Share this article
Prosecutors Detail Russians' Crypto Phishing Scheme in Forfeiture Suit
The alleged hackers also manipulated NEO's Gas market with a $5 million crypto infusion.
By Danny Nelson
Updated Sep 14, 2021, 9:57 a.m. Published Sep 17, 2020, 4:11 p.m.
The two Russians who were sanctioned earlier this week by the U.S. Treasury Department on accusations of being crypto thieves allegedly got their millions through market manipulation and phishing.
STORY CONTINUES BELOW
Prosecutors detailed Danil Potekhin and Dimitrii Karasavidi’s alleged heists, victims and target exchanges in a 30-page forfeiture complaint filed Wednesday against the pair’s previously seized crypto funds.
- Karasavidi and Potekhin allegedly “deployed” a series of bogus Poloniex, Gemini and Binance lookalike sites that duped unwitting users into sharing their login credentials, giving the hackers control of wallets.
- They then “drained” $20 million worth of bitcoin , ether and NEO from victims’ accounts, according to the complaint. Prosecutors said the lion’s share ended up in Karasavidi’s Bitfinex account.
- Other funds were frozen by Poloniex and quickly seized by authorities, who filed the lawsuit to take control of 15,602 ETH, 199.8 BTC, $6.1 million in cash and 1,199 NEO, a total worth $14.2 million at press time.
- That ETH haul was actually the product of a separate hacker scheme: market manipulation, authorities say.
In late October 2017, hackers pumped $5 million of one victim’s crypto into NEO’s Gas market, skyrocketing the usually sleepy token’s value 13,000% before ordering their personal gas-holding Poloniex accounts to cash out into ETH. The victim “lost virtually all of his $5 million in cryptocurrency,” prosecutors alleged.
- Prosecutors also claimed the hackers attempted to cover up the stolen crypto’s origin by “layering” funds – a classic money-laundering technique.
- Treasury officials said they used “blockchain tracing analysis” to follow the ETH from the Poloniex manipulation and the Poloniex, Binance and Gemini phishing schemes into Karasavidi’s Bitfinex account.
- They further claimed to have identified Potekhin as the owner of multiple misspelled Poloniex domain names linked to the phishing scheme.
- Similar tactics were used against Binance and Gemini customers, the regulator said in the lawsuit.
Karasavidi and Potekhin face a mounting lineup of legal troubles. This week, they’ve been added to the Treasury Department’s OFAC blacklist and also face federal wire fraud, hacking and money laundering charges.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Bitcoin's Parabolic Arc Snaps: Trader Peter Brandt Eyes $25K Crash Floor
Veteran trader Peter Brandt warns that bitcoin's growth parabola has fractured, potentially leading to a price drop to $25,000.
What to know:
- Veteran trader Peter Brandt warns that bitcoin's growth parabola has fractured, potentially leading to a price drop to $25,000.
- Bitcoin's bull cycles have historically seen diminishing returns, with significant pullbacks following record highs.
- The current cycle saw prices double to $126,000 before pulling back to under $90,000, breaking the parabolic trend.
Top Stories
