Russian citizen Denis Mihaqlovic Dubnikov pleaded responsible on Tuesday to laundering cash for the infamous Ryuk ransomware group for over three years.

The responsible plea comes after Dubnikov, a former crypto-exchange government and the co-founder of crypto buying and selling platforms Coyote Crypto and Eggchange, was arrested in Amsterdam in November 2021 and extradited to the US in August 2022.

He made his first look in a U.S. federal court docket in Portland sooner or later after the extradition date, on August 17, 2022.

From August 2018 to August 2021, Dubnikov and 13 different accomplices participated in cash laundering actions involving proceeds from Ryuk ransomware assaults concentrating on people and organizations in the US and worldwide.

The cash laundering group, together with Dubnikov, used varied monetary transactions, together with worldwide ones, to cover the origin, location, and identification of those that acquired the ransom funds.

Ryuk is a former ransomware-as-a-service (RaaS) operation energetic between August 2018 and the center of 2020, when the Wizard Spider cybercrime group behind it switched to Conti ransomware.

Conti additionally shut down operations in Could 2022, when it rebranded into a number of smaller models that both launched new operations or infiltrated current ransomware gangs.

Dubnikov laundered Ryuk ransom paid by US firm

In line with a superseding indictment, after victims paid the Ryuk ransoms within the type of bitcoin to non-public wallets, the co-conspirators concerned within the cash laundering scheme divided the funds into smaller quantities. Then they transferred the ransoms to varied different non-public wallets. 

The legal group used lots of of personal wallets to hold out these transactions, every with hundreds of related public keys.

They then moved among the bitcoin from the non-public wallets to cryptocurrency trade accounts the place the bitcoin was exchanged for Tether, different cryptocurrencies, or fiat forex.

The Ryuk ransom proceeds (exchanged into Tether or one other cryptocurrency) have been then despatched to different conspirators’ accounts at different cryptocurrency exchanges to be exchanged for fiat forex (normally Chinese language Renminbi) utilizing these exchanges’ “over-the-counter” providers.

“Particularly, in July 2019, a United States-based firm paid a 250 Bitcoin Ryuk ransom after a ransomware assault. On or about July 11, 2019, in Moscow, Russia, Dubnikov accepted 35 Bitcoin from a co-conspirator in trade for roughly $400,000,” the Division of Justice mentioned in a press launch issued right now.

“The Bitcoin transferred to Dubnikov have been instantly sourced from the ransom paid by the American firm. Dubnikov transformed the Bitcoin to Tether and despatched it to a second co-conspirator, who finally exchanged it for Chinese language Renminbi.”

If discovered responsible, Dubnikov can get a sentence of as much as 20 years of federal imprisonment, three years of supervised launch, and a tremendous of as much as $500,000. The defendant will probably be sentenced on April 11, 2023.