• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » US DOJ Indicts Two Russian Hackers on Conspiracy Charges

US DOJ Indicts Two Russian Hackers on Conspiracy Charges

2020-09-17 by Michelle Dvorak

DOJ Russian Cryptocurrency

Defendants Allegedly Attacked Crypto Exchanges to Defraud Customers of at Least $16.8 Million

The US Department of Justice (DOJ) indicted two Russian nationals with crimes related to cyberattacks on three cryptocurrency exchanges. The defendants are charged with conspiracy to defraud three cryptocurrency exchanges and their customers in addition to other crimes. Losses top $16.8 million USD.

The two Russian nationals, Danil Potekhin a/k/a cronuswar and Dmitrii Karasavidi a/k/a Dmitriy Karasvidi  are charged with:

  • Conspiracy to commit computer fraud and abuse, in violation of 18 U.S.C. § 1030(b)
  • Computer fraud, in violation of 18 U.S.C. § 1030(a)(4)
  • Conspiracy to commit wire fraud, in violation of 18 U.S.C. § 1349;
  • Money laundering conspiracy, in violation of 18 U.S.C. § 1956(h)
  • Two counts of aggravated identity theft, in violation of 18 U.S.C. § 1028A(a)(1)

Two of the defrauded cryptocurrency exchanges are based in the United States. The cybercrimes occurred between July  2017 and March 2018.

The accused used a combination of phishing emails and spoofed web domains to trick cryptocurrency customers. The defendants allegedly used the spoofed domain names to steal customers’ crypto exchange login credentials, including email addresses, password information, and other personal information.

The two Russian defendants also allegedly executed cryptocurrency trades valued at over $5 million USD to create increased demand and price.

U.S. Attorney Anderson said,  “My warning to the public is that digital currency exchanges are not like banks.  The security of digital currency exchanges is only as good as your own vigilance.  While law enforcement will do everything within our power to protect you, you must also protect yourself.”

RELATED: Feds Warn of Phishing Attacks on US Elections

Spoofed Cryptocurrency Domains

Potekhin set up numerous spoof domain names that were crafted to closely resemble legitimate cryptocurrency exchanges. Domain name and website spoofing is a malicious tactic intended to trick internet users into thinking they are on a certain website when in fact they are on an imposter’s fraudulent website. Spoofed domains are strongly associated with cybercrimes like credit card and login credential theft. They may also be used to infect a computer with malware or support other internet schemes.

Potekhin created and controlled at least thirteen fake domains. They use these spoofed domain names to trick over 150 victim cryptocurrency customers into in putting their identification and login credentials into the websites.

Multiple fictitious cryptocurrency accounts on the exchanges using stolen identities. The two Russian Nationals used stolen personally identifiable information from three victims in the United Kingdom and used the data to create exchange accounts to launder money.

IPVanish (ad)

“Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service,” says the DOJ.

US Treasury Tracks Down Stolen Money

“The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit, says the US Department of the Treasury.

US Treasury Sanctions Russians

In addition, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned both Potekhin and Karasavidi.  and filed documents seeking the civil and criminal forfeiture of assets traceable to the alleged crimes.” the U.S. Department of the Treasury explained. “Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains.

The indictment was filed on 18 February and made public today

Filed Under: News Tagged With: Russia

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version