Cryptomus Relaunched as Heleket to Evade Crypto Laundering Laws

A recent report by blockchain intelligence firm TRM Labs has shed light on a potential case of crypto laundering evasion.

According to the report, the Russia-linked crypto payment processor, Cryptomus, was secretly relaunched as Heleket after facing a record-breaking penalty of nearly CAD 177 million in Canada. The fine was handed down by FINTRAC in October 2025 for multiple violations of money laundering and terrorist financing laws.

Cryptomus had introduced mandatory identity verification in February 2025, but this move triggered a sharp decline in transaction volumes, from USD 153 million to USD 86 million. TRM Labs argues that this dip created an opportunity for Heleket to emerge as a parallel platform, designed to process transactions without strict identity checks.

TRM's analysis found that Heleket's illicit exposure is nearly five times the average seen across payment service providers in its dataset. Around 60% of Heleket's illicit inflows trace back to Garantex, a now-closed Russian exchange that faced U.S. sanctions. The report also notes that Heleket claimed to require identity documentation but transactions were still possible without it.

The shared infrastructure and branding between Cryptomus and Heleket are seen as strong evidence of their connection. Both platforms use the same privacy-focused domain registrar, have identical design elements, and charge a matching 0.4% processing fee. TRM Labs also found evidence of shared personnel, including one administrator likely based in the Baltics.

The report raises concerns about how sanctioned-linked platforms adapt to avoid accountability, potentially by launching parallel platforms rather than complying with regulations. This phenomenon is reminiscent of the 'year of the Russian rebrand,' where enforcement action prompts platform relaunches rather than genuine reform.