United States authorities have imposed sanctions on two Russian men who stole $16.8 million worth of cryptocurrencies in spoofing attacks.
In a joint operation with the U.S. Department of Homeland Security and the Justice Department, the Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions similar to those imposed on officials of hostile regimes, major drug traffickers, and “those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.”
Aside from seizing or freezing “all property and interests in property” from sanctioned persons, under the law “U.S. persons generally are prohibited from dealing with them,” according to the OFAC website.
The Secret Service also seized millions of dollars in cryptocurrencies and cash allegedly stolen in the sophisticated phishing and spoofing attacks by Russian nationals Danil Potekhin and Dmitrii Karasavidi in 2017 and 2018.
This is the most recent seizure of crypto assets performed by the United States authorities. At the end of August, the U.S. Department of Justice seized gaming and real estate tokens from North Korean hackers who stole about $250 million from cryptocurrency exchanges.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” Treasury Secretary Steven Mnuchin said in a statement. “The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
Potekhin and Karasavidi allegedly created websites that looked a lot like those of real cryptocurrency exchanges which stole user credentials when victims tried to access the service. At that point, the attackers were able to siphon off the crypto assets and recycle the funds using exchange accounts created using fictitious or stolen identities.
The two also engaged in market manipulation by acquiring great quantities of inexpensive crypto assets quickly to increase demand and price in order to sell it later at a profit. Karasavidi laundered the proceeds into an account in his name while attempting to conceal the fund’s provenance by transferring them through multiple accounts and multiple blockchains.
A growing priority
“Since its inception in 1865 to combat U.S. currency counterfeiting, the Secret Service has remained committed to safeguarding the Nation’s financial infrastructure,” said David Smith, the U.S. Secret Service Criminal Investigative Division’s special agent in charge. “The Secret Service mission has evolved to combat cyber fraud by tracing and seizing fraudulently obtained virtual currencies. These recent actions highlight the efforts of law enforcement to provide attribution to cybercriminals wherever they may reside.”
The seizures also demonstrate “the important role that a robust anti-money laundering and countering the financing of terrorism (AML/CFT) regime plays in deterring cybercrimes,” the Treasury Department said, highlighting authorities’ growing ability to trace cryptocurencies—even privacy coins like Dash, Zcash and Monero.
“As Potekhin and Karasavidi resorted to complex schemes to circumvent exchanges’ compliance controls, they created a trail of evidence that helped investigators to identify them and hold them accountable,” it added. “Because profit-motivated cybercriminals must launder their misappropriated funds, AML/CFT regimes pose a critical chokepoint in countering and deterring this criminal activity.”