Russian national Ekaterina Zhdanova was sanctioned by the US Treasury Department for her role in laundering money for Russian hacker groups and elites.
“Through key facilitators like Zhdanova, Russian elites, ransomware groups, and other illicit actors sought to evade US and international sanctions, particularly through the abuse of virtual currency,” said Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence in a press release.
The sanction was given by The Office of Foreign Assets Control (OFAC), an agency that exists as part of the US Treasury Department and is responsible for enforcing sanctions. Zhdanova is accused of leveraging international connections to facilitate the transfer of large amounts of funds to other money laundering organizations.
“In one instance, a Russian oligarch sought out Zhdanova to move over $100 million in wealth on their behalf to the United Arab Emirates,” says the US Treasury, “Additionally, Zhdanova has facilitated a United Arab Emirates tax residency service for Russian clients, and possibly participated in obfuscating their identities.”
The report outlined a series of her crimes. In 2021 she aided the Ryuk hacker organization and laundered over $2.3 million worth of victims’ money on their behalf.
In 2022, the Ryuk ransomware gang was recognized as a thorn in the side and a growing threat to healthcare organizations. The sanctions placed on Zhdanova are severe.
“As a result of today’s action, all property and interests in property of the designated person described above that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC.”
The sanctions also prohibit financial institutions and “other persons” from engaging with her.
“The prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated person, or the receipt of any contribution or provision of funds, goods, or services from any such person.”
While a key component of their hacker group may have been taken down, the Ryuk ransomware gang remains active.