The DOJ seized $2.8 million in crypto, $70,000 in cash, and a luxury vehicle amid a crackdown on a ransomware scheme linked to Russian national Ianis Antropenko.
DALLAS — The Justice Department has seized more than $2.8 million in cryptocurrency, $70,000 in cash and a luxury vehicle in a major crackdown on a global ransomware scheme linked to a Russian national.
Federal authorities announced Wednesday that six warrants were unsealed in courts across Texas, Virginia, and California, all targeting assets connected to Ianis Aleksandrovich Antropenko. He is now facing several charges, including conspiracy to commit computer fraud, computer fraud, and money laundering.
According to court documents, Antropenko allegedly used a type of malware known as Zeppelin ransomware to attack individuals, businesses, and organizations worldwide, including victims in the U.S. One Dallas-based professional services firm was among at least 138 American victims.
The scheme involved encrypting victims’ data, and Antropenko, using the alias “china. helper,” demanded cryptocurrency payments to unlock it.
FBI investigators traced ransom payments through the blockchain to cryptocurrency wallets controlled by Antropenko. And instead of just sitting on the stolen crypto, Antropenko allegedly tried to clean it, using a darknet-based mixing service called ChipMixer (which was shut down in 2023) and converting crypto into cash through structured deposits to evade reporting requirements, court documents show.
The court documents also show he used illicit proceeds to purchase high-end vehicles, including a Lexus LX 570 and a 2022 BMW X6M, which was bought for $150,000 in cash.
Federal authorities said seized assets include cryptocurrency linked to a wallet generated from a recovered seed phrase, containing Ethereum (ETH), USD Tether (USDT), and USD Coin (USDC), as well as funds in Binance exchange accounts registered to Antropenko.
“This case shows our ongoing commitment to tracking down ransomware operators and recovering stolen funds,” said DOJ officials in a joint announcement.
The effort was led by the FBI’s Dallas and Norfolk Field Offices, along with the FBI’s Virtual Assets Unit.
Prosecutors from multiple jurisdictions — including the Northern District of Texas and the Eastern District of Virginia — are working together on the case. The DOJ’s Computer Crime and Intellectual Property Section is also involved. Since 2020, that unit has helped convict more than 180 cybercriminals and recover more than $350 million for victims. It’s also helped prevent over $200 million in ransom payments through takedowns of ransomware groups.
The investigation remains ongoing.
