FBI Seizes $24M in Crypto from Russian Cybercrime Kingpin

The U.S.  Department of Justice has indicted a Russian national, Rustam Gallyamov, for leading a major global cybercrime ring behind the infamous Qakbot malware. The authorities seized over $24 million in crypto tied to the operation, which is planned to be returned to the victims. 

The indictment on May 22, 2025, is a significant step by the U.S. authorities in their fight against ransomware attacks. This is part of a broader law enforcement campaign (like Operation Endgame) to target cybercriminals who have been using malware like Qakbot to infect systems worldwide, demand ransoms, and steal data and funds. 

The victims included a wide range of businesses, from small dental clinics in Los Angeles to tech companies in Nebraska, manufacturers in Wisconsin, and even real estate firms in Canada.

U.S. and Allies Unite Against Cybercrime

“The charges announced today exemplify the FBI’s commitment to relentlessly hold accountable individuals who target Americans and demand ransom, even when they live halfway across the world,” said Akil Davis, Assistant Director in Charge of the FBI’s Los Angeles Field Office.

These moves are part of a global crackdown on cybercrime, with the U.S., France, Germany, the Netherlands, Denmark, the U.K., and Canada working together to fight cybercrime, the statement read.

Gallyamov’s Qakbot Malware Infected 700,000+ Computers Since 2008

Gallymov is accused of running the Qakbot malware operation since 2008, infecting over 700,000 computers worldwide and enabling major ransomware attacks like Conti, Black Basta, and REvil. Gallyamov was paid a portion of the ransoms that were received from victims.

In August 2023, a U.S.-led international operation took down the Qakbot botnet, where the authorities seized over 170 Bitcoins and more than $4 million in USDT and USDC from Gallyamov.

Even after this, he kept his cybercrime activity going by switching to new tactics like “spam bomb” attacks. He kept attacking systems as recently as January 2025 by flooding victims with emails, tricking employees into giving hackers access. 

As a result, under the “Operation Endgame”, the FBI seized another 30 Bitcoins and $700,000 in USDT from Gallyamov. The DOJ also filed a civil forfeiture case to permanently claim the $24+ million in total seized crypto, with plans to return the funds to the victims. If convicted, he would face a statutory maximum sentence of 25 years in federal prison.

• Also Read :
•   German Authorities Seize €34 Million from Crypto Laundering Hub eXch: ZachXBT
• ,

Tornado Cash Creator Also Under Federal Investigation

This is just the latest move in the US’ big crackdown on Cybercrime. In December 2024, they charged Rostislav Panev, a Russian-Israeli hacker linked to LockBit ransomware, for creating malware that helped criminals hack networks and demand ransoms, with over $230,000 in crypto tied to him.

In May 2025, 12 mostly young people were charged with running a $263 million crypto racketeering scheme. They used the stolen money to buy luxury jets and cars.

Federal authorities are also going after Roman Storm, the creator of Tornado Cash, who is accused of laundering billions in illegal crypto.

FAQs