.png){kind=logo}
In a major step forward in addressing cybercrimes, the BlackSuit ransomware gang was hit by a crypto asset seizure of about $1 million. The gang's servers and domain names were also taken out by the same measure.
In a significant development in the fight against cybercrime, US and international law enforcement agencies have taken a major step against the BlackSuit ransomware gang by seizing around $1 million in cryptocurrency. The move also disrupted the group’s servers and domain names.
The operation, which took place in late July 2025, was led by Homeland Security Investigations with support from the Secret Service, IRS, and FBI. Officers from Ireland, Canada, Ukraine, the UK, Germany, Lithuania, and France also joined the effort to take down the gang.
BlackSuit first appeared as a spin-off of the Royal ransomware group and has been active since 2023. The group targeted hospitals, government offices, factories, and businesses across the United States.
Since 2022, authorities have linked BlackSuit to more than 450 victims and over $370 million in ransom payments. Most common demands ranged between $1 million and $10 million in Bitcoin, with some requests reaching $60 million.
The seized cryptocurrency included part of a ransom payment from 2023 worth 49 BTC, valued at about $1.4 million at the time. Law enforcement traced the funds through crypto exchanges after the money was deposited and withdrawn multiple times. Cooperation with private firms helped authorities recover roughly $1 million connected to the gang.
Michael Prado, deputy assistant director of the Homeland Security Investigations Cyber Crimes Center, said the idea was to dismantle the infrastructure that BlackSuit used to operate, not just take down a couple of servers offline. Authorities emphasize that disruption alone will not stop all attacks, but it sends a clear message to ransomware groups.
Despite the setback, cybersecurity experts warn that groups like BlackSuit may try to rebuild under new names. Some reports suggest that former members are now linked to a new gang called Chaos, which has already started attacking US-based targets.
This operation highlights the importance of global collaboration in fighting cybercrime. It highlights how tracing cryptocurrency and working with international partners can help law enforcement recover stolen funds and stop criminal operations.
The downfall of BlackSuit is considered a strong tactical win. It disrupts one of the major ransomware networks and recovers laundered cryptocurrency. Authorities stress that continued vigilance is essential to prevent these gangs from returning and continuing attacks.
Also Read – TikTok Scam Alert: 15,000 Fake Shops Spread Malware to Steal Crypto
