Department Sanctions Russian Woman Accused of Laundering Funds for Ryuk Ransomware Group

The Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for her role in laundering funds for other Russian elites, usually in the form of cryptocurrency.

The Office of Foreign Assets Control (OFAC) is an agency that’s part of the US Treasury Department and is responsible for enforcing sanctions. Criminal groups, hackers, and even billionaires often use third-party services to move money around, especially since they’re already sanctioned. This was the role the agency says was filled by Ekaterina Zhdanova.

“Through key facilitators like Zhdanova, Russian elites, ransomware groups, and other illicit actors sought to evade U.S. and international sanctions, particularly through the abuse of virtual currency,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.

“We remain focused on safeguarding the U.S. and international financial system against those who seek to exploit this technology, among other illicit finance risks in the virtual assets ecosystem.”

Following Russia’s invasion of Ukraine, the US government sanctioned numerous people, organizations and companies, making it challenging for them to move money around, especially if the funds are illicit in nature.

For example, Zhdanova uses virtual currency to facilitate large cross-border transactions by going through cryptocurrency exchanges that have no money laundering protocols in place, such as Garantex.

Moreover, she’s believed to be involved in providing service to people directly connected to the Russian Ryuk ransomware group.

“In 2021, Zhdanova laundered over $2.3 million of suspected victim payments on behalf of a Ryuk ransomware affiliate,” said OFAC in a press release. “In October 2022, U.S. law enforcement specifically identified Ryuk as an imminent and increasing cybercrime threat to hospitals and healthcare providers in the United States.”

The result of this latest sanction is that all property and interests of the designated person in the United States or in the possession or control of US persons are blocked. It’s unclear, however, how much of the assets are in OFAC jurisdiction or its partners.




Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

You might also like