The US Treasury Department has imposed sanctions on Ekaterina Zhdanova, a Russian individual accused of engaging in virtual currency laundering activities on behalf of Russia’s elites and cybercriminals, including a Ryuk ransomware affiliate. Zhdanova’s actions were purportedly aimed at helping other Russians evade sanctions imposed on their country’s financial system following the invasion of Ukraine.
In one instance, an unnamed oligarch allegedly sought to move $100 million to the United Arab Emirates through Zhdanova’s assistance. Moreover, in 2021, Zhdanova is said to have laundered over $2.3 million in “suspected victim payments” for a Ryuk ransomware affiliate by routing the funds through the Garantex cryptocurrency exchange, which itself was designated by the Office of Foreign Assets Control (OFAC) in 2022.
OFAC revealed that over $100 million in transactions linked to darknet markets and criminal actors were conducted through the Garantex exchange prior to its sanctions. Undersecretary of the Treasury for Terrorism and Financial Intelligence, Brian E. Nelson, emphasized the role of individuals like Zhdanova as key facilitators enabling Russian elites, ransomware groups, and illicit actors to evade US and international sanctions, particularly by exploiting virtual currency. The report, however, did not provide specifics about Zhdanova’s professional background.
Ryuk ransomware has been responsible for significant disruptions since its emergence in 2018, with notable attacks on the healthcare sector, including one that cost a hospital chain $67 million. While sanctions against individuals like Zhdanova can serve symbolic purposes, their impact is often limited due to the absence of property or business interests in the United States for those engaged in illicit activities.
