A United States court has indicted two Russian Citizens. The two are facing multiple charges related to defrauding cryptocurrency exchanges. Both are being charged with conspiracy to defraud exchange users for $16.8 million in crypto.
The two defendants are named Danil Potekhin and Dimitrii Karasavidi. It is said that both of them worked to deploy a combination of phishing and spoofing attacks. The attacks were carried out against unsuspecting cryptocurrency exchange customers.
Spoofing and Phishing is the act cyber-criminals employee in order to harvest data. The hackers exploit the users trust in a service and gather a lot of personal information. In this case, the culprits were replacing bitcoin addresses on the exchange. They not only got user information but also made users send funds directly to them.
The United States Department of Justice published a report on the situation. The report states that the two criminals managed at-least 13 phishing domains. The cryptocurrency exchange being phished is based in the United States. The threat actors managed to fool at-least 150 unsuspecting users. They then attempted to withdraw funds from the accounts gathered.
The Russian nationals are both originally from Moscow. They have opened a about 3 accounts using stolen credentials of UK based users. The cyber-criminals intended to use the accounts to withdraw funds.
Karasavidi and Potekhin gathered lots of data from victims visiting the links. They then proceeded to access the victims accounts. The hackers succeeded in making links between fake and legitimate accounts. These links allowed them to make large cryptocurrency withdrawals. No authorization was required.
Targeting the Stolen Funds
Law enforcement also noted some more ways the stolen accounts were used. They mentioned the common occurrence of sophisticated market manipulation schemes conducted by Russians. These manipulation schemes use stolen accounts of U.S. based users. These accounts are then used to dump coins and manipulate the price. There have been at-least 3 victims of such attacks since January of 2017.
The Court is alleging that the suspects are involved in more fraud schemes. The duo is suspected of being behind similar schemes that took place between 2017 and 2018. The fraud schemes targeted other cryptocurrency exchanges outside of the United States.
The estimated value of the stolen cryptocurrency is expected to surpass $11 million.
Authorities managed to find the suspects via their money laundering scheme. The stolen funds were going through a money laundering process called mixing. The process sought to hide the origins of the cryptocurrencies. This was done by sending the transaction through a long list of wallets. Of-course, when chased by the U.S. government it is not that easy to get away. Agencies traced the final destination of the coins and found that a big portion was sent to an exchange. The account on that exchange was registered on Karasavidi's name.
Now the U.S. justice system is seeking to recover the millions of dollars in stolen coins. The coins are still in the suspected criminals account.
The complaint filed has indicated that the duo engaged in large scale attacks. These attacks were called a "sophisticated phishing campaign". The attackers targeted exchanges based in San Francisco, New York and even Hong Kong. Poloniex, Gemini Trust Company LLC and Binance were the three main targets.
Reports claim that the U.S. Secret Service managed to recover a large portion of the funds. More than $6,000,000 U.S. dollars and several millions in cryptocurrency have been seized. Market prices are subject to change.
Criminal charges against the two Russian citizens have been leveled. This comes after a following decision to sanction the pair. The decision comes from the U.S. Department of Treasury’s Office of Foreign Assets Control.
Although not in custody, the criminal duo has been slapped with sanctions. This permanently restricts their travel and all their property will be seized. If ever leaving Russia, it is expected that an arrest will follow. Some sources claim that the hackers works for the Russian government but it is likely not true, no one knows. This is case is yet another example of how the government can track cryptocurrency. The second example set by the case is not to steal from American citizens. This case can also serve as an example to dark-net users. Government agencies are getting better at tracking cryptocurrency. The safest solution for most dark-net users is coins focused on privacy. Coins like Monero do not allow external actors to track transactions on the blockchain.