Users of three well-known exchanges lost several thousand dollars in cryptocurrencies when entering fraudulent websites that mimicked the exchange platforms. The “sophisticated” fraudulent scheme was allegedly operated by two criminals of Russian origin between 2017 and 2018.
The US Department of Justice revealed last week the accusations of Russian citizens Danil Potekhin (alias Cronuswar) and Dmitrii Karasavidi (also known as Dmitriy Karasvidi) for allegedly being responsible for a sophisticated campaign of phishing and money laundering. Their actions resulted in the theft of $ 16.8 million in cryptocurrencies and fiat money.
According to the information, both defendants created fraudulent web domains that mimicked three legitimate cryptocurrency exchanges: Binance, Gemini, and Poloniex. Using phishing techniques – identity theft – the criminals managed to obtain the personal information of about 350 users of the three exchanges.
Sites Mimicking Legitimate Exchanges to Steal
After hijacking that information, which included login credentials to the platforms (email, passwords, and other data), the attackers were able to access the victims’ real accounts and steal funds in Bitcoin (BTC) and Ethereum (ETH).
As highlighted by ZDnet, Potekhin and Karasavidi transferred the stolen funds to different exchange platforms using false identities. The authorities note that the defendants “tried to hide the nature and origin” of the funds by transferring the cryptocurrencies “in layers and in a sophisticated way” through multiple accounts.
However, according to a statement from the US Treasury Department, despite efforts to launder stolen funds on different exchanges, the FBI was able to track down and seize the funds. Currently, the authorities of that department have also imposed economic sanctions and have frozen all the property and interests (subject to the jurisdiction of the United States) of both suspects.
“The actions of Potekhin and Karasavidi underscore the growing threat facing global financial institutions from cybercriminals, who employ a variety of sophisticated schemes to profit at the expense of their victims,” Treasury Department officials wrote in a statement.
Market Manipulation Charges
The identity theft and subsequent crypto theft were not the only illicit actions by both defendants. According to the security forces, Potekhin and Karasavidi were also involved in crypto market manipulation.
In what the indictment document describes as “a sophisticated market manipulation scheme that began in July 2017”, both criminals allegedly used the identities of different users to buy and manipulate the price of the GAS cryptocurrency (the GAS token is used to pay the cost of executing transactions on the NEO Blockchain, an open-source platform from China).
Using funds valued at more than $ 5 million from the accounts of three victims, they purchased a large quantity of GAS, causing its price to skyrocket. But then, in a speculative move, the pair quickly converted their tokens into bitcoins and other cryptocurrencies, causing the price of GAS to plummet, disrupting the market for that altcoin.
Potekhin and Karasavidi were charged with conspiracy to commit computer fraud and abuse, computer fraud, conspiracy to commit wire fraud, money laundering conspiracy, and two counts of aggravated identity theft, the Department of Justice detailed. For his part, the federal prosecutor for the northern district of California, David Anderson, reported that the two citizens of Russian origin face up to 59 years in prison for their crimes.
In the meantime, it remains unclear whether the victims of these attacks will be able to access a refund of their funds after the police seized some of the stolen capital. In 2017, security forces seized more than $ 6 million in dollars and $ 12.62 million in ETH and BTC. Now, the prosecutor seeks the confiscation of cryptocurrencies and dollars allegedly attributable to the crimes of the accused.
By Jenson Nuñez