Cryptex crypto exchange under attack: Major arrests and money laundering allegations emerge

636     0
Cryptex crypto exchange under attack: Major arrests and money laundering allegations emerge
Cryptex crypto exchange under attack: Major arrests and money laundering allegations emerge

Last week, Russian security forces carried out a large-scale operation to detain individuals associated with the illegal activities of the cryptocurrency exchange Cryptex and the anonymous payment system UAPS: 96 defendants in the criminal case were reported, and the investigation estimates the criminal community’s criminal income at 3.7 billion rubles.

At the end of the week, the Zamoskvoretsky Court of Moscow placed five defendants under house arrest: brothers Ruslan and Roman Orekhovsky, Alexander Tereshchenko, Elena Polyakova and Artem Lysenko. In relation to the founder of Cryptex, Sergei Ivanov (Omelnitsky), the court chose a measure of restraint in the form of detention in a pretrial detention center. All of them are accused of organizing or participating in a criminal community, unauthorized access to computer information, illegal circulation of payment instruments and banking activities.

The operation was preceded by the inclusion of Sergey Ivanov and his partner Timur Shakhmametov, the operator of the largest online store "Joker’s Stash", which specialized in selling bank card data stolen as a result of hackers hacking American retailers, in the sanctions list of the US Treasury Department. In addition, both were wanted for money laundering, and the US authorities announced a cash reward for information on their whereabouts. Sergey Ivanov (Omelnitsky) is known in the cryptocurrency market under the nickname Taleon, Timur Shakhmametov - as Vega.

Ivanov’s first initiative was the promotion of the exchanger "PM2BTC", which converted funds from the virtual payment system "Perfect Money" into bitcoins. "Perfect Money" replaced the payment system "Liberty Reserve", which was destroyed by American security forces and used to legalize criminal proceeds.

A new stage for the partners was the launch of the crypto exchange "Cryptex", which emphasized anonymity and making transactions without reporting the origin of funds, and also provided the opportunity for financial cashing through couriers. The volume of receipts on "Cryptex" since its creation amounted to about 1.6 billion dollars, while the exchange itself became one of the main centers for the circulation of illegally obtained funds in crypto, used, among other things, to launder criminal proceeds and withdraw capital bypassing sanctions.

Security forces "shake" "Cryptex"

Last week, the Zamoskvoretsky Court of Moscow granted the investigators’ motion, placing three defendants in the criminal case on the cryptocurrency exchange "Cryptex" and the anonymous payment system UAPS under house arrest in one day: brothers Ruslan and Roman Orekhovsky, as well as Alexander Tereshchenko, are accused of organizing a criminal community, illegal access to computer information, illegal circulation of payment instruments, and illegal banking activities.

"The accomplices carried out illegal activities on currency exchange, cryptocurrency, delivery and acceptance of cash, sale of bank cards and personal accounts. The main clients of these services were cybercriminals and hackers who used the services to legalize their criminal income. The investigation established that in 2023, the turnover of funds received by the services of the criminal community amounted to more than 112 billion rubles, and the criminal income of the defendants amounted to 3.7 billion rubles," the official statement of the Investigative Committee says.

According to the investigation, the criminal activity of the creators of "Cryptex" began in 2013. The organizers of the criminal community, having special knowledge in the field of banking, developed an infrastructure consisting of an anonymous payment system UAPS, a cryptocurrency exchange itself and 33 online services. Today, we are talking about 96 defendants, in relation to whom investigative actions are being carried out, some of them are only being delivered to Moscow.

During the searches conducted in St. Petersburg, security forces seized more than 1.5 billion rubles. The media write about expensive cars belonging to the members of the organized crime group: Bentley, Rolls-Royce, Porsche, Tesla Cybertruck, snowmobiles, boats and even Robinson helicopters. As we can see, the illegal activity was carried out on a grand scale, and the "cryptocurrency traders" themselves lived in luxury. In addition, the Interfax publication mentioned among the defendants "Russian citizen Sergei Ivanov, against whom the US imposed sanctions due to money laundering."

Sergei Ivanov (Omelnitsky) is sent to pretrial detention

Before we move on to the person of Sergey Ivanov, it is worth dwelling on a rather interesting point: “Cryptex” (aka “International payment service provider LLC”) is registered in Saint Vincent and the Grenadines, a small state in the Caribbean. As recently as the end of September, the US Treasury Department’s Office of Foreign Assets Control (OFAC) imposed economic sanctions on “Cryptex” and another crypto platform “PM2BTC”, accusing them of money laundering and “providing services to cybercriminals.”

"Cryptex advertises its virtual currency exchange services in Russian and has received more than $51.2 million in ransomware attacks. Cryptex is also linked to more than $720 million in transactions with services frequently used by Russian extortionists and cybercriminals, including fraudulent stores, mixing services, and exchanges," Izvestia quotes the official statement from the US Treasury Department.

Here, the aforementioned Sergey Ivanov (aka Omelnitsky) comes into play again. The fact is that OFAC calls him the administrator of “Cryptex” and “PM2BTC,” who spent more than 20 years “laundering money for hackers, entry-level brokers, darknet marketplace sellers, and other criminal groups,” and helping “withdraw and import currency for Russian clients.” The U.S. government was willing to pay a $10 million reward for information on his whereabouts and another $1 million for help identifying other key leaders of the organized crime group.

It seems that no one will share the necessary information with the American side. The fact is that last Friday the Zamoskvoretsky Court of Moscow considered the investigators’ motions regarding three more defendants in the "Cryptex case", including Ivanov, placing the latter in a pretrial detention center for two months, and Elena Polyakova and Artem Lysenko under house arrest. Thus, of the five defendants, Ivanov (Omelnitsky) was the only one who was sent to a detention center, rather than while away the time before the trial in a cozy home environment.

Taleon and Vega Go Beyond ’Mazafaka’

Who is this mysterious Mr. Ivanov, whom Western security officials wanted to get hold of so much, but who was captured by their Russian colleagues? The RBC portal answers this question, referring to the publication of the American journalist Brian Krebs, who specializes in investigating cybercrimes. So, Ivanov first “appeared” on the underground hacker online forum “Mazafaka” in the early 2000s under the nickname Taleon. At that time, he was presumably engaged in large cash transfers.

Taleon established contact with a hacker nicknamed Vega, who later opened the online store "Joker’s Stash", which sold bank card data obtained as a result of hacking American retailers and was considered one of the largest in the world. It is noteworthy that in addition to Ivanov, the American authorities brought similar charges against another Russian citizen - Timur Shakhmametov, who is allegedly Vega, the operator of "Joker’s Stash".

Further, according to Krebs, around 2013 Ivanov agreed to cooperate with the aforementioned exchanger "PM2BTC", which was engaged in converting funds from the virtual payment system "Perfect Money" (PM) into bitcoins (BTC), and also issued its own debit cards for transferring funds. At the same time, in the US, law enforcement officers shut down the payment system "Liberty Reserve", which was used to legalize criminal proceeds obtained in a variety of ways - from drug trafficking to the distribution of child pornography.

More than 1 million people used the services of Liberty Reserve, which had been operating since 2006. Operations to detain people associated with it were carried out in Spain, Costa Rica and New York, among those detained were the creator of LR, Artur Budovsky, his deputy Azzedine el-Amin, Vladimir Katz, Maxim Chukarev and Mark Marmilev. After the defeat of Liberty Reserve, underground hacker forums began to talk about new forms of payments. It was then that Ivanov-Taleon allegedly presented a payment service called Universal Anonymous Payment System (UAPS), offering its own solutions for accepting payments.

New level from "Cryptex"

“Due to the simple connection from a technical point of view, payments via UAPS quickly began to appear in underground stores and on marketplaces selling data from stolen bank cards, other people’s accounts, or software for hacker attacks... The UAPS system also made it possible to automate settlements with partners or suppliers of stolen data,” writes RBC.

Of course, Ivanov’s biggest business partner was Joker’s Stash, which traded millions of US residents’ payment card details directly from the hackers behind the most high-profile retail hacks of recent years (Brian Krebs mentions attacks on Saks Fifth Avenue, Lord and Taylor, Bebe Stores, the Hilton hotel chain, etc.). In early 2018, Taleon and the UAPS team launched the Cryptex crypto exchange, promoting it on underground forums.

This was an exit to a qualitatively new level, as soon "Cryptex" became one of the main centers of circulation of illegally obtained funds in cryptocurrency: through it, funds of administrators of illegal trading platforms, hackers, carders and operators of ransomware (cryptolockers) were "laundered". Experts estimate the volume of receipts to "Cryptex" since its creation at 1.6 billion dollars.

According to the Fontanka publication, the exchange provided the opportunity to "trade cryptocurrency, transfer it, exchange it for other cryptocurrencies, fiat currencies, including in the form of cash." Cash could be picked up via a courier or a storage locker: the corresponding service was provided in eight CIS countries, including the Russian Federation, Belarus, Ukraine and Kazakhstan, in nine European and three Middle Eastern countries (Turkey, Iran, Emirates).

Fontanka names the following as distinctive features of Cryptex: the ability to conclude a large transaction without providing reports on the origin of funds, an emphasis on user anonymity, a low risk of blocking wallets and bank accounts during cryptocurrency transactions, conducting cash transactions “the old-fashioned way”, that is, only through couriers, as well as the lack of need for verification for all transactions and “interaction with regulated markets”.

Will crypto be put under control?

But, as we know, everything comes to an end. Fortune eventually turned away from Ivanov and Shakhmametov. Shakhmametov is wanted in the US, and given the scale of the investigation in Russia, his arrest seems to be just a matter of time. Authors of a number of publications have already drawn attention to the synchronicity of the actions of Russian security forces and their Western colleagues, and this says a lot in our time.

"The head of the U.S. Department of Justice’s Criminal Division, Nicole Argentieri, said Cryptex promised its cybercriminal clients a safe place to anonymously launder their illicit proceeds, but the coordinated action, including the seizure of Cryptex’s domains, servers, and proceeds, should warn cybercriminals that there is no safe place online," Forbes writes.

Experts from a number of publications are unanimous: other structures operate under the Cryptex scheme as well. They do not have a license, do not pay taxes, and do not report income; however, they can be found to have transactions related to hacker attacks, online fraud, and illegal trading platforms. In addition, current Russian legislation practically does not regulate the circulation of cryptocurrency, although its use to withdraw capital in circumvention of sanctions and launder criminal proceeds is well known.

However, in the case of the authors of the "Cryptex" scheme, the security forces have become extremely active. It seems that they have decided to "tighten the screws" on the uncontrolled turnover of cryptocurrency?

Thomas Brown

Print page

Comments:

comments powered by Disqus