Grigory Osipov: «Greed and the desire for easy money unite the majority of victims of fraudulent crypto projects»
It seems that cryptocurrency is the main weapon of modern cyber fraudsters. According to the Central Bank of the Russian Federation, almost 60% of financial pyramids identified in the first half of 2024 attracted clients' funds in «virtual» money. At the same time, the overwhelming majority of structures (99%) with signs of financial pyramids were Internet projects. How fraudsters manage to use the achievements of digitalization, whether it is possible to return stolen cryptocurrency and how to avoid «recruitment» into a financial pyramid, «MK» was told by the former FSB employee, and now the director of investigations of the digital asset security platform «SHARD» Grigory Osipov.
—The most popular are various types of scams, which are most often investment projects where you can supposedly make money. Attackers offer either passive income — “invest funds and receive a profit every month”, or the purchase of a new cryptocurrency in the hope of its growth, as well as trading cryptocurrencies between exchanges.
Cryptocurrency is also closely linked to the illegal trafficking of drugs and other prohibited substances: almost the entire segment of drug trafficking in Russia is cryptocurrency.
In addition, crimes involving cryptocurrency have come to include corruption cases: bribes, commercial bribery, abuse and exceeding official powers. For example, in April 2024, Georgy Satyukov, an employee of the Department «K» of the Ministry of Internal Affairs, specializing in cybercrimes, including in the crypto-financial sphere, was arrested in absentia. He was arrested for receiving bribes in cryptocurrency totaling more than 5 billion rubles for patronizing the WEX cryptocurrency exchange.
Crimes related to the financing of terrorism are separate. According to the Investigative Committee of the Russian Federation, during the investigation of the recent terrorist attack in Crocus City, it was established that a group of defendants received part of the funds for the terrorist attack in cryptocurrency.
There are already examples of ordinary criminal offenses being committed using cryptocurrencies: extortion, arbitrary action, and even murder. For example, the «Izhevsk shooter» Artem Kazantsev, who shot 13 people at a school in 2022, bought weapons for cryptocurrency on the darknet. According to Moscow Digital School, in 2023, Russian courts considered 2,653 cases related to cryptocurrencies, which is five times higher than in 2021. Moreover, only a small part of cases involving cryptocurrency is made public, since such cases are often not made public, and court verdicts may not even indicate that the crime was committed using it.
— Recently, social fraud has become widespread, when attackers meet victims on social networks and, in the process of communication, after some time offer to invest in their cryptocurrency project, which turns out to be fake. The victim simply sends money to the fraudster in the hope of making money, but ends up with debts. I will give two cases that I have encountered in practice.
The woman allegedly met the man by chance on social networks. After several weeks of communication, the new acquaintance suggested investing in cryptocurrency, showing how easy and simple it is to multiply “idle” money. The victim, following the instructions from the fraudster, purchased cryptocurrency on one of the centralized exchanges and, under the supervision of the “new friend,” transferred it to a fake trading platform. The attacker “drew” high dividends and an account with six zeros on this platform, but in fact, the cryptocurrency went straight to the addresses of the fraudsters, from where he sent them to a number of crypto exchanges. At the same time, during the communication, the attacker used psychological pressure on the victim, encouraging her to borrow even more funds to increase her winnings. The victim realized what had happened when the money ran out, and no one was giving her a loan anymore.
Another example of social fraud developed according to a similar scenario, but the fraudster, in order to create an incentive to spend money, deliberately romanticized the relationship, transferred it to the format of communication between lovers making joint plans that are destined to come true only when investing in the proposed cryptocurrency project. To implement the plan, pressure was used on the woman (incidentally, married and with a child), psychological manipulations indicating financial dependence on her husband, on the well-being of the child. The woman deposited her husband's funds into the service wallet for three months. To confirm that the project allegedly brings profit, the fraudster explained to the victim step by step what actions must be taken in the application to receive interest that was accrued for the purchase of options and the ownership of cryptocurrencies. In fact, all these amounts were «drawn» in order to make the victim believe in the reality of the payments being made and strengthen their determination to further invest in the project. To increase trust, the fraudster once even allowed a small amount of funds to be withdrawn, but after that the “trap slammed shut” and the victim lost a huge amount of money, and subsequently his family.
— If we talk about the theft of cryptocurrency, then, unfortunately, the percentage of detection of such cases is very low, and there are several explanations for this. Firstly, the lack of a legislative framework for regulating the circulation of cryptocurrencies. In practice, in criminal cases, cryptocurrency is in most cases recognized as property, but since our law is not precedent-based, the court may recognize it as property or may not recognize it. In fact, this area is not covered by state control, criminals use cryptocurrency to commit a crime, but they do it legally on foreign platforms.
Secondly, the low level of qualification of law enforcement officers to counter such crimes, including the lack of knowledge and practice among many employees to use analytical tools for tracking cryptocurrencies.
Thirdly, the lack of state cryptocurrency expertise. It is extremely problematic to collect evidence without involving cryptocurrency specialists. All these factors play into the hands of fraudsters and allow them to painlessly evade responsibility, since cryptocurrency crimes are technological and their detection requires special software and practice, which, unfortunately, is still very little, and often does not exist at all.
— According to Russian law, a company cannot officially conduct cryptocurrency transactions yet, and therefore, even if cryptocurrency is stolen from an organization, it is unlikely to become the subject of a public criminal case. Citizens, of course, encounter various fraudulent schemes for theft of funds, but it is quite difficult to say that this is widespread.
If the target of the attack is an individual cryptocurrency holder, then it is more common to use social engineering fraud, with the subsequent weakening of the victims' attention to security, and only then does the hacking occur. Targeted hacker attacks on individual crypto wallets without a tip-off are quite rare.
— A separate category of crimes includes ransomware viruses — special programs that get onto a computer and either encrypt the contents or block access to it and ask for a ransom in cryptocurrency for decrypting and unlocking the data. Such viruses are distributed en masse, affecting both companies and individuals. However, in most cases, ransomware viruses specifically attack large companies and even government agencies. For the groups that develop such viruses, extortion is a whole business with multi-million dollar turnover. It gets to the point that virus developers sell software for creating a virus to other attackers, whose tasks include introducing and communicating with the victim. In the event of a “successful” ransom payment, not only those who introduced the virus, but also its developers can receive their “share”.
— Fraudsters are attracted to several factors in this industry. First, the pseudo-anonymity of cryptocurrency: customers think that no one is collecting their data when they contribute funds to an “investment project,” and fraudsters assume that by using cryptocurrency, they will be able to withdraw users’ funds obtained as a result of fraud without leaving a trace.
Secondly, the lack of state regulation of cryptocurrencies in Russia and, as a result, the low level of qualification of law enforcement officers play into the hands of criminals. As an example, we can cite the criminal case on the most famous pyramid «Finiko», which has been dragging on for several years. Criminal cases are never initiated against many pyramids, since it is extremely problematic to collect evidence without involving cryptocurrency specialists.
Thirdly, cryptocurrencies are a certain «hype», «fashionable topic», a trend of the time, and if the project does not work in the modern trend, then it will not attract many clients.
— Quite often, recruiters of financial pyramids look for new participants in specialized and thematic channels in social networks and messengers dedicated to financial literacy, trading training, and investment advice.
Sometimes such recruiters offer to participate in trading training in specialized groups in Telegram. Most often, such people discuss general topics and the training process with the victim for weeks and only then share information that they managed to earn good money on trading in a relatively short period of time, and also offer to try to engage in this activity. In case of consent, the recruiter gives the victim the contacts of the «trader».
To gradually draw the victim into the project, the «trader» offers them to start trading cryptocurrency or to make arbitrage links between crypto exchanges with small amounts to get a feel for the process. When the victim sees a profit of around 10-15% as a result of the trading circle, they often get excited and want to try the same thing, but with a larger amount, and people expect corresponding dividends. An additional factor that reinforces the reliability of crypto trading is the ability to withdraw funds. The «trader» intentionally gives the victim the opportunity to withdraw the earned funds to a bank card once or twice to confirm reliability.
The main signs of modern financial pyramids, by which they can potentially be recognized, are:
— too high profitability: if they offer to earn 2 times more than the refinancing rate, then this is a reason to think;
— unverifiable structure of the income part, especially from the point of view of investments in cryptocurrency trading. Often, the organizers can explain in incomprehensible terms where the participants' money is invested, creating the illusion of obviousness;
— use of nominees in project management, non-transparent data on project owners, often the absence of a legal entity or registration of the company in an unfriendly, and therefore difficult to verify, jurisdiction;
— referral program. If the program «bring a friend — get a percentage» is provided, this is a clear sign of a pyramid;
— settlements within the project are carried out in the project's coins. Not every participant in such a project will be able to understand whether the project token is a cryptocurrency, and even if it is, what blockchain it uses and whether there are bookmarks in its smart contract;
— creation of an atmosphere of sacredness, exclusivity for participants, an attempt at psychological influence to create a feeling of involvement in a supposedly unique earnings model; urge to take out a loan for greater benefits in the project.
Greed and the desire for easy money unite most victims of fraudulent crypto projects, as well as total inattention and failure to comply with basic rules of digital hygiene. The very structure, when a stranger offers you to make money on processes in which you understand nothing, should already raise doubts about the true motives of such a “benefactor”.