Federal grand jury indicts computer fraudsters targeting cryptocurrency exchanges

Maria Nikolova

Danil Potekhin a/k/a cronuswar and Dmitrii Karasavidi have been charged with crimes in connection with an alleged conspiracy to defraud three cryptocurrency exchanges and their customers.

A federal grand jury indicted Russian nationals Danil Potekhin a/k/a cronuswar and Dmitrii Karasavidi a/k/a Dmitriy Karasvidi, charging them with crimes in connection with an alleged conspiracy to defraud three cryptocurrency exchanges and their customers of cryptocurrency valued at the time of the theft and manipulation at a minimum of $16.8 million in cryptocurrency.

The Superseding Indictment, filed February 18, 2020, was unsealed on Wednesday, September 16, 2020. According to the Superseding Indictment, Potekhin, of Voronezh, Russia, created numerous web domains that mimicked those of legitimate virtual currency exchanges. This tactic used a combination of “phishing” and “spoofing” to exploit Internet users’ trust in known companies and organizations to fraudulently obtain their login credentials, including email addresses, password information, and other personal information. When unwitting customers accessed the fraudulent websites and entered their login information, Potekhin and his co-conspirators stole the victims’ credentials and gained access to their cryptocurrency accounts, from which they stole funds or which they used to manipulate cryptocurrency markets for their own gain.

The Superseding Indictment describes similar attacks perpetrated against the customers of three cryptocurrency platforms, two of which are based in the United States, and one based abroad. Victims of the attacks are alleged to have included people residing in the Northern District of California.

According to the allegations, beginning in July 2017, Potekhin created and controlled at least 13 separate fake domains for a U.S.-based digital currency exchange. Using the fake domains, the defendants induced more than 150 victim customers of the exchange to input their user identification and passwords.

Potekhin and Karasavidi, of Moscow, also created multiple fictitious accounts with the same digital currency exchange, and used stolen information from at least three individuals from the United Kingdom to create three of those accounts. The defendants then used the stolen credentials from the victim customers to access the victims’ accounts in August 2017 and withdraw digital currency without authorization. By linking the fictitious accounts to the accounts of victim customers, the defendants were able to withdraw larger sums of digital currency from victim accounts without authorization.

The crimes also involved a sophisticated market manipulation scheme that began in July 2017 using the stolen customer credentials of the same U.S.-based digital currency exchange and culminated in a manipulation attack that targeted three victim customers. The defendants first created a number of fictitious accounts on the same platform and each account purchased an inexpensive digital currency known as GAS prior to the manipulation. Then, on October 29, 2017, the defendants took control of the three victim customer accounts and used the digital currency contained in those accounts, with a value of over $5 million at that time, to purchased GAS at the same time, which increased demand and price. The defendants and their co-conspirators then quickly converted the digital currency in their fictitious accounts from GAS to Bitcoin and other digital currencies, causing the value of GAS to plummet and leaving the value of GAS that remained in the victim customer accounts worthless, causing a loss to these three victims of approximately $5 million.

The Superseding Indictment also alleges similar fraud schemes that took place between October 2017 and March 2018, and which resulted in theft attacks targeting victim customers of another U.S.-based digital currency exchange and one based abroad. The value of the stolen digital currency at the time of the thefts was over $11 million.

The Indictment alleges the defendants laundered the proceeds of the attacks and attempted to conceal the nature and source of the digital currency by transferring them in a layered and sophisticated manner through multiple accounts. Ultimately, a significant amount of the stolen digital currency was deposited into Karasavidi’s account.

Potekhin and Karasavidi have been charged with conspiracy to commit computer fraud and abuse, in violation of 18 U.S.C. § 1030(b); computer fraud, in violation of 18 U.S.C. § 1030(a)(4); conspiracy to commit wire fraud, in violation of 18 U.S.C. § 1349; money laundering conspiracy, in violation of 18 U.S.C. § 1956(h); and two counts of aggravated identity theft, in violation of 18 U.S.C. § 1028A(a)(1).

The U.S. Attorney also filed an action for forfeiture of millions of dollars of virtual currency that allegedly are traceable to the defendants’ crimes. According to the forfeiture complaint, law enforcement has seized, and the U.S. Secret Service currently is in custody of, over $6 million in U.S. dollars, and several million in digital currency, the value of which changes based on the market.

In addition to the criminal charges, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced it has issued sanctions against the two Russian nationals.

Read this next

Retail FX

Plus500 sees modest growth in Q1 revenues, EBITDA margin decreases

Israeli-based, but London-stock market listed Plus500 Ltd (LON:PLUS) today reported a 4% increase in revenue for the first quarter of 2024, with figures rising from $207.9 million in Q1 2023 to $215.6 million.

Technical Analysis

FTSE 100 Technical Analysis Report 16 April, 2024

FTSE 100 index can be expected to fall further toward the next support level 7760.00, former strong resistance from last year, acting as the support after it was broken this January.

Digital Assets

Cyprus keeps FTX EU license suspended until September

The Cyprus Securities and Exchange Commission (CySEC) has extended the suspension of FTX.com’s CIF license, which allowed the insolvent platform to operate throughout Europe, until September 30, 2024.

Metaverse Gaming NFT

Mon Protocol and Pixelverse Forge a Groundbreaking Partnership to Revolutionize Blockchain Gaming

Mon Protocol and Pixelverse make history in the annals of Blockchain gaming as they set up the architecture for the melding of their technologies.


Nimiq Pay Launch: A New Standard For Self-Custodial Crypto Payments

Nimiq, the blockchain ecosystem for payments that is designed to make cryptocurrency easy for everyone to use, has taken the first concrete steps towards its goal of becoming the world’s most widely-accepted digital asset for payments with the launch of Nimiq Pay.

Inside View, Interviews

Exclusive: GoMining’s Mark Zalan wants to democratize opportunities of Bitcoin halving

As the Bitcoin community counts down to the upcoming Bitcoin halving, Mark Zalan, CEO of GoMining, shared exclusive insights into how the company is gearing up for this pivotal event in the cryptocurrency world.

Digital Assets

Umoja Partners with Merlin Chain to Launch Revolutionary Bitcoin-Based Synthetic Dollar – USDb

Umoja, an innovative smart money protocol, has embarked on a strategic partnership with Merlin Chain, a leading Bitcoin Layer-2 network, to introduce USDb, the first Bitcoin-based, high-yield synthetic dollar.

Crypto Insider

Bybit Report Highlights Imminent Bitcoin Supply Shortage and Rising Scarcity Post-Halving

Bybit, recognized as one of the top three cryptocurrency exchanges globally in terms of trading volume, has recently published a comprehensive report highlighting the future supply constraints of Bitcoin.


BlockDAG Outshines XRP Price Breakout and Uniswap Crypto Forecast with 20,000x ROI Potential and Teaser for Keynote on Moon

BlockDAG has become the latest sensation in the crypto world, which has taken the spotlight by storm, overshadowing even the most optimistic projections for XRP’s price breakout and Uniswap’s crypto forecast.