Federal authorities have confiscated over INR 232 crore in cryptocurrency, along with INR 58 lakh in cash and a luxury vehicle, from an alleged ransomware operator linked to the now-defunct Zeppelin ransomware group.
The accused, identified as Ianis Aleksandrovich Antropenko, faces charges including computer fraud and money laundering in a U.S. federal court in Texas. He allegedly used the ransomware strain to target businesses and individuals worldwide.
Data Protection and DPDP Act Readiness: Hundreds of Senior Leaders Sign Up for CDPO Program
How It Worked
Antropenko reportedly encrypted victims’ data, demanding cryptocurrency ransom for decryption—sometimes to avoid publishing or deleting the data entirely.
To obscure the payment trail, he used the defunct cryptocurrency mixer ChipMixer, which had already been shut down by an international law enforcement effort in 2023. He also converted digital assets into cash and made smaller bank deposits to evade detection.
A Key Step in Fighting Ransomware
This seizure demonstrates a broader U.S. strategy of hitting ransomware groups in the wallet. Since 2020, authorities have helped recover over INR 29,050 crore for victims and blocked INR 16,600 crore in ransom payments, according to the Department of Justice’s Computer Crime and Intellectual Property Section.
The recovered assets—including the seized crypto—are slated for inclusion in a growing national crypto reserve, valued at about INR 16.6 lakh crore, built from forfeited criminal assets.
Why This Matters
By freezing the financial gains of ransomware groups, law enforcement aims to reduce their incentive to carry out attacks. Tracking ill-gotten digital funds highlights the growing capability of authorities to follow crypto trails, even years after a criminal operation has ended.