Indian authorities arrested Aleksej Besciokov, the co-founder and one of the administrators of the Russian Garantex crypto-exchange while vacationing with his family in Varkala, India.
As infosec journalist Brian Krebs first reported on Tuesday, the 46-year-old Lithuanian national and Russian resident was apprehended on Tuesday afternoon by Kerala state police officers under the country’s extradition law.
Besciokov (aka “proforg” and “iram”) controlled Garantex with 40-year-old Russian national and United Arab Emirates resident Aleksandr Mira Serda (the crypto exchange’s other co-founder) between 2019 and 2025.
On Friday, they were both charged in the United States with facilitating money laundering for criminal organizations (which carries a maximum penalty of 20 years in prison) and violating the International Emergency Economic Powers Act (20 years).
Besciokov was also charged with conspiracy to operate an unlicensed money-transmitting business, with a maximum penalty of five years in prison.
According to court documents, Besciokov and Mira Serda were allegedly aware their crypto exchange Garantex was used to launder criminal proceeds and facilitate various crimes, including hacking, ransomware, drug trafficking, and terrorism.
The U.S. Justice Department says they also attempted to hide the crypto exchange’s involvement in facilitating illegal activities.
One day earlier, on Thursday, the U.S. Secret Service and the DOJ seized multiple Garantex domains (Garantex[.]org, Garantex[.]io, and Garantex[.]academy) and servers hosting its operations in a joint operation with German and Finnish law enforcement authorities.
The U.S. Secret Service says law enforcement officers also “obtained earlier copies of Garantex’s servers, including customer and accounting databases,” and froze over $26 million in funds used by Garantex to facilitate money laundering activities.
The crypto exchange was also forced to suspend services on Thursday after Tether blocked its digital wallets following European Union sanctions targeting the crypto-exchange as part of its 16th package of Russian sanctions, levied against 542 individuals and entities.
Garantex was previously sanctioned by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in April 2022 after transactions worth over $100 million were linked to darknet markets and cybercrime actors, including the Conti Ransomware-as-a-service (RaaS) operation and the now-seized Hydra dark web market.
“Garantex has engaged in crypto transactions worth more than $60 billion since it was sanctioned in 2022. In total Garantex has transacted over $96 billion,” Blockchain analysis company Elliptic said on Friday.
“Garantex has been used in sanctions evasion by Russian elites, as well as to launder proceeds of crime including ransomware, darknet market trade and thefts attributed to North Korea’s Lazarus Group.”
Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
