Global Crackdown: $390M Crypto Money Laundering Operation Dismantled by International Police

Key Takeaways

Table of Contents

International law enforcement collaboration led to the takedown of AudiA6, a major cryptocurrency laundering operation serving ransomware criminals
The scheme facilitated the laundering of approximately 10,333 BTC, with a historical value of about $389 million, beginning in 2021
Georgian authorities apprehended two key operators — one Ukrainian and one Russian citizen — with US extradition proceedings underway
The operation leveraged more than 6,000 fraudulent KYC-verified accounts to channel illicit cryptocurrency through mainstream exchanges
Dark2Web, a criminal marketplace platform associated with the network, was simultaneously dismantled

A coordinated international effort involving law enforcement from 11 nations has successfully dismantled AudiA6, a sophisticated cryptocurrency laundering operation that facilitated approximately $390 million in criminal proceeds over a four-year period. The sweep also resulted in the seizure of Dark2Web, a darknet marketplace connected to the same criminal enterprise.

NEW: 🇺🇸The U.S. has charged two individuals for allegedly operating AudiA6, a cryptocurrency laundering service accused of processing over $389M in illicit transactions between 2022 and 2025. pic.twitter.com/g9qwXC0i0H

— SolanaFloor (@SolanaFloor) June 11, 2026

Georgian law enforcement arrested two primary suspects — a 37-year-old Ukrainian citizen and a 25-year-old Russian national — who are believed to have administered the operation. United States authorities have initiated extradition requests for both individuals.

The multinational operation was facilitated through Eurojust and Europol, bringing together investigative teams from the United States, Australia, France, Germany, the United Kingdom, Canada, Japan, Switzerland, Iceland, Poland, and Georgia.

The Mechanics Behind AudiA6

AudiA6 functioned as a commercial mixing service for cryptocurrency. The platform accepted tainted digital currency from ransomware organizations and other cybercriminals, then returned sanitized funds — typically within 60 minutes — while collecting fees ranging from 3% to 10%.

Blockchain intelligence company Chainalysis determined that the operation processed roughly 10,333 Bitcoin from its 2021 inception, representing a historical value of approximately $389 million.

Forensic analysis revealed that at least 393 BTC — currently valued above $19 million — originated directly from identified ransomware operators and illegal darknet marketplaces. More than $16 million specifically connected to ransomware campaigns and theft was cleaned through the platform.

The criminal enterprise circumvented legitimate cryptocurrency platforms by channeling funds through over 6,000 compromised KYC-verified accounts. These “money mule” profiles had successfully completed identity verification processes, creating a veneer of legitimacy that obscured criminal transactions.

Chainalysis additionally traced AudiA6’s cashout infrastructure to Russian exchanges under sanctions, including Bitzlato and Garantex, as well as Exploit.in, a Russian-language forum for cybercriminals.

Dark2Web Platform Simultaneously Taken Down

In conjunction with the AudiA6 shutdown, law enforcement seized Dark2Web — a criminal services marketplace that facilitated connections between cybercriminals and promoted illegal offerings worldwide.

Both the clearnet and darknet versions of these platforms now display law enforcement seizure notices. The operation resulted in the confiscation of 25 domain names, over 30 servers, and 80 vehicles. Approximately $900,000 in cryptocurrency was also frozen.

According to the Australian Federal Police, AudiA6 processed portions of ransom payments made by an Australian company following a 2024 ransomware incident.

This takedown occurs amid sustained ransomware activity worldwide. During the first quarter of 2026, ransomware incidents were documented in 97 nations. American organizations represented 64.7% of all identified victims, based on Emsisoft data.

Check Point Research disclosed in May that the leading 10 ransomware collectives accounted for 71% of all attacks during Q1 2026, indicating concentration within the ransomware ecosystem among fewer but more prolific groups.

The AudiA6 operation demonstrates law enforcement’s evolving strategy to disrupt the complete financial infrastructure supporting cybercrime — extending beyond merely responding to individual attacks.

Investigators employed blockchain forensics to map transaction flows, correlate digital wallets with physical operators, and establish connections between exchange accounts and criminal networks — an investigative approach that has become increasingly prevalent in cryptocurrency-related enforcement operations.

✨ Limited Time Offer

Get 3 Free Stock Ebooks

Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.

Top 10 AI Stocks - Leading AI companies
Top 10 Crypto Stocks - Blockchain leaders
Top 10 Tech Stocks - Tech giants

📥 Get Your Free Ebooks

Advertise Here

SpaceX IPO Debut and U.S.-Iran Peace Progress Boost Friday Markets

Lockheed Martin (LMT) Secures $2.8B Pentagon Contracts for F-35 Support and CH-53K Program

Marvell (MRVL) Stock Soars on Adobe CFO Hire and Nvidia Endorsement Ahead of S&P 500 Addition