Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

U.S Indicts Russian Man Over Money Laundering Through Bitcoin Exchange

95% of Tracked Ransoms Were Cashed Out via BTC-e, a Digital Currency Exchange The Accused Alexander Vinnik Operated

95% of Tracked Ransoms Were Cashed Out via BTC-e, a Digital Currency Exchange The Accused Alexander Vinnik Operated

The United States Department of Justice this week indicted a Russian man for his role in the laundering of money obtained from hacks, ransomware schemes, and other illegal activities.

Alexander Vinnik, 37, was arrested in Greece on July 25 and faces charges in the United States. According to the indictment, he is the owner and operator of multiple BTC-e accounts, including administrative accounts. Furthermore, he is the primary beneficial owner of BTC-e’s managing shell company, Canton Business Corporation.

BTC-e, one of the world’s largest and most widely used digital currency exchanges, received deposits valued at over $4 billion, and numerous withdrawals from BTC-e administrator accounts went directly to Vinnik’s personal bank accounts, the indictment alleges. Moreover, proceeds from hacks and thefts from Bitcoin exchanges were funded through a BTC-e account associated with Vinnik.

According to a DoJ announcement, the Russian was indicted for “operating an unlicensed money service business, money laundering, and related crimes” and for receiving funds from the infamous hack of Mt. Gox. The largest digital currency exchange in 2013-2014, Mt. Gox started bankruptcy proceedings in April 2014, after discovering the theft of 850,000 Bitcoins and finding only 200,000 coins in an old wallet. Hackers supposedly siphoned the funds for a long period of time, starting 2011.

“The indictment alleges that Vinnik obtained funds from the hack of Mt. Gox and laundered those funds through various online exchanges, including his own BTC-e and a now defunct digital currency exchange, Tradehill, based in San Francisco, California. The indictment alleges that by moving funds through BTC-e, Vinnik sought to conceal and disguise his connection with the proceeds from the hacking of Mt. Gox and the resulting investigation,” DoJ reveals.

The indictment also notes that BTC-e, founded in 2011, was preferred by cybercriminals because it didn’t require users to validate identity, was obscuring and anonymizing transactions and source of funds, and had no anti-money laundering process. In fact, BTC-e was allegedly operated so as to facilitate transactions for cybercriminals.

The indictment also alleges the exchange “received the criminal proceeds of numerous computer intrusions and hacking incidents, ransomware scams, identity theft schemes, corrupt public officials, and narcotics distribution rings.” Over the course of operation, BTC-e supposedly received $4 billion worth of Bitcoin for facilitating crimes such as computer hacking, fraud, identity theft, tax refund fraud schemes, public corruption, and drug trafficking.

Advertisement. Scroll to continue reading.

At Black Hat this week, Google, Chainalysis, UC San Diego, and the NYU Tandon School of Engineering researchers presented the findings of an investigation into ransomware payments, where they were able to track payments through the Bitcoin blockchains from distribution sites to the cash-out points. According to their report (PDF), “95% [of] traced ransoms [were] cashed out via BTC-E.”

The Treasury Department also also BTC-e $110 million for violating U.S. anti-money laundering laws, and fined Vinnik $12 million for his role in the scheme.

The indictment charges BTC-e and Vinnik with one count of operation of an unlicensed money service business (carrying a maximum penalty of 5 years in prison) and one count of conspiracy to commit money laundering (a maximum penalty of 20 years in prison). It also charges Vinnik with seventeen counts of money laundering (a maximum penalty of 20 years in prison for each count) and two counts of engaging in unlawful monetary transactions (a maximum penalty of 10 years in prison for each count).

“BTC-e was noted for its role in numerous ransomware and other cyber-criminal activity; its take-down is a significant accomplishment, and should serve as a reminder of our global reach in combating transnational cybercrime,” United States Secret Service (USSS) Special Agent in Charge of the Criminal Investigative Division Michael D’Ambrosio said.

Related: U.S., European Police Say ‘Dark Web’ Markets Shut Down

Related: U.S. Queries PayPal in Money Laundering Probe

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.