March 7 (UPI) — Working with Germany and Finland, U.S. officials disrupted and took down the online infrastructure used to operate Garantex, a cryptocurrency exchange that allegedly facilitated money laundering by transnational criminal organizations.
Those organizations included terrorist groups, according to U.S. Justice Department officials, who made the announcement in a press release on Friday.
An indictment unsealed in the Eastern District of Virginia leveled charges against Aleksej Besciokov, 46, a Lithuanian national and Russian resident, and Aleksandr Mira Serda (also known as Aleksandr Ntifo-Siaw), 40, a Russian national and United Arab Emirates resident, according to Justice officials.
According to the indictment, Garantex has processed at least $96 billion in cryptocurrency transactions since April 2019.
In the release, Justice officials said Mira Serda and Besciokov are charged with money laundering conspiracy, and Besciokov is charged with conspiracy to violate sanctions and conspiracy to operate an unlicensed money transmitting business.
Garantex was run by Mira Serda and Besciokov from 2019 to 2015, according to Justice officials. Authorities said Besciokov was Garantex’s main technical administrator and responsible for maintaining critical Garantex infrastructure, as well as reviewing and approving transactions. Officials say Mira Serda was Garantex’s co-founder and chief commercial officer.
U.S. officials say the crypto exchange Garantex received hundreds of millions in criminal funding and was used to “facilitate various crimes, including hacking, ransomware, terrorism, and drug trafficking, often with substantial impact to U.S. victims.”
Besciokov and Mira Serda knew that the exchange was facilitating crimes, Justice officials said, adding that Garantex took steps to conceal the facilitation of illegal activities, such as money laundering, on its platform.
According to Friday’s release from the Justice Department, in April 2022 the U.S. Department of the Treasury’s Office of Foreign Assets Control sanctioned Garantex for its role in facilitating money laundering of funds from ransomware actors and so-called darknet markets.
According to court documents cited in Friday’s release, “despite the widespread publicity of the sanctions and Garantex administrator’s personal knowledge of them, Besciokov and his co-conspirators violated those sanctions by continuing to transact with U.S.-based entities.
“Further, Besciokov and his co-conspirators redesigned Garantex’s operations to evade and violate U.S. sanctions and induce U.S. businesses to unwittingly transact with Garantex in violation of the sanctions,” Justice officials said.
As an example of attempts at evasion, Justice officials said Garantex allegedly moved its operational cryptocurrency wallets to different virtual currency addresses on a daily basis “in order to make it difficult for U.S.-based cryptocurrency exchanges to identify and block transactions with Garantex accounts.”
Additionally and despite doing a notable amount of business in the United States and operating as a money transmitting business, Garantex failed to register with the Financial Crimes Enforcement Network as required, Justice officials said.
The U.S. Justice Department said that, on March 6, U.S. law enforcement executed a seizure order authorized by a judge in the Eastern District of Virginia against three website domain names used to support Garantex’s operations: Garantex.org, Garantex.io, and Garantex.academy.
According to officials, the seizure will prevent the sites from being used for money laundering and any other crimes. Individuals who go to those sites now see a message indicating that the site has been seized by law enforcement.
Additionally, officials said Friday that German and Finnish law enforcement also seized servers hosting Garantex’s operations. U.S. law authorities, according to the Justice Department, have separately obtained earlier copies of Garantex’s servers, including customer and accounting databases. More than $26 million in funds used to facilitate Garantex’s money laundering activities have been frozen, U.S. officials said.
If convicted, Besciokov and Mira Serda face decades behind bars.
Americanfortress has launched the beta version of its compliant privacy infrastructure on Arbitrum, introducing tools designed to support institutional and high- volume decentralized finance ( DeFi) activity on the Layer 2 network. The system enables users to send assets using human-readable names while automatically generating stealth addresses that shield recipient information onchain.
The company said the design preserves auditability between counterparties without relying on mixers or custodial transaction-obfuscation services. Arbitrum secures more than $15 billion in total value locked and hosts major DeFi trading ecosystems, including GMX. As institutional activity increases, firms have raised concerns about transaction visibility and wallet transparency in public blockchain environments.
“Financial infrastructure cannot scale institutionally if every transaction exposes counterparties, balances and trading behavior in real time,” said Michal Pospieszalski, CEO and CTO of Americanfortress. “Arbitrum has become one of the most important execution environments in crypto markets, and this implementation delivers a privacy layer designed for serious financial activity without relying on mixers or compromising compliance requirements.”
The beta introduces send-to-name functionality, allowing users to transact via Fortressnames rather than exposing wallet addresses. Americanfortress said the system is compatible with existing blockchain infrastructure and reduces visibility that can contribute to front-running and trade surveillance.
The launch follows new cryptographic research from the company outlining a patent-pending post-quantum security architecture for hierarchical deterministic wallets. Americanfortress said its broader stack integrates privacy-preserving transactions, naming infrastructure, and quantum-resistant wallet security into a unified framework for digital asset custody and settlement.
As part of the rollout, the firm is launching a “Receive on Arbitrum Privately” campaign encouraging users to test private receiving features through the beta wallet. The first 500 eligible participants will receive a lifetime FortressName. The campaign will target Arbitrum-native DeFi communities, including perpetual traders, liquidity providers and active onchain market participants.
“Privacy and usability are increasingly important as more sophisticated financial activity moves onchain,” said Chase Allred, senior partnerships manager at Offchain, the service provider for Arbitrum. “Infrastructure that improves operational security while remaining compatible with compliant blockchain ecosystems represents an important area of development for the wider industry.”
Americanfortress said the system is designed to support emerging automated financial workflows, including AI-driven agents transacting autonomously onchain. The company expects privacy-preserving execution environments to become increasingly necessary as algorithmic capital allocation and machine-driven trading expand across decentralized networks.
(NewsNation) – A type of criminal activity known as “wrench attacks,” in which robbers physically coerce people into handing over their cryptocurrency holdings, is on the rise, according to crypto security firm CertiK.
Nik Seetharaman, the CEO of cyberdefense company Wraith Watch, recently told Nexstar’s NewsNation that he believes the increase in wrench attacks can be partly attributed to people flaunting their wealth online, which he noted makes it easier for criminals to identify and track down people with a lot of money.
“In the crypto community especially, you have this culture of, you know, flaunting your assets and … posting pictures of yourself in (places like) Ibiza and Bali,” Seetharaman explained.
He also pointed to improvements in digital security that make it so criminals “have no option but to basically hold you at gunpoint and say, ‘Enter your password into this phone right now or bad things are going to happen to you or your family.’”
NewsNation local affiliate KTLA reported that experts also say the decentralized nature of cryptocurrencies and the ability to transfer large sums in irreversible transactions make large account holders vulnerable to bad actors.
The name “wrench attacks” was popularized by an online comic that mocked how easily high-tech security can be undone by hitting someone with a wrench until they give up passwords, according to The Associated Press.
CertiK released a report in May detailing global instances of wrench attacks, which showed that between January and April 2026, it identified 43 incidents resulting in victims losing more than $101 million in cryptocurrency.
The firm said those incidents represent a 41% increase over the same period last year, and if the rate continues, “2026 will close with approximately 130 incidents and several hundred million dollars in losses.”
In 2025, CertiK tracked only 81 attacks that resulted in victims losing approximately $52 million, further indicating that wrench attacks are a growing issue.
In November 2025, a San Francisco man was robbed of $13 million in digital currency after thieves posing as pizza delivery drivers forced their way into his home, bound him with duct tape, beat him with a firearm and threatened to cut off his fingers, KTLA reported, citing The San Francisco Chronicle.
Three attempted wrench attacks in Sunnyvale, San Jose and Los Angeles that occurred in the days and weeks following the San Francisco home invasion appear to be linked.
NewsNation contributor and former FBI Special Agent Jennifer Coffindaffer believes Nancy Guthrie, the mother of “Today” host Savannah Guthrie, who has been missing for more than 100 days, could have been the victim of a wrench attack.
Coffindaffer wrote on X Tuesday that she has been “speaking about a Wrench Attack that took place literally about 90 minutes North of Nancy’s house the day before Nancy was attacked since early March.”
Guthrie was last seen at her home on Jan. 31 in Pima County, near Tucson, Arizona. She is believed to have been abducted, and investigators are scrutinizing messages that have been sent to media outlets, possibly from kidnappers, at least one of which made a bitcoin ransom demand.
Separately, TMZ received a series of communications from a person claiming to know who the kidnapper is, and that individual has demanded a $100,000 cryptocurrency payment.
NewsNation local affiliate KTLA, NewsNation’s Sean Noone and The Associated Press contributed to this report.
Key Takeaways
Bitcoin’s bear market may still have a year or more to run, according to Cryptoquant founder and chief executive Ki Young Ju, who spelled out the timeline in a post on X. “Once profit-taking cascades, Bitcoin investors’ PnL typically falls for about 18 months.” Ju wrote, using shorthand for aggregate investor profit and loss (PnL). “Since the trend turned in Oct 2025, the bear market could last until early 2027.”
His reasoning hinges on the direction of realized profits. Put simply, holders are still sitting on paper gains they are steadily cashing in, a dynamic that historically keeps pressure on price until that selling burns itself out. The PnL index he relies on blends several onchain valuation gauges (including the market-value-to-realized-value (MVRV) ratio and net unrealized profit and loss) into a single trend line that peaked around mid-2025 and has been sliding since.
The warning extends a position Ju has pressed for much of the past year, as he first declared bitcoin’s bull cycle over in 2025, citing a widening gap between the asset’s realized capitalization and its market capitalization.
The bleak timeline is far from settled even inside Ju’s own firm, as Cryptoquant’s Bull-Bear Cycle Indicator turned green on May 12 for the first time since March 2023, a signal that has historically coincided with the start of more constructive conditions.
Other analysts are more bullish still, with research firm K33 contending bitcoin’s roughly $60,000 February low already marked the maximum drawdown of this cycle (a decline of about 52% from the record $126,272 the asset printed on Oct. 6, 2025).
The split reveals a murky mid-cycle picture, because if Ju is right, traders face another grinding stretch before realized profits reset, and the next leg higher can begin. If the greening cycle indicator and steady ETF inflows win out, the bottom may already be in.
Either way, Ju has handed the market a clear tripwire to watch wherein the moment unrealized profits start climbing while realized profits fade, the 18-month clock he describes would finally be ready to flip.
Danbury OKs expanded building plans for west side cancer center
New study finds PFAS contamination widespread throughout Delaware River Basin
Florida baseball takes down Miami as Gators reach Gainesville Regional final
A Georgia Wildlife Haven Forged by Fire and Peat Nears UNESCO Recognition – Inside Climate News
Hawaii’s 11 Best Retirement Towns Ranked
Woman sentenced to prison for role in Idaho Falls hotel prostitution business – East Idaho News
With Stojakovic secured, Illinois can stake its claim as a title contender
Caitlin Clark’s stats Saturday in Indiana Fever vs Portland game
