The US authorities today announced criminal charges and economic sanctions against two Russian men who were accused of stealing nearly $17 million worth of virtual currency in a series of phishing attacks throughout 2017 and 2018. These fraudulent acts deceived Some popular cryptocurrency exchange websites.
Ministry of Justice Unsealed prosecution against Russian nationals Danil Potekhin (Danil Potekhin) with Dmitirii Karasavidi, Alleged that the man was involved in complex phishing and money laundering activities, which led to the theft of $16.8 million in cryptocurrency and the victim’s legal tender.
In addition, U.S. Treasury Department Announcing economic sanctions on Potekhin and Karasavidi, effectively freezing all the property and interests of these people (subject to the jurisdiction of the United States), and dealing with them is a crime.
According to the indictment, the two established a fake website and deceived the login page for currency exchange Binance, Gemini with Poloniex. The men allegedly stole more than $1
The prosecutor said that these people then ransacked the stolen funds through a series of intermediate cryptocurrency accounts (including stolen and virtually created accounts) on targeted cryptocurrency trading platforms. In addition, the two companies are alleged to have artificially exaggerated the value of their ill-gotten gains by using part of the stolen funds for cryptocurrency price manipulation.
For example, investigators claimed that Potekhin and Karasavidi used compromised Poloniex accounts to place orders to purchase a large amount of “GAS”, the digital currency token used to pay for transactions executed on the NEO blockchain (China’s first open source blockchain platform) cost.
The indictment explained: “They used the digital currency in a victim’s Poloniex account to order approximately 8,000 GAS, which immediately increased the market price of GAS from approximately $18 to $2,400,” the indictment explained.
Potekhin and others then converted the artificially inflated GAS in their own virtual Poloniex account into other cryptocurrencies, including Ethereum (ETH) and Bitcoin (BTC). From the complaint:
“Before freezing the eight virtual Poloniex accounts, POTEKHIN and other accounts transferred approximately 759 ETH to nine digital currency addresses. Through a complex, hierarchical approach, the ETH in these 9 digital currency addresses was sent through multiple intermediary accounts. It was eventually deposited into a Bitfinex account controlled by Karasavidi.
The Ministry of Finance’s action today listed several cryptocurrency accounts believed to be used by the defendants. Searching for some of these accounts on various cryptocurrency transaction tracking sites points to many phishing victims.
One victim shouted while commenting on the Etherscan lookup service: “If you even want to show yourself the ball, I want to blow your bitch away.”
One victim stated that he planned to commit suicide after being robbed of Ethereum assets in a 2017 phishing attack. Another said that he has waived the funds needed to pay for his 3-year-old daughter’s medical expenses.
One victim wrote with the “Illfindyou” handle: “You and your team will leave traces and be found.” “You can only hide behind the facade for a short time. Steal your shit from the whale. “
For the victims of these phishing attacks, there may be some good news. According to the U.S. Department of the Treasury, the U.S. Secret Service confiscated millions of dollars in virtual currency and U.S. dollars in Kala Savidi’s account.
Whether any of these funds can be returned to the victims of the phishing frenzy remains to be seen. Assuming it does happen, it may take several years. In February 2020, KrebsOnSecurity wrote an article about the contact of an IRS investigator who wanted to return the funds seized 7 years ago as part of the government’s seizure of the Freedom Reserve in 2013.
Today’s action is the latest indication that the Ministry of Finance is increasingly willing to use its power to limit financial resources related to various cybercriminal activities. Earlier this month, the agency’s Office of Foreign Assets Control (OFAC) added three Russian nationals and many cryptocurrency addresses to its sanctions list. The case involved Russia’s online troll farm’s efforts to influence the 2018 midterm elections.
In June, OFAC took action against six Nigerian nationals who were suspected of stealing $6 million from American companies and individuals through commercial email compromise fraud and romantic scams.
In 2019, OFAC sanctioned 17 members suspected of being associated with “Evil Corp.”, an Eastern European cybercriminal group that has stolen more than $100 million from small businesses through malware in the past decade.
A copy (PDF) of the indictment against Potekhin and Karasavidi is provided here.
Tags: Binance, Danil Potekhin, Dmitirii Karasavidi, Ethereum, Gemini, Poloniex, US Department of Justice, US Department of Treasury
This entry was posted at 4:53 PM, September 16, 2020 (Wednesday) and is reported by Ne’er-Do-Well News. You can comment on this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Ping is currently not allowed.