The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned two Russian nationals over the theft of millions of dollars in digital currency.
The perpetrators allegedly carried out cyber attacks on three or more cryptocurrency platforms in 2017 and 2018. In a September 16 press release, OFAC said the men stole a total of $16.8 million from American citizens and businesses.
The statement highlighted OFACs commitment to redoubling its efforts to target cyber-crime. The office specifically suggested that blockchain technology was under scrutiny. U.S. Treasury Secretary Steve Mnuchin gave a dire warning to cybercriminals:
The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.
The press release identified the two men as Russian nationals, Danil Potekhin (aka ‘cronuswar’), and Dmitrii Karasavidi. The accused thieves were also subject to a Department of Justice (DOJ) indictment, which was unsealed yesterday.
The DOJ indictments claim the two hackers mimicked the sites of major crypto exchanges like Gemini, Poloniex, Bittrex, and more.
The Spoofers Attack
According to investigators, Potekhin created numerous websites and domains which appeared to be authentic cryptocurrency exchanges.
Users who unwittingly entered their data were duped in a tactic called ‘spoofing.’ Armed with logins, passwords, and personal info, the criminals were able to access victims’ accounts on real exchange websites.
Getting the money off those exchanges was another matter, however. Recently, BeInCrypto reported that crypto hackers face a bigger task laundering their loot after obtaining it.
First, they had to hide their ill-gotten rewards. Potekhin used various tactics, including moving currency around multiple accounts, setting up exchange accounts using stolen or false identities, changing currencies, and manipulating the market by forcing prices up with large buys, then selling for an immediate profit.
Once the money became hard to track, Karasavidi began the laundering process in earnest. Surprisingly, Karasavidi transferred the funds into an account under his own name. He attempted to hide the source of the funds through intermediary transfers and cross-blockchain swaps.
Law enforcement eventually caught up with him and traced the funds to their source. The United States Secret Service then froze Karasavidi’s assets. The men do not live in the U.S.
The Treasury Department Strikes Back
Not famous for strong wording, the Treasury Department appears committed to cracking crypto crimes. A statement read:
Today’s action demonstrates the important role that a robust anti-money laundering and countering the financing of terrorism (AML/CFT) regime plays in deterring cybercrimes.
The Treasury is not the only department looking to pre-empt crypto-powered cybercrime. On September 4, 2020, the US Internal Revenue Service offered a $625,000 bounty to anyone who could track the anonymity of the Lighting Network or Monero.
Other U.S. government departments intend to catch similar offenders. On September 10, the OFAC sanctioned Russian national, Artyom Lifshitz. He, too, faced criminal charges from the DOJ.