Hackers pumped and dumped GAS cryptocurrency for $16.8 million, alleges US DOJ
US authorities have charged two Russian men with allegedly defrauding cryptocurrency exchanges and their customers out of at least $16.8 million.
The men – Danil “Cronuswar” Potekhin, 25, and 35-year-old Dmitrii Karasavidi, of Voronezh and Moscow respectively – are said to be responsible for a phishing campaign that targeted customers of cryptocurrency exchanges between July 2017 until at least October 2018.
Potekhin is accused of creating spoof websites that mimicked legitimate cryptocurrency exchange websites, but were really designed to steal the login credentials of victims.
Potekhin is said to have created and managed at least 13 fake domains posing as the Poloniex exchange. Similarly, sites were set up posing as the Binance and Gemini exchange platforms.
Hundreds of victims of the exchanges are alleged to have been tricked into entering their passwords on the bogus sites, allowing Potehkin to access their real cryptocurrency accounts.
According to the US Treasury, Potekhin and his accomplices then used a variety of different techniques to steal funds.
Exfiltration of the digital currency is alleged to have taken place through a variety of means, including:
- Using exchange accounts created using fictitious or stolen identities
- Circumventing exchanges’ internal controls
- Converting funds into different types of virtual currency
- Moving virtual currency through multiple intermediary addresses
But for me the most interesting scheme involved attempting to manipulate a cryptocurrency’s price to maximise its value.
According to the US authorities, Potehkin is accused of using the combined $5 million worth of cryptocurrency in victims’ accounts to purchase an inexpensive digital currency called GAS.
As a consequence, GAS’s price rose considerably – pumped up by the large investment from hacked accounts. With GAS’s price pumped up dramatically, the alleged hackers are said to have dumped their GAS holdings, converting them into other types of cryptocurrency and making a quick profit.
According to the indictment, the market price of GAS had been artificially raised from “approximately $18 to $2,400.”
The victims whose accounts had been hacked, meanwhile, were left with an overvalued GAS cryptocurrency investment, which rapidly plummeted back down again.
US law enforcement allege that proceeds from these attacks were ultimately laundered into an account in Karasavidi’s name, after attempts were made to conceal the transfer through multiple cryptocurrency accounts.
Millions of dollars in virtual currency and dollars have since been seized by US authorities.
Potekhin and Karasavidi have been charged with conspiracy, computer fraud, wire fraud, identity theft, and money laundering. The maximum penalty for all charges is 59 years imprisonment.
Economic sanctions have also been issued against the defendants, freezing their property and making it a criminal offence for US citizens to deal with them.
David L. Anderson, the U.S. Attorney for Northern District of California, issued a stark warning to the public about the risks associated with cryptocurrency exchanges:
“Digital currency exchanges are not like banks. The security of digital currency exchanges is only as good as your own vigilance. While law enforcement will do everything within our power to protect you, you must also protect yourself.”
In May 2019 the US Treasury’s Financial Crimes Enforcement Network (FinCEN) issued an advisory warning about the risks posed by virtual currencies, and how cybercriminals are continuing to exploit cryptocurrencies to support illegal activity, money laundering, and other activities.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
The post ” Hackers pumped and dumped GAS cryptocurrency for $16.8 million, alleges US DOJ” appeared first on TripWire
Source:TripWire – Graham Cluley