{"id":7641,"date":"2025-08-13T09:53:03","date_gmt":"2025-08-13T09:53:03","guid":{"rendered":"https:\/\/bitunikey.com\/news\/u-s-seizes-servers-and-1-09m-in-crypto-linked-to-blacksuit-ransomware-gang\/"},"modified":"2025-08-13T09:53:08","modified_gmt":"2025-08-13T09:53:08","slug":"u-s-seizes-servers-and-1-09m-in-crypto-linked-to-blacksuit-ransomware-gang","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/u-s-seizes-servers-and-1-09m-in-crypto-linked-to-blacksuit-ransomware-gang\/","title":{"rendered":"U.S. seizes servers and $1.09m in crypto linked to BlackSuit ransomware gang"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Another ransomware gang is in U.S. crosshairs, with authorities moving against the BlackSuit group, active since 2022 and linked to more than $370 million in ransom demands.<\/p>\n<div id=\"cn-block-summary-block_ee97f58379ada8c00ce1fa57c108e5dd\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>U.S. authorities have seized four servers, nine domains, and $1.09 million in cryptocurrency tied to the BlackSuit ransomware group.<\/li>\n<li>BlackSuit has targeted critical infrastructure in the U.S. since 2022.<\/li>\n<li>It emerged as a spinoff of the Royal ransomware gang.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>On Monday, the Justice Department <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.justice.gov\/opa\/pr\/justice-department-announces-coordinated-disruption-actions-against-blacksuit-royal\" target=\"_blank\">said<\/a> it seized four servers, nine domains, and about $1.09 million in cryptocurrency tied to BlackSuit, working with U.S. and international partners to carry out the raid.<\/p>\n<p>The July 24 takedown drew in a broad coalition of agencies, from Homeland Security Investigations and the Secret Service to IRS Criminal Investigation and the FBI, alongside law enforcement from the United Kingdom, Germany, Ireland, France, Canada, Ukraine, and Lithuania.<\/p>\n<p>Officials also unsealed a federal warrant to seize the cryptocurrency, which an unnamed exchange had frozen earlier this year.<\/p>\n<h2 class=\"wp-block-heading\">BlackSuit\u2019s targeted critical U.S. infrastructure<\/h2>\n<p>BlackSuit, active since at least 2022, emerged as a spinoff of the Royal ransomware gang, a group already known for large-scale extortion campaigns against critical infrastructure. Investigators say the group began operating under the BlackSuit name in 2023 and was found to be using many of Royal\u2019s tactics, techniques, and tools.<\/p>\n<p>Over time, it built its own reputation in the cybercrime world for targeting large organizations with ransom demands ranging from $1 million to $10 million, and in one case, as high as $60 million.\u00a0<\/p>\n<p>The group also operated a portal on the darknet where it listed sensitive stolen data set to be released to the public if victims did not pay the ransom.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>By late 2023, the FBI and the Cybersecurity and Infrastructure Security Agency warned in a joint advisory that BlackSuit had the tools and tactics to hit sectors where an attack could cause the most disruption.<\/p>\n<p>BlackSuit has struck critical infrastructure within the U.S., often hitting healthcare providers, government facilities, manufacturing plants, and commercial operators. Victims usually found themselves locked out of vital systems while facing the threat of sensitive data leaks.<\/p>\n<p>In 2023, an unnamed organization paid 49.3 Bitcoin, worth about $1.44 million at the time, to regain control of its systems after a BlackSuit breach, according to the DOJ.<\/p>\n<p>A portion of that ransom payment became the $1.09 million that was seized during the takedown after months of investigation. Authorities estimate that since 2022, BlackSuit has compromised over 450 known victims in the United States alone.<\/p>\n<h2 class=\"wp-block-heading\">US moves against ransomware gangs<\/h2>\n<p>The U.S. has been actively fighting back against ransomware attacks through sanctions and enforcement actions, describing this in today\u2019s announcement as a \u201cdisruption-first\u201d approach.<\/p>\n<p>As previously reported by crypto.news, earlier this year the U.S., UK, and Australia jointly sanctioned Russian hosting provider Zservers and its operators for offering bulletproof hosting to the LockBit ransomware gang.<\/p>\n<p>Last month, the Justice Department filed a forfeiture action to recover $2.3 million in Bitcoin from a member of the Chaos ransomware group after the FBI\u2019s Dallas division seized 20 BTC from a Chaos-linked address the same month.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Another ransomware gang is in U.S. crosshairs, with authorities moving against the BlackSuit group, active since 2022 and linked to more than $370 million in ransom demands. Summary U.S. authorities&hellip;<\/p>\n","protected":false},"author":1,"featured_media":7642,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7641","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=7641"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7641\/revisions"}],"predecessor-version":[{"id":7643,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/7641\/revisions\/7643"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/7642"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=7641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=7641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=7641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}