U.S. federal authorities have confiscated cryptocurrency assets valued at over $2.3 million tied to a core member of the Chaos ransomware operation. The Department of Justice filed a civil forfeiture complaint targeting 20.2891382 Bitcoin seized from an individual using the alias ‘Hors,’ identified as a prominent affiliate of the ransomware-as-a-service (RaaS) group.
The Chaos ransomware group operates under a RaaS model, leasing its destructive malware to attackers who target Windows, Linux, ESXi, and network-attached storage (NAS) systems globally. According to court documents, the FBI physically seized the Bitcoin from Hors in April as part of an ongoing investigation into the group’s infrastructure.
This operation reflects the DOJ’s enhanced strategy of deploying blockchain analytics tools and coordinating with international law enforcement to trace illicit cryptocurrency flows. The seizure aligns with previous high-value recoveries including $9 billion from the Bitfinex hack resolution and $40,300 in Tether (USDT) connected to a separate scam investigation.
While the forfeiture represents a significant blow to Chaos ransomware’s operational funding, the Justice Department acknowledged persistent challenges in dismantling increasingly sophisticated crypto-enabled cybercrime networks that leverage decentralized technologies.