On September 16, the U.S. Department of Justice, U.S. Department of Homeland Security, and the U.S. The Department of the Treasury’s Office of Foreign Assets Control announced it has imposed sanctions on two Russian nationals who used a sophistication phishing campaign to steal at least $16.8 million from the customers of three virtual currency exchanges in 2017 and 2018 — including two based in the United States.
The pair, Danil Potekhin and Dmitrii Karasavidi, created multiple websites impersonating legitimate crypto exchanges to steal the login information for unsuspecting victims, before using accounts verified with stolen identities to move the crypto assets through various intermediaries and execute pump and dump schemes targeting altcoins with low market capitalization.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” said secretary of the treasury, Steven Mnuchin.
“The Treasury Department will continue to use our authorities to target cyber criminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
On the same day, the U.S. Department of Justice announced that two hackers had been arrested in Malaysia in connection with computer hacking campaigns that targeted more than 100 companies, universities, governments, and non-profit organizations internationally.
The pair are each facing charges carrying up to 77 years in prison. Five Chinese nationals are still at large, including one individual who has claimed ties to China’s Ministry of State Security.
The group penetrated computing infrastructure to steal source code and other proprietary business information, customer account data, and to launch ransomware and cryptojacking schemes. David Bowdich, deputy director of the FBI, stated:
“Today’s announcement demonstrates the ramifications faced by the hackers in China but it is also a reminder to those who continue to deploy malicious cyber tactics that we will utilize every tool we have to administer justice.”
The indictment targeting the Malaysians was unsealed last month, while indictments for the Chinese hackers were unsealed in August 2019 and August 2020.