66 views 15 min 0 Comment

The rise and fall of the “empire” Cryptex

- 07.10.2024
The rise and fall of the “empire” Cryptex

Last week, Russian security forces carried out a large-scale operation to detain persons associated with the illegal activities of the Cryptex cryptocurrency exchange and the anonymous payment system UAPS: it was reported that 96 persons were involved in the criminal case; the investigation estimates the criminal income of the criminal community at 3.7 billion rubles. At the end of the week, the Zamoskvoretsky court in Moscow placed five defendants – brothers – under house arrest. Ruslana And Roman Orekhovskikh, Alexandra Tereshchenko, Elena Polyakova And Artem Lysenko. Regarding the founder of Cryptex Sergei Ivanov (Omelnitsky) the court chose a preventive measure in the form of detention in a pre-trial detention center. All of them are charged with organizing or participating in a criminal community, unlawful access to computer information, illegal circulation of means of payment and banking activities. The operation was preceded by the inclusion of Sergei Ivanov and his companion on the US Treasury sanctions list Timur Shakhmametov – operator of the largest online store “Joker’s Stash”, specializing in the sale of bank card data stolen as a result of hackers hacking American retailers. In addition, both were put on the wanted list for money laundering, and American authorities announced a monetary reward for information about their whereabouts. Sergey Ivanov (Omelnitsky) is known in the cryptocurrency market under the nickname Taleon, Timur Shakhmametov – as Vega. Ivanov’s first initiative was the promotion of the “PM2BTC” exchanger, which was engaged in converting funds from the “Perfect Money” virtual payment system into bitcoins. “Perfect Money” replaced the “Liberty Reserve” payment system, which was destroyed by American security forces, and was used to launder criminal proceeds. A new stage for partners was the launch of the Cryptex crypto exchange, which emphasized anonymity and concluding transactions without reporting the origin of funds, as well as providing the opportunity for financial withdrawal through couriers. The volume of receipts on Cryptex since its creation amounted to about $1.6 billion, while the exchange itself became one of the main centers for the circulation of illegally obtained funds in crypto, which were used, among other things, for laundering criminal proceeds and withdrawing capital in circumvention of sanctions .

Security forces are shaking Cryptex

Last week, the Zamoskvoretsky Court of Moscow granted the investigation’s request, placing three defendants in a criminal case on a cryptocurrency exchange under house arrest in one day. “Cryptex” and anonymous payment system UAPS: brothers Ruslan And Roman Orekhovskiyand also Alexander Tereshchenko accused of organizing a criminal community, illegal access to computer information, illegal circulation of means of payment and illegal banking activities.

“The accomplices carried out illegal activities in the exchange of currencies, cryptocurrencies, delivery and acceptance of cash, sale of bank cards and personal accounts. The main clients of these services were cybercriminals and hackers who used the services to launder their criminal income. The investigation established that in 2023, the turnover of funds received by the services of the criminal community amounted to more than 112 billion rubles, and the criminal income of the defendants amounted to 3.7 billion rubles.”– says the official statement of the Sledkom.

According to investigators, the criminal activities of the creators of Cryptex began in 2013. The organizers of the criminal community, having special knowledge in the field of banking, developed an infrastructure that consisted of the anonymous payment system UAPS, the cryptocurrency exchange itself and 33 online services. To date, we are talking about 96 defendants, against whom investigative actions are being carried out, some of them are only being brought to Moscow.

During searches in St. Petersburg, security forces seized more than 1.5 billion rubles. The media write about expensive Bentley, Rolls-Royce, Porsche, Tesla Cybertruck cars, snowmobiles, boats and even Robinson helicopters that belonged to members of the organized crime group. As we can see, illegal activities were carried out on a grand scale, and the “cryptocurrency traders” themselves lived in grand style. In addition, the Interfax publication mentioned among those involved “Russian Sergei Ivanov, against whom the United States imposed sanctions due to money laundering”.

Sergei Ivanov (Omelnitsky) is sent to a pre-trial detention center

Before moving directly to the personality of Sergei Ivanov, we should dwell on a rather interesting point: “Cryptex” (aka “International payment service provider LLC”) is registered in Saint Vincent and the Grenadines, a small country in the Caribbean islands. As recently as the end of September, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued a warning against Cryptex and another crypto platform “PM2BTC” economic sanctions, accusing them of money laundering and “providing services to cybercriminals”.

“Cryptex advertises its virtual currency exchange services in Russian and has received more than $51.2 million in ransomware attacks. Cryptex has also been linked to more than $720 million in transactions with services frequently used by Russian extortionists and cybercriminals, including fraudulent stores, mixing services, and exchanges.”“Izvestia quotes the official statement of the American Ministry of Finance.

This is where the above comes up again Sergey Ivanov (aka Omelnitsky). The fact is that OFAC calls him the administrator of “Cryptex” and “PM2BTC”, who has been involved in “money laundering for hackers, front-end brokers, darknet market sellers and other criminal groups”who also helped “withdraw and import currency to Russian clients”. The US authorities were ready to pay a reward in the amount of 10 million dollars for information about his whereabouts and more 1 million dollars – for assistance in identifying other key leaders of the organized crime group.

It seems that no one will share the necessary information with the American side. The fact is that last Friday the Zamoskvoretsky Court of Moscow considered the investigation’s petitions against three more defendants in the “Cryptex case”, including Ivanov, placing the latter in a pre-trial detention center for two months, and Elena Polyakova And Artem Lysenko – under house arrest. Thus, of the five accused, Ivanov (Omelnitsky) was the only one who went to the isolation ward rather than while away the time before the trial in the comfort of his home.

Taleon and Vega go beyond “Mazafaka”

Who is the mysterious Mr. Ivanov, whom the Western security forces so wanted to get, but their Russian colleagues got them? The RBC portal answers this question, citing the publication of an American journalist Brian Krebsspecializing in the investigation of cybercrimes. So, Ivanov first appeared on an underground hacker online forum “Mazafaka” in the early 2000s under the nickname Taleon. At the time, he was allegedly involved in large cash transfers.

Taleon made contact with a hacker under the nickname Vegawho later opened an online store “Joker’s Stash”which was engaged in the sale of bank card data obtained as a result of hacking of American retailers, and was considered one of the largest in the world. It is noteworthy that in addition to Ivanov, the American authorities brought similar charges against another citizen of the Russian Federation – Timur Shakhmametovwho supposedly is Vega – the operator of “Joker’s Stash”.

Further, according to Krebs, approximately in 2013, Ivanov agreed to interact with the “PM2BTC” exchanger already mentioned above, which was engaged in converting funds from the virtual payment system “Perfect Money” (PM) into Bitcoin (BTC), and also issued their own debit cards for transferring funds. At the same time, security forces in the United States shut down the payment system “Liberty Reserve”used to legalize criminal proceeds obtained in a variety of ways – from drug trafficking to the distribution of child porn.

More than 1 million people have used the services of Liberty Reserve, which has been operating since 2006. Operations to detain persons associated with her were carried out in Spain, Costa Rica and New York, and the creator of “LR» Arthur Budovskyhis deputy Azzedine El-Amin, Vladimir Kats, Maxim Chukarev And Mark Marmilev. After the defeat of Liberty Reserve, there was talk on underground hacker forums about new forms of payment. It was then that Ivanov-Taleon allegedly introduced a payment service called “Universal Anonymous Payment System”(UAPS), offering its own payment acceptance solutions.

New level from Cryptex

“Due to a technically simple connection, payments through UAPS began to quickly appear in underground stores and marketplaces selling stolen bank card data, other people’s accounts or software for hacker attacks… The UAPS system also made it possible to automate settlements with partners or suppliers of stolen data »writes RBC.

Of course, Ivanov’s largest business partner was Joker’s Stash, which traded millions of U.S. payment card data supplied directly by the hackers behind some of the most notorious retail hacks in recent years (Brian Krebs mentions attacks on Saks Fifth Avenue, “Lord and Taylor”, “Bebe Stores”hotel chain Hilton etc.). At the beginning of 2018, Taleon and the UAPS team launched the crypto exchange “Cryptex”, promoting it on underground forums.

This was an exit to a qualitatively new level, as soon “Cryptex” became one of the main centers for the circulation of illegally obtained funds in cryptocurrency: through it the funds of administrators of illegal trading platforms, hackers, carders and ransomware operators (cryptolockers) were “laundered”. Experts estimate the volume of revenues from Cryptex since its creation at $1.6 billion.

According to the Fontanka publication, the exchange provided an opportunity “trade cryptocurrency, transfer it, exchange it for other cryptocurrencies, fiat currencies, including in the form of cash”. It was possible to pick up cash through a courier or a storage room: the corresponding service was provided in eight CIS countries, including the Russian Federation, Belarus, Ukraine and Kazakhstan, in nine European and three Middle Eastern countries (Turkey, Iran, the Emirates).

Fontanka calls the distinctive features of Cryptex the possibility of concluding a large transaction without reporting the origin of funds, an emphasis on the anonymity of users, a low risk of blocking wallets and bank accounts when dealing with cryptocurrency, and conducting cash transactions. “the old fashioned way”that is, only through couriers, as well as the absence of the need for verification for all operations and “interaction with regulated markets”.

Will crypto be put under control?

But, as we know, everything comes to an end someday. Fortune eventually turned away from Ivanov and Shakhmametov. Shakhmametov is wanted in the United States, but given the scale of the investigation in Russia, his arrest looks like just a matter of time. The authors of a number of publications have already drawn attention to the synchronicity of the actions of Russian security forces and their Western colleagues, and this says a lot in our time.

“US Justice Department Criminal Division Chief Nicole Argentieri said Cryptex promised its cybercriminal clients a safe space to anonymously launder their illicit proceeds, but a coordinated effort, including the seizure of Cryptex domains, servers and proceeds, should warn cybercriminals that there are no safe places online to them”writes “Forbes

Experts from a number of publications are unanimous: other structures also operate under the Cryptex scheme. They are not licensed, do not pay taxes and do not report income; but they can find transactions related to hacker attacks, online fraud and illegal trading platforms. In addition, the current Russian legislation practically does not regulate the circulation of cryptocurrency, although its use for the withdrawal of capital bypassing sanctions and laundering criminal proceeds is well known.

However, in the case of the authors of the “Cryptex” scheme, the security forces became as active as possible. It looks like they decided to “tighten the screws” on the uncontrolled circulation of cryptocurrencies?

Eric Thompson
Leave a Reply

Exit mobile version