U.S. Treasury Sanctions Russian Hackers for Stealing $17 Million in Crypto Cash


This week, U.S. authorities sanctioned two Russian nationals for defrauding several cryptocurrency exchanges of a combined $17 million. The duo, who had several other accomplices, used phishing schemes to meet their goals, cleverly laundered the virtual cash, and even manipulated cryptocurrency prices with fast-rate purchases and sales.

“Today, in a coordinated action with the U.S. Department of Justice and the U.S. Department of Homeland Security, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Russian nationals for their involvement in a sophisticated phishing campaign in 2017 and 2018 that targeted customers of two U.S.-based and one foreign-based virtual asset service providers,” reads the press release.

According to the U.S. Department of the Treasury, Danil Potekhin and Dmitrii Karasavidi defrauded American citizens and businesses of “at least $16.8 million.”

So, how did they do it? The indictment details the duo’s tactics revealing that Potekhin spoofed the exchanges’ websites, tricking unwitting customers into accessing them and entered their login information. This enabled Potekhin and his accomplices to steal customers’ login credentials and gain access to their cryptocurrency wallets, transfer their funds to wallets controlled by them and then launder the digital currency “by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains.”

They didn’t stop there. Per the indictment, “The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit.”

Investigators eventually traced the stolen cryptocurrency to Karasavidi’s account, “and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service,” according to the announcement.