Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Two Russians Charged Over $17M Cryptocurrency Fraud Scheme

The United States Department of Justice on Wednesday unsealed an indictment against two Russian nationals allegedly engaged in cryptocurrency fraud schemes.

The United States Department of Justice on Wednesday unsealed an indictment against two Russian nationals allegedly engaged in cryptocurrency fraud schemes.

The two, Danil Potekhin (also known as cronuswar) and Dmitrii Karasavidi (also referred to as Dmitriy Karasvidi), allegedly targeted three cryptocurrency exchanges — two in the United States and one abroad — and their customers to defraud them of at least $16.8 million in virtual currency.

According to the superseding indictment, Potekhin registered websites mimicking those of legitimate crypto-exchanges, and employed phishing and spoofing to steal users’ login credentials, email addresses, and other personal information.

Using the stolen information, Potekhin and co-conspirators accessed the victims’ cryptocurrency accounts to steal funds or manipulate virtual coin markets, the DoJ notes.

Starting July 2017, as part of one fraud scheme, Potekhin created and controlled at least 13 fake domains targeting one U.S. currency exchange, and stole the credentials of more than 150 customers of the exchange.

Furthermore, the indictment alleges that Potekhin and Karasavidi created multiple fictitious accounts with the same exchange, three of them created using stolen information of individuals from the United Kingdom. The defendants accessed victim accounts to steal digital currency.

Another attack targeting the same U.S.-based digital currency exchange was aimed at manipulating the market through accessing three victim accounts and purchasing large amounts of an inexpensive digital currency known as GAS, thus leading to an increase in demand and price.

Next, the defendants quickly converted the digital currency from GAS to other digital currencies, thus causing the value of GAS to plummet. The scheme resulted in a loss for the three victims of roughly $5 million.

Advertisement. Scroll to continue reading.

The two allegedly engaged in similar schemes targeting customers of another U.S.-based digital currency exchange, as well as those of an exchange based abroad. They allegedly stole digital currency that at the time had a value of more than $11 million.

According to the indictment, the two laundered the proceeds of the attacks by transferring the funds through multiple accounts. In the end, a significant amount of the stolen funds was transferred to Karasavidi’s account.

In coordination with the DoJ, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against the two Russians, restricting their resources and prohibiting others from dealing with them.

Related: U.S. Charges Alleged Hackers of Chinese APT41 Group for Attacks on 100 Firms

Related: Russian Indicted for Attempting to Recruit Tesla Employee to Install Malware

Related: Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.