Bitcoin
$63,086.21-4.40%
Ethereum
$3,103.20-4.51%
Binance Coin
$604.39-0.37%
Solana
$143.68-8.40%
XRP
$0.51624202-4.43%
Dogecoin
$0.14849624-7.18%
Toncoin
$5.18-8.80%
Cardano
$0.46537130-5.59%
Shiba Inu
$0.00002474-7.83%
Avalanche
$34.91-9.26%
Tron
$0.11543890+1.57%
Wrapped Bitcoin
$63,112.95-4.45%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
33
DAYS
22
HR
21
MIN
53
SEC
Markets

Prosecutors Detail Russians' Crypto Phishing Scheme in Forfeiture Suit

The alleged hackers also manipulated NEO's Gas market with a $5 million crypto infusion.

By Danny Nelson
AccessTimeIconSep 17, 2020 at 4:11 p.m. UTC
Updated Sep 14, 2021 at 9:57 a.m. UTC
Danil Potekhin and Dimitrii Karasavidi face a growing list of U.S. legal troubles. (wk1003mike/Shutterstock)
Danil Potekhin and Dimitrii Karasavidi face a growing list of U.S. legal troubles. (wk1003mike/Shutterstock)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

The two Russians who were sanctioned earlier this week by the U.S. Treasury Department on accusations of being crypto thieves allegedly got their millions through market manipulation and phishing. 

Prosecutors detailed Danil Potekhin and Dimitrii Karasavidi’s alleged heists, victims and target exchanges in a 30-page forfeiture complaint filed Wednesday against the pair’s previously seized crypto funds.

  • Karasavidi and Potekhin allegedly “deployed” a series of bogus Poloniex, Gemini and Binance lookalike sites that duped unwitting users into sharing their login credentials, giving the hackers control of wallets. 
  • They then “drained” $20 million worth of bitcoin (BTC), ether (ETH) and NEO from victims’ accounts, according to the complaint. Prosecutors said the lion’s share ended up in Karasavidi’s Bitfinex account.
  • Other funds were frozen by Poloniex and quickly seized by authorities, who filed the lawsuit to take control of 15,602 ETH, 199.8 BTC, $6.1 million in cash and 1,199 NEO, a total worth $14.2 million at press time.
  • That ETH haul was actually the product of a separate hacker scheme: market manipulation, authorities say. 

In late October 2017, hackers pumped $5 million of one victim’s crypto into NEO’s Gas market, skyrocketing the usually sleepy token’s value 13,000% before ordering their personal gas-holding Poloniex accounts to cash out into ETH. The victim “lost virtually all of his $5 million in cryptocurrency,” prosecutors alleged.

  • Prosecutors also claimed the hackers attempted to cover up the stolen crypto’s origin by “layering” funds – a classic money-laundering technique. 
  • Treasury officials said they used “blockchain tracing analysis” to follow the ETH from the Poloniex manipulation and the Poloniex, Binance and Gemini phishing schemes into Karasavidi’s Bitfinex account.
  • They further claimed to have identified Potekhin as the owner of multiple misspelled Poloniex domain names linked to the phishing scheme.
  • Similar tactics were used against Binance and Gemini customers, the regulator said in the lawsuit.

Karasavidi and Potekhin face a mounting lineup of legal troubles. This week, they’ve been added to the Treasury Department’s OFAC blacklist and also face federal wire fraud, hacking and money laundering charges.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.