# Crypto Sanctions Evasion Skyrockets: A Growing Concern for Cybersecurity Experts
In a recent report, Chainalysis revealed that sanctions evasions using cryptocurrency increased by a staggering 700% in 2025. This surge in illicit activity is largely attributed to the expansion of stablecoins, hacked funds, and state-linked exchanges by sanctioned entities such as Russia, Iran, and North Korea. The findings highlight the increasingly sophisticated methods used by these actors to bypass traditional banking systems and integrate cryptocurrency into their national financial strategies.
The report also reveals that sanctioned entities received at least $104 billion in cryptocurrency last year, an almost eightfold increase on 2024, pushing total illicit onchain volume to a record $154 billion. Notably, about 50% of the total, $72 billion, was linked to the Kyrgyzstan-registered A7A5 token, a ruble-pegged stablecoin that processed $93.3 billion in transactions in less than a year.
The A7A5 token has been identified as a major participant in sanctions-related activity, functioning as a settlement rail for sanctioned Russian businesses to conduct cross-border trade. The token is linked to exchanges Grinex and Meer, which handled billions in transactions before being sanctioned by the U.S. and European Union. An "A7A5 Instant Swapper" service has also been discovered that converts the token into mainstream dollar-pegged stablecoins with few or no know-your-customer (KYC) checks, effectively allowing sanctioned entities to bridge into the broader crypto economy.
Iran has also expanded its crypto use, with addresses tied to the Islamic Revolutionary Guard Corps (IRGC), designated a terrorist organization by the U.S. and EU, accounting for over 50% of value received by Iranian services by late 2025. North Korea remained the most prolific cyber-theft actor, stealing more than $2 billion in cryptocurrency in 2025, including $1.5 billion from a hack of Bybit.
The report highlights a structural shift in crypto crime, with stablecoins now accounting for roughly 84% of illicit transaction volume. This reflects how sanctioned actors increasingly rely on liquid, dollar-pegged assets to move funds across borders. As cybersecurity experts, it is crucial that we understand these trends and develop effective strategies to combat sanctions evasion in the crypto space.
In conclusion, the recent report by Chainalysis serves as a stark reminder of the growing threat of sanctions evasion in the cryptocurrency market. As the use of stablecoins and hacked funds continues to rise, it is essential that we stay vigilant and work towards developing robust solutions to prevent these types of illicit activities.