Two Russians Charged Over $17M Cryptocurrency Fraud Scheme

The United States Department of Justice on Wednesday unsealed an indictment against two Russian nationals allegedly engaged in cryptocurrency fraud schemes.

The two, Danil Potekhin (also known as cronuswar) and Dmitrii Karasavidi (also referred to as Dmitriy Karasvidi), allegedly targeted three cryptocurrency exchanges — two in the United States and one abroad — and their customers to defraud them of at least $16.8 million in virtual currency.

According to the superseding indictment, Potekhin registered websites mimicking those of legitimate crypto-exchanges, and employed phishing and spoofing to steal users’ login credentials, email addresses, and other personal information.

Using the stolen information, Potekhin and co-conspirators accessed the victims’ cryptocurrency accounts to steal funds or manipulate virtual coin markets, the DoJ notes.

Starting July 2017, as part of one fraud scheme, Potekhin created and controlled at least 13 fake domains targeting one U.S. currency exchange, and stole the credentials of more than 150 customers of the exchange.

Furthermore, the indictment alleges that Potekhin and Karasavidi created multiple fictitious accounts with the same exchange, three of them created using stolen information of individuals from the United Kingdom. The defendants accessed victim accounts to steal digital currency.

Another attack targeting the same U.S.-based digital currency exchange was aimed at manipulating the market through accessing three victim accounts and purchasing large amounts of an inexpensive digital currency known as GAS, thus leading to an increase in demand and price.

Next, the defendants quickly converted the digital currency from GAS to other digital currencies, thus causing the value of GAS to plummet. The scheme resulted in a loss for the three victims of roughly $5 million.

The two allegedly engaged in similar schemes targeting customers of another U.S.-based digital currency exchange, as well as those of an exchange based abroad. They allegedly stole digital currency that at the time had a value of more than $11 million.

According to the indictment, the two laundered the proceeds of the attacks by transferring the funds through multiple accounts. In the end, a significant amount of the stolen funds was transferred to Karasavidi’s account.

In coordination with the DoJ, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against the two Russians, restricting their resources and prohibiting others from dealing with them.

Related: U.S. Charges Alleged Hackers of Chinese APT41 Group for Attacks on 100 Firms

Related: Russian Indicted for Attempting to Recruit Tesla Employee to Install Malware

Related: Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks