US Treasury Sanctions 2 Russians Over $16.8M Virtual Currency Heist

The perpetrators allegedly carried out cyber attacks on three or more cryptocurrency platforms in 2017 and 2018. In a September 16 press release, OFAC said the men stole a total of $16.8 million from American citizens and businesses.

A Warning

The statement highlighted OFACs commitment to redoubling its efforts to target cyber-crime. The office specifically suggested that blockchain technology was under scrutiny. U.S. Treasury Secretary Steve Mnuchin gave a dire warning to cybercriminals:

The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.

The press release identified the two men as Russian nationals, Danil Potekhin (aka ‘cronuswar’), and Dmitrii Karasavidi. The accused thieves were also subject to a Department of Justice (DOJ) indictment, which was unsealed yesterday. The DOJ indictments claim the two hackers mimicked the sites of major crypto exchanges like Gemini, Poloniex, Bittrex, and more.

DANIL POTEKHIN aka “cronuswar,"
DMITRII KARASAVIDI a/k/a Dmitriy Karasvidi,
-Poloniex, LLC
-Bithex
-Binance
-Bitfinex
-Gemini Trust Company LLC
Paragraph 19 encapsulates the scheme and the “market manipulation” the fake websites served as a well for unsuspecting victims pic.twitter.com/aeEcajkwJx

— File411 (@File411) September 16, 2020

The Spoofers Attack

According to investigators, Potekhin created numerous websites and domains which appeared to be authentic cryptocurrency exchanges. Users who unwittingly entered their data were duped in a tactic called ‘spoofing.’ Armed with logins, passwords, and personal info, the criminals were able to access victims’ accounts on real exchange websites. Getting the money off those exchanges was another matter, however. Recently, BeInCrypto reported that crypto hackers face a bigger task laundering their loot after obtaining it. First, they had to hide their ill-gotten rewards. Potekhin used various tactics, including moving currency around multiple accounts, setting up exchange accounts using stolen or false identities, changing currencies, and manipulating the market by forcing prices up with large buys, then selling for an immediate profit. Once the money became hard to track, Karasavidi began the laundering process in earnest. Surprisingly, Karasavidi transferred the funds into an account under his own name. He attempted to hide the source of the funds through intermediary transfers and cross-blockchain swaps.

As innovation advances financial technology, the U.S. is determined to keep the global financial system safe from the use of these technologies for malign purposes. Today, @USTreasury sanctioned 2 individuals for stealing virtual currency from Americans. https://t.co/5miJv262BX

— Steven Mnuchin (@stevenmnuchin1) September 16, 2020

Law enforcement eventually caught up with him and traced the funds to their source. The United States Secret Service then froze Karasavidi’s assets. The men do not live in the U.S.

The Treasury Department Strikes Back

Not famous for strong wording, the Treasury Department appears committed to cracking crypto crimes. A statement read:

Today’s action demonstrates the important role that a robust anti-money laundering and countering the financing of terrorism (AML/CFT) regime plays in deterring cybercrimes.

The Treasury is not the only department looking to pre-empt crypto-powered cybercrime. On September 4, 2020, the US Internal Revenue Service offered a $625,000 bounty to anyone who could track the anonymity of the Lighting Network or Monero.

Russian Project Lakhta member charged with wire fraud conspiracy. Used stolen identities of U.S. persons to open fraudulent accounts and promote political influence operations. @USATerwilliger https://t.co/lWJMIS3hCd

— U.S. Attorney EDVA (@EDVAnews) September 10, 2020

Other U.S. government departments intend to catch similar offenders. On September 10, the OFAC sanctioned Russian national, Artyom Lifshitz. He, too, faced criminal charges from the DOJ.