On September 16, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two Russian nationals who were allegedly involved in phishing campaigns targeting virtual asset service providers in 2017 and 2018, resulting in losses of at least $16.8 million. Specifically, the Russian nationals spoofed web domains of legitimate virtual currency exchanges to steal customers’ login information and gain access to their real accounts. According to OFAC, they used a “variety of methods to exfiltrate their ill-gotten virtual currency” and subsequently laundered the money to a personal account, attempting to “conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains.” OFAC designated the individuals pursuant to Executive Order 13694, which targets “malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain.”

OFAC emphasized that anti-money laundering and countering the financing of terrorism regimes “pose a critical chokepoint in countering and deterring” this type of cybercriminal activity. As a result, all property and interests in property belonging to the designated individuals subject to U.S. jurisdiction are blocked, and “U.S. persons generally are prohibited from dealing with them.”