Federal authorities confiscate $2.4 million worth of cryptocurrency from the Chaos Ransomware Criminal Organization
In a significant move, the FBI has seized over $2.4 million worth of Bitcoin from the notorious Chaos ransomware gang. The seizure, which took place on April 15, 2025, involved 20.2 Bitcoin, valued at approximately $1.7 million at the time.
The disclosure of the seizure was made by the FBI Dallas in a post on X. The seized Bitcoin was linked to a cryptocurrency address associated with a member of the Chaos operator. This seizure marks another victory in the ongoing battle against cybercrime.
The US Department of Justice filed a civil complaint in the Northern District of Texas seeking the forfeiture of the seized cryptocurrency. To be granted forfeiture of seized crypto, the government must demonstrate evidence linking the assets to criminal conduct. The forfeiture of the seized cryptocurrency is linked to the Chaos ransomware gang, with the allegations including money laundering and extortion related to a ransomware attack.
The seized Bitcoin is now part of the Strategic Bitcoin Reserve and US Digital Asset Stockpile, established by US President Donald Trump in March 2025. The Strategic Bitcoin Reserve is capitalized with bitcoin owned by the Department of Treasury that was forfeited as part of criminal or civil asset forfeiture proceedings. The US Digital Asset Stockpile serves as a US government's digital asset stockpile, designed to manage seized digital assets.
The forfeiture of the seized cryptocurrency is typically the responsibility of the relevant national law enforcement or judicial authorities that conducted the seizure, such as the U.S. Department of Justice. However, no specific authority is explicitly named in the search results.
The Chaos ransomware is believed to have been formed by former members of the BlackSuit/Royal gang. A recent report by Cisco Talos revealed that Chaos has launched a wave of intrusions impacting a wide range of sectors. The ransomware has been linked to ransomware attacks on victims in the Northern District of Texas.
It is worth noting that only liquidation of seized assets occurs when necessary to meet operational funding needs or to provide restitution to victims. The federal government has established structured liquidation policies to ensure a portion of seized assets is preserved in reserve.
This seizure serves as a reminder of the ongoing efforts by law enforcement agencies to combat cybercrime and protect the public from the harmful effects of ransomware attacks. As digital assets continue to grow in importance, it is essential that governments have the tools and resources to manage and secure these assets effectively.
