Sandworm
https://theins.ru/politika/236113 ( Russian)
Book:
Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers Hardcover – November 5, 2019
https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405
Here is such propaganda about Russian hackers.
Although every major country in the world has such teams
Topic: US charges two Russian crypto hackers (Read 788 times)
As long as these two remain in Russia, they are going to be safe. A part of the funds has been seized by the US authorities. But at this point I don't think that they can do much more than this. Especially after the controversy surrounding the arrest of Alexander Vinnik, I don't think that the Russians will cooperate with the American authorities (and deportation is a strict no-no).
One of the accused is an ethnic Greek and I assume him to have dual Russian-Greek nationality. At the most, the Americans can force the government of Greece to cancel his Greek passport.
One of the accused is an ethnic Greek and I assume him to have dual Russian-Greek nationality. At the most, the Americans can force the government of Greece to cancel his Greek passport.
If relations between countries are conflicting and any requests are processed for a very long time, then some companies have learned to make money on this.
Group-IB, Deteact, Kaspersky and other companies are addressing these issues. They find criminals and pass the data on to the police. And the Russian police turn to these companies for help, and the police get it for free, because in most cases they do not have such specialists.
This new milestone, if you have the money, you can always find a hacker.
Group-IB, Deteact, Kaspersky and other companies are addressing these issues. They find criminals and pass the data on to the police. And the Russian police turn to these companies for help, and the police get it for free, because in most cases they do not have such specialists.
This new milestone, if you have the money, you can always find a hacker.
This is a move that I would personally encouraged because it sends a message to people that the crypto world is not a free for all that you can come in because you have a special skill or smarter than other but you believe that those skills can not be put into better use than to steal people resources and make them cry just because they wanted to earn legitimate inflow of a platform that they have been provided such opportunity. Kudos to the United States government agencies for taking this initiative.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Let's see the response of the Russian government about this. These 2 are extremely dangerous. When they are free we don't feel safe about our virtual money.
It's unaccepted one.Russian government should do such things,US should do the spectator role and not decision making role.Since their is no diplomatic relationship between US and Russia.US not have a power to counter part the Russian Hackers.The sentence should be done after a proper Judicial trial.
In politics, you can very often find double standards when foreign countries do not fulfill their obligations to Russia, but they do not like to discuss this in the news.
Not sure how these court cases usually play out, but in theory a good lawyer is going to ask the government how they tracked these users down and unless it's a sealed case, those methods should be made public, no?
Good question but it's still a charges the government have to prove the evidences that these people are guilty before they are convicted the much bigger question if all the accused are residing in a country where there is no diplomatic relationship, how are they going to extradite these people, I believe the trial will push through, this is something to watch out for.
It's unaccepted one.Russian government should do such things,US should do the spectator role and not decision making role.Since their is no diplomatic relationship between US and Russia.US not have a power to counter part the Russian Hackers.The sentence should be done after a proper Judicial trial.
Not sure how these court cases usually play out, but in theory a good lawyer is going to ask the government how they tracked these users down and unless it's a sealed case, those methods should be made public, no?
Good question but it's still a charges the government have to prove the evidences that these people are guilty before they are convicted the much bigger question if all the accused are residing in a country where there is no diplomatic relationship, how are they going to extradite these people, I believe the trial will push through, this is something to watch out for.
I will write another theory.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
https://www.youtube.com/watch?v=OPZfpS2uEp4
Not the first time someone's doing something like this. But if anyone tried driving like that in some European countries, they'd go to prison.
You will definitely not see such traditions in the USA.
https://www.youtube.com/watch?v=j2EFNKdXBnY
If someone does not understand what is happening, then it is very honorable to go after the groom's car, so the drivers are fighting for this place.
In Russia, pallets and machine guns are prohibited, but there is also a tradition to shoot at a wedding.
https://www.youtube.com/watch?v=Vz1pewNDYXg
https://www.youtube.com/watch?v=CQ3eVNZmj5M
I will write another theory.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
https://www.youtube.com/watch?v=OPZfpS2uEp4
Not the first time someone's doing something like this. But if anyone tried driving like that in some European countries, they'd go to prison.
The Russian people have a proverb: "there is a very small distance between courage and stupidity."
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
I think it will be in the future, as hackers or cyber criminal themselves have been viewed by the US as threat to their national security. So yeah, there is a political context and we might see countries filing diplomatic protest in the process, not that far fetch.
It this case, well the hacker shows his face in the camera, so this is like criminals making fun and taunting US. Not well taken, so US make it a case to haunt this hackers and bring him to US soil to face charges.
I will write another theory.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
I think the criminals have the habits of showing off, specially when they break law and think that they are above it. We have seen criminals even glorified in Hollywood movies. Again, for this hackers he seems to be living the life of a real hackers seen in movies, travelling around the country even though he has a criminal past and think he even the US will not get to him. Maybe he thinks he can hide under the guise of politics (Russia vs US). But obviously he is very wrong.
The Russian people have a proverb: "there is a very small distance between courage and stupidity."
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
I think it will be in the future, as hackers or cyber criminal themselves have been viewed by the US as threat to their national security. So yeah, there is a political context and we might see countries filing diplomatic protest in the process, not that far fetch.
It this case, well the hacker shows his face in the camera, so this is like criminals making fun and taunting US. Not well taken, so US make it a case to haunt this hackers and bring him to US soil to face charges.
I will write another theory.
Most Russians love to show off. I think you've heard a lot of stories about Russian majors who break the law or shoot this camera for YouTube. This is one of the ways to become famous and popular.
If you drive a car through the cities of the United States at a speed of 300 km per hour, you will be sent to prison, and there will be no punishment in Russia.
https://www.youtube.com/watch?v=3FPH_dzd0as
Perhaps these people know that they will not be punished in Russia, so they brag to the camera.
So he was vacationing and thought that he is safe in Europe and beyond US, but with Interpol's help, he was caught extradited to US, not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
He was over confident about his position and he thought he was too intelligent and powerful to stay away from the authorities that are after him 
.Hacking is one aspect but when stupid people are involved with blackhat methods and does not understand the consequences it is a great lesson as he ruined his life.
And maybe he was just really dumb and went to the extremes of not hiding himself in plain public. And since he is identified, perhaps he uses his real name, got a hit on Interpol, and got arrested soon.
not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
Ties with USA due to being an EU and NATO member are more important so the legal battle amounted to taking advantage of the rights he had as a detainee in Czechia. Prague is still infamous for being a hive of Russian spies but their golden years are over.
If a hacker breaks into government services, then he will be found in another country, and the security services will not look at the laws of other countries.
Good theory, the more high profile attack, the more US will get their hands on it. Just like what happened to the recent Twitter hack, FBI got involved when high profile personalities account was hacked. And in matter of days, the culprit was caught. Maybe it's comparable to Bin Laden's daring attempt by the US to capture him dead or alive in a foreign soil. Imagine the repercussions on breaking a foreign soil air without notification. Pakistan did file for diplomatic protest but nothing has move ever since.
The Russian people have a proverb: "there is a very small distance between courage and stupidity."
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
I think it will be in the future, as hackers or cyber criminal themselves have been viewed by the US as threat to their national security. So yeah, there is a political context and we might see countries filing diplomatic protest in the process, not that far fetch.
It this case, well the hacker shows his face in the camera, so this is like criminals making fun and taunting US. Not well taken, so US make it a case to haunt this hackers and bring him to US soil to face charges.
The Russian people have a proverb: "there is a very small distance between courage and stupidity."
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
If someone shows his face to the camera, then he has serious protection or he is sick with an incurable disease and he has a very short time to live.
Recently, statements about Russian hackers have been in a political context.
The name codename of Danil is kinda familiar to me. I think I already watched him from a page on Facebook which is called "VICE".
That this man is too confident with his job as a hacker and even showed his real face on the camera. Definitely, this guy has balls. But
yes, there is the reward though. But if I were wrong, are these documents dated in the month of February this year? right?
That this man is too confident with his job as a hacker and even showed his real face on the camera. Definitely, this guy has balls. But
yes, there is the reward though. But if I were wrong, are these documents dated in the month of February this year? right?
The more high-profile a hack or theft the more resources may be engaged to find the culprit(s), and perhaps diplomatic pressure applied to ensure there are no unnecessary delays in extradition proceedings, but that's usually it. Even if there are no extradition agreements between countries, an extradition can still take place if authorities of the extraditing country decide so, or are in some way encouraged (e.g. anakata's extradition from Cambodia).
not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
Ties with USA due to being an EU and NATO member are more important so the legal battle amounted to taking advantage of the rights he had as a detainee in Czechia. Prague is still infamous for being a hive of Russian spies but their golden years are over.
If a hacker breaks into government services, then he will be found in another country, and the security services will not look at the laws of other countries.
So he was vacationing and thought that he is safe in Europe and beyond US, but with Interpol's help, he was caught extradited to US, not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
He was over confident about his position and he thought he was too intelligent and powerful to stay away from the authorities that are after him .Hacking is one aspect but when stupid people are involved with blackhat methods and does not understand the consequences it is a great lesson as he ruined his life.
not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
Ties with USA due to being an EU and NATO member are more important so the legal battle amounted to taking advantage of the rights he had as a detainee in Czechia. Prague is still infamous for being a hive of Russian spies but their golden years are over.
And this is one example on how US, with their long arms, can catch the hackers, if these two Russian tend to relax their guards, Russian Who Hacked LinkedIn, Dropbox Sentenced to 7 Years in Prison.
So he was vacationing and thought that he is safe in Europe and beyond US, but with Interpol's help, he was caught extradited to US, not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
Quote
Nikulin was arrested in Prague on October 5, 2016, by Interpol agents working in collaboration with the FBI, and extradited to the United States in March 2018 after a long extradition battle between the U.S. and Russia.
So he was vacationing and thought that he is safe in Europe and beyond US, but with Interpol's help, he was caught extradited to US, not that easy though as it might involved a lot of politics between US and Russia, but eventually he was extradited and sentence to 7 years behind bars.
You are absolutely right, Russia does not extradite its citizens to other states.
But if in Russia the special services find out that these people have money, then they will very simply be taken away.
If this is revenge on hackers from the American intelligence services, then it looks interesting, or is it an admission that Americans cannot do anything
But if in Russia the special services find out that these people have money, then they will very simply be taken away.
If this is revenge on hackers from the American intelligence services, then it looks interesting, or is it an admission that Americans cannot do anything
If FSB or a similar agency takes it all away that alone may disincentivize many a thief.
In the past Russian hackers (or Ukrainian when Ukraine was still Russia-aligned) have managed to get themselves arrested due to their overconfidence, falsely believing certain places won't cooperate with US authorities or extradite them therein. The list of countries they can travel safely to is now very limited, that in itself is a punishment.
That is, they do not steal from the Russian people.
They were asked many questions about going abroad. They said that they had recently vacationed in Turkey and Europe.
In Russia, the law is strict on those who have no money
Social engineering is also hacking, but hacking people, no exceptional coding skills required. Given how often it happens one would think people would learn but alas no, new waves of naive keep coming.
Why is everyone using the word "hacker" for every scammer that manages to steal something on the internet, really the word hacker has lost all its meaning in the last years.
Their biggest mistake is that at the end of the chain the had a real account with the real name and I find this pretty stupid, I don't understand why in the end they felt the need to amas their funds into one account, risk being exposed and end with the funds seized rather than trying to convert their coins at a slower pace through p2p deals or ATMs or anything else.
There is also the possibility that they were too cheap / greedy to do it properly.
By going through multiple exchanges / mixers it would be almost impossible to trace.
By going through multiple exchanges / mixers it would be almost impossible to trace.
Their biggest mistake is that at the end of the chain the had a real account with the real name and I find this pretty stupid, I don't understand why in the end they felt the need to amas their funds into one account, risk being exposed and end with the funds seized rather than trying to convert their coins at a slower pace through p2p deals or ATMs or anything else.
That's a good news, it means the crypto regulation has been strengthen already.
Existence of hackers and scammers, this is what would make the regulators do their job because they need to capture this criminal to build a healthy crypto environment, with this rampant kind of crime if this is the right way to describe it, regulators will certainly impose more strict measures to the market and though it will increase the security, but our privacy might be sacrifice, we have to choose but bear in mind that regulators or government always win.
Existence of hackers and scammers, this is what would make the regulators do their job because they need to capture this criminal to build a healthy crypto environment, with this rampant kind of crime if this is the right way to describe it, regulators will certainly impose more strict measures to the market and though it will increase the security, but our privacy might be sacrifice, we have to choose but bear in mind that regulators or government always win.
You are absolutely right, Russia does not extradite its citizens to other states.
But if in Russia the special services find out that these people have money, then they will very simply be taken away.
If this is revenge on hackers from the American intelligence services, then it looks interesting, or is it an admission that Americans cannot do anything
But if in Russia the special services find out that these people have money, then they will very simply be taken away.
If this is revenge on hackers from the American intelligence services, then it looks interesting, or is it an admission that Americans cannot do anything
If FSB or a similar agency takes it all away that alone may disincentivize many a thief.
In the past Russian hackers (or Ukrainian when Ukraine was still Russia-aligned) have managed to get themselves arrested due to their overconfidence, falsely believing certain places won't cooperate with US authorities or extradite them therein. The list of countries they can travel safely to is now very limited, that in itself is a punishment.
If i were a major government I would have at least Two mixers under my control.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
I second this idea, having a state owned mixer makes sure that there is less shit going under your nose. The problem with these though is it will act as a prohibition for the consumers, this in turn will inspire competition that are less regulated and doesn't have a connection to authorities which makes it a big signal for terrorist sponsors and money launderers to give this illegal mixers. I would suggest that all registered mixers that wants to operate in the country should have cooperate with the authorities in the case that something ilegal might be happening in the mixer. It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Most definitely the case. It's mind boggling how some people have the skills to hack accounts, but not enough knowledge to actually effectively CoinJoin and/or mix the coins. Thankfully it seems like they're incompetent in the privacy side of things though.
There is also the possibility that they were too cheap / greedy to do it properly.
By going through multiple exchanges / mixers it would be almost impossible to trace.
But you wind up with trading fees / possible trading losses / withdrawal fees / etc.
Could be a big percentage.
And a lot of exchanges have KYC over a certain amount per day so there is time and effort involved doing it multiple times.
-Dave
Probably the later though, well it's free money for them, so I don't think that they will look at the price, transaction fees etc. That's why the are careless here, allowing to left a footprint because they think they have made the jackpot. So they become more greedy.
They also did the first half, then forget everything, and after years of investigation, US made a breakthrough, finding their names of exchanges and that is the start of their downfall.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Most definitely the case. It's mind boggling how some people have the skills to hack accounts, but not enough knowledge to actually effectively CoinJoin and/or mix the coins. Thankfully it seems like they're incompetent in the privacy side of things though.
There is also the possibility that they were too cheap / greedy to do it properly.
By going through multiple exchanges / mixers it would be almost impossible to trace.
But you wind up with trading fees / possible trading losses / withdrawal fees / etc.
Could be a big percentage.
And a lot of exchanges have KYC over a certain amount per day so there is time and effort involved doing it multiple times.
-Dave
Not that far from happening as US intelligence has a broader arm specially in EU (if those criminals chooses to travel there). I know the Russian government will simply allow their people to be extradited to the US to face any charges, but what if the Russians themselves arrest the two of them and somewhat for them to 'cough the money off'?
But if in Russia the special services find out that these people have money, then they will very simply be taken away.
If this is revenge on hackers from the American intelligence services, then it looks interesting, or is it an admission that Americans cannot do anything
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Obviously, this is the case because they've been identified and been name.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
It doesn't matter though, in my opinion, bitcoin will still be the prefer crypto that they are going to use. US government can only stay on the top for a brief moment though because criminals are always two to three steps ahead, and the moment you identify them, they might be sitting on a country wherein there is no extradition treaty and using the money for their lavish lifestyle. Not unless the US government really wanted them for other bigger crimes, then they might go after them. But it is difficult if it is a Russian though, there could be some consequences.
I only do not understand 1 thing, why make the names public?
It is not so easy to kidnap citizens of another country and then legally convict them and put them in prison without causing serious political consequences. Especially when it comes to two countries like the US and Russia, and it is about a some ridiculous amount $16.8 million. Public announcement of such news is mostly aimed at preventing and discouraging the commission of similar acts in the future, because it tells hackers "maybe you can steal something, but we will do our best to take it away from you".
Of course, the public announcement of their names means that they are prevented from traveling anywhere outside Russia, unless they want to risk arrest and extradition to the US.
I don't think that this will scare anyone, because in Russia it is very easy to make new documents, usually for this they use data from real people who never travel abroad.
Or maybe everything is completely different, that hackers used documents of strangers. I have met many times when organizations do not properly conduct KYC procedures.
I would agree that there is fame connected to it, specially if it comes from US government. Yes, it might not prevent other personalities or groups to continue to do their hacking activity, create documents and new identification and they can travel abroad, but there are still that risk though. And maybe when you let your guards down, and when you least expected, suddenly US swoop in get into your hotel room and capture you.
Not that far from happening as US intelligence has a broader arm specially in EU (if those criminals chooses to travel there). I know the Russian government will simply allow their people to be extradited to the US to face any charges, but what if the Russians themselves arrest the two of them and somewhat for them to 'cough the money off'?
I only do not understand 1 thing, why make the names public?
It is not so easy to kidnap citizens of another country and then legally convict them and put them in prison without causing serious political consequences. Especially when it comes to two countries like the US and Russia, and it is about a some ridiculous amount $16.8 million. Public announcement of such news is mostly aimed at preventing and discouraging the commission of similar acts in the future, because it tells hackers "maybe you can steal something, but we will do our best to take it away from you".
Of course, the public announcement of their names means that they are prevented from traveling anywhere outside Russia, unless they want to risk arrest and extradition to the US.
I don't think that this will scare anyone, because in Russia it is very easy to make new documents, usually for this they use data from real people who never travel abroad.
Or maybe everything is completely different, that hackers used documents of strangers. I have met many times when organizations do not properly conduct KYC procedures.
I only do not understand 1 thing, why make the names public?
It is not so easy to kidnap citizens of another country and then legally convict them and put them in prison without causing serious political consequences. Especially when it comes to two countries like the US and Russia, and it is about a some ridiculous amount $16.8 million. Public announcement of such news is mostly aimed at preventing and discouraging the commission of similar acts in the future, because it tells hackers "maybe you can steal something, but we will do our best to take it away from you".
Of course, the public announcement of their names means that they are prevented from traveling anywhere outside Russia, unless they want to risk arrest and extradition to the US.
I only do not understand 1 thing, why make the names public? The American intelligence services have many opportunities to track these people down, detain them abroad, transfer them to the United States and charge them with a crime.
They can seize stolen coins without publishing personalities.
I may be wrong, but this data release seems to be politically motivated.
They can seize stolen coins without publishing personalities.
I may be wrong, but this data release seems to be politically motivated.
Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains. Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service.
This part of the article explains very clearly how these two hackers were discovered, and it shows enough how intelligent they really are - they are actually very stupid if they thought they would not be caught. If you put so much effort into masking the whole operation and blurring the trail, then in the end you don't use your name - because if you get almost $17 million in your account, no special blockchain analysis is required to raise a red flag on such an account.
Fools like this get caught sooner or later, but how many do you think will never get caught?
I do agree, but it's also good coming from the US government to really send this kind of message, not just for the Russians hackers, but the Chinese or even Iranian. They could be persecuted in absentia, and could b found guilty. So the ball now goes to those cyber threat personalities, their world started to become small as they can't travel outside of Russia now, otherwise they will be caught.
Yeah giving messages is good but of course action is needed even though I find it difficult, Like some of the previous messages Some countries have different jurisdictions. And maybe the country (Which is opposite and has a and balance power with the State like China, Russia, Iran) would prefer hiring them as agents (I suppose?) Rather than extradition a "Talented" Person.Also I think if I become a hacker who stole and have more than $ 1 Million in my wallet, staying in my country and enjoying life is enough rather than traveling abroad (Personal Opinion) hahaha.
This is a move that I would personally encouraged because it sends a message to people that the crypto world is not a free for all that you can come in because you have a special skill or smarter than other but you believe that those skills can not be put into better use than to steal people resources and make them cry just because they wanted to earn legitimate inflow of a platform that they have been provided such opportunity. Kudos to the United States government agencies for taking this initiative.
They have no jurisdiction in Russia. We've seen numerous times how the Russian government denied extradition of their citizens to the EU and the US, so this decision by US government is just for show. It will all change if those hackers are dumb enough to travel to the EU and get caught there, but as long as they stay in Russia they'll rather get employed by the secret service than sent for trial to the States.
After see some response here, Looks like it's really hard to arrest the hacker/theft if they are overseas, If the State can't even handle it how about some country especially my country (Indonesia) Can Handle it (If the hacker come from Russia or the other Country that have different jurisdiction).
Well it make me not sure if i must report it my local police, I also have case. My fund was stolen ($4000) from my Ethereum address (https://etherscan.io/address/0x2D923A09Bf3110b21381A528552700531dE83F63) January and 2 days before (Uni Airdrop) It sended to binance but after contacting the support the process it's more complicated.
Thanks for this one, I will make it as refrence for my case.
Well it make me not sure if i must report it my local police, I also have case. My fund was stolen ($4000) from my Ethereum address (https://etherscan.io/address/0x2D923A09Bf3110b21381A528552700531dE83F63) January and 2 days before (Uni Airdrop) It sended to binance but after contacting the support the process it's more complicated.
Thanks for this one, I will make it as refrence for my case.
This is a move that I would personally encouraged because it sends a message to people that the crypto world is not a free for all that you can come in because you have a special skill or smarter than other but you believe that those skills can not be put into better use than to steal people resources and make them cry just because they wanted to earn legitimate inflow of a platform that they have been provided such opportunity. Kudos to the United States government agencies for taking this initiative.
They have no jurisdiction in Russia. We've seen numerous times how the Russian government denied extradition of their citizens to the EU and the US, so this decision by US government is just for show. It will all change if those hackers are dumb enough to travel to the EU and get caught there, but as long as they stay in Russia they'll rather get employed by the secret service than sent for trial to the States.
If i were a major government I would have at least Two mixers under my control.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
with these idea your giving people an idea to not use mixers because people use mixers because they thought it was decentralized and they dont wana get tracked but this idea is also great to catch the person that are guilty for doing illegal and bad deeds and besides , they wont also know that the mixer they use is run under by government because owners wont also said that publically . on the other hand i dont think that the caught hackers are not smart to forgot to conceal thier selves but it could be that authorities are just smarter than them .
On the contrary, we really don't know if there are state sponsored mixers now.
I will point you to a thread, maybe you haven't seen this, but it is a good read, Breaking Mixing Services.
Anyways, this thought of a mixer run by government or at least in their control could be unlikely, but it could also be "true and practical for them".
This is a move that I would personally encouraged because it sends a message to people that the crypto world is not a free for all that you can come in because you have a special skill or smarter than other but you believe that those skills can not be put into better use than to steal people resources and make them cry just because they wanted to earn legitimate inflow of a platform that they have been provided such opportunity. Kudos to the United States government agencies for taking this initiative.
If i were a major government I would have at least Two mixers under my control.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
with these idea your giving people an idea to not use mixers because people use mixers because they thought it was decentralized and they dont wana get tracked but this idea is also great to catch the person that are guilty for doing illegal and bad deeds and besides , they wont also know that the mixer they use is run under by government because owners wont also said that publically . on the other hand i dont think that the caught hackers are not smart to forgot to conceal thier selves but it could be that authorities are just smarter than them .
If i were a major government I would have at least Two mixers under my control.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
with these idea your giving people an idea to not use mixers because people use mixers because they thought it was decentralized and they dont wana get tracked but this idea is also great to catch the person that are guilty for doing illegal and bad deeds and besides , they wont also know that the mixer they use is run under by government because owners wont also said that publically . on the other hand i dont think that the caught hackers are not smart to forgot to conceal thier selves but it could be that authorities are just smarter than them .
If i were a major government I would have at least Two mixers under my control.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
It is so easy to do for them. Run it legit until someone moves a lot of “bad” coins and seize them for auction.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
biggest issue is how 'honest' is a coin mixer
are they all in the hands of one government or another and if you use large amounts of hot coins you will be caught?
It is very possible that is true.
It's not that far from the truth, maybe some coin mixer are under the government? Just another conspiracy theory but it is not far fetch and it's really possible. As for the honestly of some mixers, there are a lot who have pulled a exit scam already, so I would say that they can't be really trusted specially if you are going to mix huge amount of bitcoins or even those hot coins.
Not sure how these court cases usually play out, but in theory a good lawyer is going to ask the government how they tracked these users down and unless it's a sealed case, those methods should be made public, no?
I think it should be made public in my opinion, but then again, it will just used blockchain analysis as how they identified the culprit, but if you look at the court documents, these hackers didn't hide their identify, in fact it is there in plain sight that's why it is easy for government authorities to name then with blockchain footprints.
@philipma1957 - you have a point though, there are numerous seizures of big mixers already and it's very unlikely that a famous mixer hasn't been taken down even if there's report that it has been used by criminals to mix stolen coins, hmmm. Are they secretly working with the government?
Not sure how these court cases usually play out, but in theory a good lawyer is going to ask the government how they tracked these users down and unless it's a sealed case, those methods should be made public, no?
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
biggest issue is how 'honest' is a coin mixer
are they all in the hands of one government or another and if you use large amounts of hot coins you will be caught?
It is very possible that is true.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Most definitely the case. It's mind boggling how some people have the skills to hack accounts, but not enough knowledge to actually effectively CoinJoin and/or mix the coins. Thankfully it seems like they're incompetent in the privacy side of things though.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
Most definitely the case. It's mind boggling how some people have the skills to hack accounts, but not enough knowledge to actually effectively CoinJoin and/or mix the coins. Thankfully it seems like they're incompetent in the privacy side of things though.
I would say that these hackers didn't take care of their footprints and that's why the US government was able to follow their tracks and identify them through their names.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
So I agree that it's only one part of the equation, and that's why perhaps government are offering a $625,000 now on someone who can break Monero because most likely hackers are going to used it instead of Bitcoin and US government wanted to stay on top of the game. And because Bitcoin are no longer viable crypto for these criminals as they are easily been identified by blockchain analysis.
US DOJ has filed charges against two Russian hackers in connection of stealing $16 million worth of currency from trading platforms, Poloniex, Binance, and Gemini. The two Russians hackers are:
(1) Danil Potekhin (aka cronuswar)
(2) Dmitrii Karasavidi;
Here is the official court documents: https://www.documentcloud.org/documents/7211805-Potekhin-Superseding-Indictment.html
https://home.treasury.gov/news/press-releases/sm1123
In as much as these hackers trying to obfuscate their identity thru elaborate scheme, still the US government was able to track and trace the stolen crypto's to this individuals. So hacking is just one part of the equation, the other part is how to hide yourself which is very difficult since blockchain analysis is also evolving very quickly.
(1) Danil Potekhin (aka cronuswar)
(2) Dmitrii Karasavidi;
Here is the official court documents: https://www.documentcloud.org/documents/7211805-Potekhin-Superseding-Indictment.html
Quote
Washington - Today, in a coordinated action with the U.S. Department of Justice and the U.S. Department of Homeland Security, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Russian nationals for their involvement in a sophisticated phishing campaign in 2017 and 2018 that targeted customers of two U.S.-based and one foreign-based virtual asset service providers. American citizens and businesses were among the victims of this malicious cyber-enabled activity, which resulted in combined losses of at least $16.8 million.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” said Secretary Steven T. Mnuchin. “The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
Danil Potekhin (Potekhin) and Dmitrii Karasavidi (Karasavidi) are being designated pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, which targets malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain. Potekhin and Karasavidi are also the subjects of an indictment unsealed today by the Department of Justice.
Potekhin created numerous web domains that mimicked those of legitimate virtual currency exchanges. This tactic, known as spoofing, exploits Internet users’ trust in known companies and organizations to fraudulently obtain their personal information. When unwitting customers accessed Potekhin’s spoofed websites and entered their login information, Potekhin and his accomplices stole their login credentials and gained access to their real accounts. The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit. Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains. Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service.
Potekhin and Karasavidi’s actions underscore the evolving threat that global financial institutions face from cybercriminals, who employ a variety of sophisticated schemes to profit at their victims’ expense.
OFAC closely coordinated today’s action with the United States Secret Service’s San Francisco Field Office and with the U.S. Attorney’s Office for the Northern District of California. Treasury is committed to collaborating with law enforcement to respond to evolving threats from malicious actors who exploit virtual currencies and target legitimate virtual asset service providers and their customers.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” said Secretary Steven T. Mnuchin. “The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
Danil Potekhin (Potekhin) and Dmitrii Karasavidi (Karasavidi) are being designated pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, which targets malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain. Potekhin and Karasavidi are also the subjects of an indictment unsealed today by the Department of Justice.
Potekhin created numerous web domains that mimicked those of legitimate virtual currency exchanges. This tactic, known as spoofing, exploits Internet users’ trust in known companies and organizations to fraudulently obtain their personal information. When unwitting customers accessed Potekhin’s spoofed websites and entered their login information, Potekhin and his accomplices stole their login credentials and gained access to their real accounts. The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit. Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains. Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service.
Potekhin and Karasavidi’s actions underscore the evolving threat that global financial institutions face from cybercriminals, who employ a variety of sophisticated schemes to profit at their victims’ expense.
OFAC closely coordinated today’s action with the United States Secret Service’s San Francisco Field Office and with the U.S. Attorney’s Office for the Northern District of California. Treasury is committed to collaborating with law enforcement to respond to evolving threats from malicious actors who exploit virtual currencies and target legitimate virtual asset service providers and their customers.
https://home.treasury.gov/news/press-releases/sm1123
In as much as these hackers trying to obfuscate their identity thru elaborate scheme, still the US government was able to track and trace the stolen crypto's to this individuals. So hacking is just one part of the equation, the other part is how to hide yourself which is very difficult since blockchain analysis is also evolving very quickly.
this is a nice find. as to tracing abilities of the gov maybe the hackers were a bit dumb or maybe just maybe the mixers they used were setup by governments.
We won't know as we won't see a digital trail to follow . But it seems to me a government run mixer would be the best way to catch them.
note I moved my comment to correct spot
US DOJ has filed charges against two Russian hackers in connection of stealing $16 million worth of currency from trading platforms, Poloniex, Binance, and Gemini. The two Russians hackers are:
(1) Danil Potekhin (aka cronuswar)
(2) Dmitrii Karasavidi;
Here is the official court documents: https://www.documentcloud.org/documents/7211805-Potekhin-Superseding-Indictment.html
https://home.treasury.gov/news/press-releases/sm1123
In as much as these hackers trying to obfuscate their identity thru elaborate scheme, still the US government was able to track and trace the stolen crypto's to this individuals. So hacking is just one part of the equation, the other part is how to hide yourself which is very difficult since blockchain analysis is also evolving very quickly.
(1) Danil Potekhin (aka cronuswar)
(2) Dmitrii Karasavidi;
Here is the official court documents: https://www.documentcloud.org/documents/7211805-Potekhin-Superseding-Indictment.html
Quote
Washington - Today, in a coordinated action with the U.S. Department of Justice and the U.S. Department of Homeland Security, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Russian nationals for their involvement in a sophisticated phishing campaign in 2017 and 2018 that targeted customers of two U.S.-based and one foreign-based virtual asset service providers. American citizens and businesses were among the victims of this malicious cyber-enabled activity, which resulted in combined losses of at least $16.8 million.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” said Secretary Steven T. Mnuchin. “The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
Danil Potekhin (Potekhin) and Dmitrii Karasavidi (Karasavidi) are being designated pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, which targets malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain. Potekhin and Karasavidi are also the subjects of an indictment unsealed today by the Department of Justice.
Potekhin created numerous web domains that mimicked those of legitimate virtual currency exchanges. This tactic, known as spoofing, exploits Internet users’ trust in known companies and organizations to fraudulently obtain their personal information. When unwitting customers accessed Potekhin’s spoofed websites and entered their login information, Potekhin and his accomplices stole their login credentials and gained access to their real accounts. The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit. Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains. Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service.
Potekhin and Karasavidi’s actions underscore the evolving threat that global financial institutions face from cybercriminals, who employ a variety of sophisticated schemes to profit at their victims’ expense.
OFAC closely coordinated today’s action with the United States Secret Service’s San Francisco Field Office and with the U.S. Attorney’s Office for the Northern District of California. Treasury is committed to collaborating with law enforcement to respond to evolving threats from malicious actors who exploit virtual currencies and target legitimate virtual asset service providers and their customers.
“The individuals who administered this scheme defrauded American citizens, businesses, and others by deceiving them and stealing virtual currency from their accounts,” said Secretary Steven T. Mnuchin. “The Treasury Department will continue to use our authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”
Danil Potekhin (Potekhin) and Dmitrii Karasavidi (Karasavidi) are being designated pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, which targets malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain. Potekhin and Karasavidi are also the subjects of an indictment unsealed today by the Department of Justice.
Potekhin created numerous web domains that mimicked those of legitimate virtual currency exchanges. This tactic, known as spoofing, exploits Internet users’ trust in known companies and organizations to fraudulently obtain their personal information. When unwitting customers accessed Potekhin’s spoofed websites and entered their login information, Potekhin and his accomplices stole their login credentials and gained access to their real accounts. The attackers then employed a variety of methods to exfiltrate their ill-gotten virtual currency: using exchange accounts created using fictitious or stolen identities; circumventing exchanges’ internal controls; swapping into different types of virtual currency; moving virtual currency through multiple intermediary addresses; and a market manipulation scheme in which inexpensive virtual currency was purchased at a fast rate to increase demand and price, then quickly sold for a higher price to glean quick profit. Karasavidi laundered the proceeds of the attacks into an account in his name. He attempted to conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains. Ultimately, the stolen virtual currency was traced to Karasavidi’s account, and millions of dollars in virtual currency and U.S. dollars was seized in a forfeiture action by the United States Secret Service.
Potekhin and Karasavidi’s actions underscore the evolving threat that global financial institutions face from cybercriminals, who employ a variety of sophisticated schemes to profit at their victims’ expense.
OFAC closely coordinated today’s action with the United States Secret Service’s San Francisco Field Office and with the U.S. Attorney’s Office for the Northern District of California. Treasury is committed to collaborating with law enforcement to respond to evolving threats from malicious actors who exploit virtual currencies and target legitimate virtual asset service providers and their customers.
https://home.treasury.gov/news/press-releases/sm1123
In as much as these hackers trying to obfuscate their identity thru elaborate scheme, still the US government was able to track and trace the stolen crypto's to this individuals. So hacking is just one part of the equation, the other part is how to hide yourself which is very difficult since blockchain analysis is also evolving very quickly.
Jump to: