The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox.
According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been accused of conspiring to launder approximately 647,000 bitcoins stolen from September 2011 through at least May 2014 as a result of unauthorized access to a server holding crypto wallets used by Mt. Gox customers.
“Starting in 2011, Bilyuchenko and Verner stole a massive amount of cryptocurrency from Mt. Gox, contributing to the exchange’s ultimate insolvency,” Assistant Attorney General Kenneth A. Polite, Jr. said in a statement.
“Armed with the ill-gotten gains from Mt. Gox, Bilyuchenko allegedly went on to help set up the notorious BTC-e virtual currency exchange, which laundered funds for cyber criminals worldwide.”
Bilyuchenko and Verner are also alleged to have made large wire transfers into various offshore bank accounts between March 2012 and in or about April 2013, laundering more than 300,000 of the stolen digital assets using an unnamed New York-based Bitcoin brokerage service.
The BTC-e exchange, opened by Bilyuchenko in 2011 in collaboration with Alexander Vinnik and others using the plundered crypto from Mt. Gox, was shut down by law enforcement in 2017, prior to which it was one of the main conduits through which cyber criminals cashed out the proceeds of their illegal activities.
“BTC-e served over one million users worldwide, moving millions of bitcoin worth of deposits and withdrawals and processing billions of dollars’ worth of transactions,” the DoJ said.
“BTC-e received criminal proceeds of numerous computer intrusions and hacking incidents, ransomware events, identity theft schemes, corrupt public officials, and narcotics distribution rings.”
The money laundering charges leveled against the pair could lead to a maximum penalty of 20 years in prison for each of them, if convicted. Bilyuchenko also potentially faces an extra 25-year jail term for operating an unlicensed money services business.
Mt. Gox, which was the largest cryptocurrency exchange at the time, officially collapsed soon after the theft and filed for bankruptcy in February 2014. Mark Karpelès, the exchange’s CEO, was considered a prime suspect and was arrested in Japan in August 2015 and charged with fraud and embezzlement.
Karpelès was subsequently convicted in Japan in 2019 and received a 2.5-year suspended prison sentence after he was found guilty of data manipulation by the Tokyo District Court. However, he was cleared of embezzlement charges.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!
The development comes as a 39-year-old Romanian national named Mihai Ionut Paunescu was sentenced to three years in prison for running a bulletproof hosting service that “enabled cybercriminals to distribute malware strains like Gozi, Zeus, SpyEye Trojan, BlackEnergy.
The law enforcement action also coincides with the U.S. State Department announcing a reward offer of up to $5 million for information leading to the arrest and conviction of Maximilian Rivkin, a Swedish-based criminal of Serbian origin who was identified as an “administrator and influencer” on the encrypted messaging app AN0M (aka ANoM).
AN0M was a trojan horse set up by the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) in 2018 to surreptitiously monitor the activity of criminal actors on the platform. About 12,000 AN0M-fitted devices were sold to 300 criminal syndicates operating in 100 nations.
The three-year sting operation, dubbed Trojan Shield, led to more than 800 arrests across 18 countries following an analysis of over 27 million messages that involved discussions on narcotics concealment methods, shipments of narcotics, money laundering, and even violent threats.