International Action Dismantles Notorious Russian Crypto Exchange Guarantsex

On March 7, 2025, The US Department of Justice (DoJ), in Coordination with Authorities in Germany and Finland, Announced the disruption of Guarantx-A Russia-Based Cryptocurrency Exchange Deeply Embedded in the Global Cybercrime Economy.

The Operation result in the Seizure of Garantine's Domains and Servers in Germany and Finland, the Freezing of Over $ 26 million in Illicit Funds, and Criminal Charges Against Its Administrators Aleksej Besciokov and Aleksandr Mira Serda, Who Alledly Oversaw the Launderings of Dollars of Dollars of Dollars of Dollars Worth of Cryptocurrency.

For Years, Guarantx was a major Enabler of Financial Crime, Facilitating Money Laundering for Ransomware Groups, Darknet Markets (DNMS), and other sanctioned entities. Despite Being Sanctioned by the Us Treasury's Office of Foreign Asset Control (OFAC) in April 2022, Guarantx continued to evade restrictions and conduct transactions with us-based entities. The Takedown Marks has meaningful Victory as International Efforts Escalate to Disrupt Illicit Crypto Activity.

What is Guarantx?

More than just an unregulated crypto exchange, Guarantx was a cornerstone of Russia's illicit Crypto Economy and a Key Financial Facilitator for Illicit Actors Across the World.

While the Shutdown of Hydra Market in 2022 was a major Blow to the cybercriminal landscape, Guarantx Remaine Operational and Provided Services to Transnational Criminal Organization Including Ransomware Groups, Drug Traffickers, and Sanctioned Entities, Processing At Least $ 96 Billion in transactions 2019.

Guarantx's Role in Illicit Finance:

• Served as a Major Laundering Hub for Ransomware Groups Like Conti, Black Basta, and Play, included for some of the Large Attacks in the Last Three Years, with substantial impacts to us-based victim
• Moved Millions of Funds Linked to DNMS, Including Drug Trafficking Processeds and Child Sex Abuse Materials (CSAM)
• Laundred at Least $ 22 million Stolen from a hacked us-based blockchain platform
• Linked to high-risk russian cybercriminal forums and terrorist finance

According to the unsealed indication, Guailed Administrators Took Deliberate Steps To Conceal Illicit Activity. When Russian Authorities Reassted Records On Mira Serda's Account, Guarantx Provided False Information. After Being Sanctioned by OFAC in 2022, Guarantx continued Transacting with us-based entities and REDESSIGNED ITS OPERATIONS TO EVADE DETECTION, included frequent wallet addresses to bypass compliance measures. Additionally, Despite Extensive Conducting Financial Dealings in the US, Guarantx never registered with fincen as required by federal regulations.

Examining guarantex's illicit on-chain footprint

Guarantx was Among the Most Prolific Money Laundering Platforms in the Crypto Ecosystem, Cybercrime Facilitating On A Global Scale. While the True Volume of Illicit Activity Linked to Guarantex is likely much Higher – As Illicit Addresses continues to be identified – The Avaible Data Provides A Clear Picture of its Role in Enabling Cybercrime.

Illicit Activity Accountaged for At Least 1.35% of Garantine Total Transactions. This May Seem Like A Small Percentage at First Glance, but at a scale of $ 96 Billion, that translates to over $ 1.3 Billion in illicit fund funneled through the excchange. In Comparison, Most Compliant Centralized Exchanges (CEXS) See Illicit Transactions Account for Just 0.14% of Their Total Volume. This means that guarantex's illicit transaction share was nearly ten times high – year 871% difference.

When Broken Down by Entity Type, we can see the Majority of Illicit Funds Received by Guarantex Originated From Scams, Dnms, and Illicit Actor Organizations.

The Reactor Graph Below Shows Guarantx's On-Chain Connections With A Wide Assortment of Illicit Entities.

Guarantex's on-chain relationships include:

As well as csam, scams, stolen funds, ransomware operators and administrators, exploit kit developers, and illegal goods vendors.

The disruption of guarantee is Among the most significant actions against illelicit crypto use in recent years, demonstrating the growing impact of international collaboration and blockchain intelligence in dismantling financial networks that cybercrime support.

What's Next for Guarantx: Rebrands, Fragmentation, Migration

With Guarantx's Core Infrastructure Dismantled, Its Illicit Customer Base Will Likely Seek New Avenues to Launder Funds. One possibility is the Emergence of A Successor Exchange, Leveraging Similar Infrastructure and Customer Bases Under A Different Name. We have your other sanctioned russian exchanges attempt rebrands in the past, such as suex reemerging as chatex.

Alternatively, Rather Than a single replacement, A Network of Smaller, Harder-to-Track Exchanges and Brokers Could Appear. Such is the case with Hydra Market's Takedown, After Which Dozens of Smaller Darknet Markets Emerged to Fill The Gap. Some Illicit Actors May Simply Move to Other Existing High-Risk Exchanges, Particularly in Areas With Weak Anti-Money Laundering (AML) Controls, Including Russia-Based Platforms That Operate Outside of Us Jurisdiction.

Chainalysis is Actively Monitoring How Illicit Flows Shift in the Wake of the Guarantex Takedown, Tracking Potential Successor Entities, and the Movement of Illicit Funds to Other Platforms.

Public-Private Partnerships Power the Fight Against Transnational Cybercrime

The Successful Dismantling of Guarantx was made possible through coordinated efforts between international law enforcement agencies, blockchain analytics providers, and industry partners, demonstracting How Advanced Blockchain Tooling and Enforcement Can Disrupt Prolific Networks.

With Real-Time Transaction Monitoring, Chainalysis Equips Investigators With the Tools and Training To Trace Illicit Funds across Even the Most Complex Laundering Networks. The Dismantling of Guarantx Marks A Major Milestone, Cutting off transnational crime from its core financial infrastructure. Nevertheless, as History Shows, Illicit Actors are swift to adapt. Chainalysis will continue to track where guarantex's criminal customer base migrates, identifying other high-risk exchanges that may take its place, as well as potential successor entitities and rebrands attempting to reestablish operations.

As Global Law Enforcement and Private and Public Sector Partners Continue to Strengthen Collaboration, Blockchain is Becoming An Increasingly Poor Vehicle for Criminal Operation, Making It More Difficult Than Ever for Illicit Actors to Operate Unchecked.

This website contains links to third-party sites that are not the control of chainalysis, Inc. or its affiliates (Collectively “Chainalysis”). Access to Such Information DES NOT IMPLY ASSOCIATION With, Endorsment of, Approval of, or Recommendation by Chainalysis of the site or its operators, and chainalysis is not responsible for the product, services, or other content hosted there.

This Material is for Informational Purposses Only, and is not intended to provide Legal, Tax, Financial, or Investment Advice. Should Should Consult Their Own Advisors Before Making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with container's use of this material.

Chainalysis dues not guaranto or warrant the accuracy, Completeness, Timeliness, follow -up or validity of the information in this report and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such matterial.