The U.S. Department of Justice (DOJ) says that two Estonian nationals pleaded guilty to operating a massive cryptocurrency Ponzi scheme that defrauded hundreds of thousands of victims from across the globe, including the United States. In a statement, the DOJ says that Sergei Potapenko and Ivan Turõgin sold contracts that entitled their customers to a […]
The post Two Men Plead Guilty to ‘Massive’ $577,000,000 Crypto Mining Fraud Scheme: DOJ appeared first on The Daily Hodl.
Two Estonian nationals, Sergei Potapenko and Ivan Turõgin, pleaded guilty to operating a $577 million cryptocurrency Ponzi scheme through their fraudulent mining service, Hashflare. The scheme, running from 2015 to 2019, deceived hundreds of thousands worldwide, including U.S. investors, by selling mining contracts despite lacking the computing power to generate promised returns. Instead, they fabricated […]
Estonia is serving as an example of how smaller nations can use technology to punch above their weight and enhance their economic and political standing.
In the early 1990s, Estonia emerged from the collapse of the Soviet Union as a newly independent nation. At a time when many former Soviet republics were focused on rebuilding their economies and governance structures, Estonia recognized a unique opportunity: the potential of digital technology to drive its transformation. This small Baltic nation saw the internet not just a tool for communication but a means to reimagine governance, citizen engagement, and economic growth.
This decision to embrace the internet early and fully was not just born out of necessity but was fueled by the belief that technology could play a central role in shaping the nation’s future.
Estonia’s transformation became known as e-Estonia — a digital society built on the foundations of the internet. This past 30 years hasn’t just been about adopting new tools and platforms. It was about using the internet to create a more democratic, transparent, and efficient society. Citizens have been given the ability to vote online, pay taxes, sign legal documents, and access nearly all government services (except divorce filings). This digital infrastructure increased transparency and accountability, while making government services more accessible to all citizens. And it made Estonia one of the most technologically advanced societies in the world.
Related: America should learn from the optimism of HODLing
Several key factors were crucial to Estonia’s success. Estonia placed a strong emphasis on technical literacy and took a proactive approach, promoting digital literacy and ensuring that everyone had access to the internet. This included free computer training to 10% of the adult population and teaching computer programming to students starting at age seven. As a result, Estonians seem far more open to adopting digital tools and are capable of using them effectively.
More importantly, Estonia established a legal and regulatory framework that encouraged innovation and reduced friction for technological development. By creating policies that favored innovation, Estonia fostered an ecosystem where both public and private sectors could thrive in the digital age.
Rain Lõhmus, the founder of LHV Bank told Estonian media last month he’s not made much effort to recover the funds, but is willing to pay someone who can.
The founder of Estonia-based LHV Bank, Rain Lõhmus, has been revealed as the owner of a massive 250,000 Ether (ETH) stash bought during the Ethereum ICO, which is now worth an eye-watering $470 million.
There's only one problem. He no longer has the keys.
In February, Coinbase director Conor Grogan highlighted a Ethereum whale wallet containing some $470 million worth of ETH, untouched since the blockchain’s genesis.
In an Nov. 6 update on X (Twitter), Conor highlighted Lõhmus’ comments in a recent interview that now tie him to the $470 million worth of trapped ETH.
“One mystery solved,” wrote Grogan who shared an excerpt of an Oct. 31 ERR News report on an earlier Vikerraadio interview with Lõhmus.
One mystery solved: This address (which now holds $450M of crypto) belongs to Rain Lohmus, founder of LHV Bank
— Conor (@jconorgrogan) November 6, 2023
Unfortunately he lost his keys and can't access these 100s of millions. If you can help him recover them somehow, he's willing to split them with you https://t.co/wYLAU9gKzb pic.twitter.com/0A1nIjFSyn
“Unfortunately he lost his keys and can't access these 100s of millions. If you can help him recover them somehow, he's willing to split them with you,” Grogan added.
According to ERR’s report, Lõhmus said it was “no secret” he owned a wallet with 250,000 ETH which he lost the password to and hasn’t made much effort to recover.
“I can't solve this alone; if someone thinks they can, I'll take all offers,” Lõhmus said.
Related: US lawmaker proposes to cut SEC chair Gary Gensler’s salary to $1
“It's very common for me to lose passwords,” he said, adding that losing access to funds was a “weak point” of blockchain systems.
In total, Lõhmus’ Ether purchase was $75,000 as ETH’s price at launch was around 30 cents.
At Ether’s Nov. 10, 2021, price peak of nearly $4,900 — Lõhmus stuck stash was worth $1.22 billion.
Lõhmus’ wallet today still has an impressive 628,757% gain and according to Grogan’s February X post had $6.5 million worth of airdrops to boot.
Magazine: Slumdog billionaire — Incredible rags-to-riches tale of Polygon’s Sandeep Nailwal
A crypto exchange claiming $1.7 billion in daily trades and reporting $1.4 billion of daily trading volume on CoinMarketCap had reportedly displayed false license data until Estonian regulators checked it.
A number of cryptocurrency platforms reporting billions of dollars in daily trades on CoinMarketCap appear to have been misleading their customers about holding certain crypto licenses, an investigation by Cointelegraph has found.
Bitspay, a crypto exchange that reports a $1.4 billion daily trading volume on CoinMarketCap, claimed it held a license in Estonia, and is regulated under Estonian law. However, after Cointelegraph reached out with questions about this license, the company swiftly erased its reportedly fake license data.
At the time of writing, Bitspay is the fourth-largest crypto exchange by daily trading volume on CoinMarketCap, following platforms like Binance, BitForex and Topcredit International.
According to Bitspay’s page on CoinMarketCap, it is a centralized exchange (CEX) based in Estonia. The exchange was launched in 2020 and claims to be regulated under the Estonian “Anti Money Laundering Counter-Terrorism Financing Act 2019,” which appears to be referring to the country’s Money Laundering and Terrorist Financing Prevention Act.
Bitspay also claimed it was licensed and regulated by Estonia’s Financial Intelligence Unit (FIU). “Bitspay Limited registered with the registration number FVR000796, under the Laws of the Republic of Estonia,” the firm stated on one of its domains, Bitspay.io, until it erased the information immediately following Cointelegraph’s inquiries.
Contacted by Cointelegraph, Estonia’s FIU reported that Bitspay didn’t hold any valid license in Estonia. “We took a look into it, and it seems that the license number which they have previously announced refers to an Estonian company, Globe Assets OÜ,” a spokesperson for the FIU said in a statement on Sept. 21. The license was also valid for less than a year, from March 2019 until January 2020, the representative noted.
The FIU didn’t respond to additional questions about Bitspay’s legal status in Estonia.
Bitspay was showing its website visitors information on the license mentioned above until at least Sept. 18, 2023. The firm subsequently rebranded its website from the briefly unavailable Bitspay.io to Bitspay.global on Sept. 21, removing all data about being registered or regulated in Estonia.
At the time of writing, Bitspay has not provided any information about its registration or license on its new website. The exchange also claims on its website that its daily trading volume amounts to 65,249 Bitcoin (BTC), or $1.7 billion. Despite reporting that much in trading, the exchange appears to have no more than around 400 subscribers on Twitter and some 16,000 members on its Telegram channel.
Kelly Nova, said to be the founder and CEO of Bitspay on its website, told Cointelegraph that the exchange is working on licenses in both Estonia and the United Kingdom. “We have some copyright issues and that’s why we closed the Bitspay.io domain,” he said. The exec didn’t respond to Cointelegraph’s request for further information about Bitspay founders or why the firm previously claimed to have a license in Estonia on its website.
Bitspay appears to be far from the only platform reporting massive trading volumes on CMC while little is known about its licenses, founders or background. Exchanges like Topcredit, which reports $1.8 billion in daily trades on CoinMarketCap, and Bika — reporting $1.2 billion — have been unwilling to talk to Cointelegraph about their background and founders as well.
“We have long been aware that self-reported data can be problematic but APIs are the only viable source for data collection,” a spokesperson for CoinMarketCap told Cointelegraph.
The representative also referred to the website’s scoring system, pointing out that platforms like Bitspay, Topcredit or Bika have a significantly lower score than major exchanges like Binance, which has owned CoinMarketCap since April 2020. “We always encourage our users to perform their own due diligence, especially with low scoring exchanges,” the spokesperson said, adding:
“We know our data isn't infallible. Our role is as an objective and comprehensive information aggregator, not a regulator. [...] In short, CMC numbers are as credible as they can be, using our industry leading experience, technology, verification methodology and feedback loops [...]”
The spokesperson cited the crypto adage “don't trust, verify” and said it embodies a foundational principle of cryptocurrencies and blockchain technology.
Related: Hong Kong to list ‘suspicious’ crypto platforms in wake of JPEX scandal
According to a public announcement, Bitspay was listed on CoinMarketCap in July 2023. CoinMarketCap’s major rival, CoinGecko, hasn’t listed this website, nor has it listed Topcredit or Bika. Despite this discrepancy, CoinGecko has significantly more spot exchanges than CoinMarketCap, does. At the time of writing, CoinGecko lists a total 784 exchanges, while CoinMarketCap lists only 225.
Websites like CoinMarketCap have frequently been criticized for providing inflated exchange trading volumes. In 2019, Bitwise Asset Management claimed that 95% of volumes on unregulated exchanges reported on CoinMarketCap were fake or non-economic wash trading in nature. Another investigation by the data analytics firm The Tie suggested in 2019 that more than 86% of reported crypto trading volume appeared suspicious.
Hackers attempted to infiltrate CoinsPaid infrastructure directly starting in March 2023, but switched their approach to targeting individuals through fake high-salary job offers.
Estonia-based cryptocurrency payments firm CoinsPaid suspects North Korean hackers with the Lazarus Group gained access to its systems through fake recruiters targeting employees.
In an Aug. 7 blog post, CoinsPaid said an exploit which allowed hackers to steal more than $37 million on July 22 was the result of tricking one employee into downloading software during a fake job interview, having them believe they were completing a technical task. The firm reported that the worker responded to a job offer put out by hackers and downloaded the malicious code, allowing the bad actors to steal information and give them access to CoinsPaid’s infrastructure.
“Having gained access to the CoinsPaid infrastructure, the attackers took advantage of a vulnerability in the cluster and opened a backdoor,” said CoinsPaid. “The knowledge perpetrators gained at the exploration stage enabled them to reproduce legitimate requests for interaction interfaces with the blockchain and withdraw the company's funds from our operational storage vault.”
We Know Exactly How Attackers Stole and Laundered $37M USD
— CoinsPaid (@coinspaid) August 7, 2023
CoinsPaid invited a partnership with @MatchSystems, in cooperation with law enforcement agencies and regulators, accompanies the process of returning stolen #crypto assets.
Read more: https://t.co/jLF3ICo603 pic.twitter.com/0gDy9CJcS7
Related: Curve hacker behind $61M heist begins returning funds
In its July 26 post-mortem report of the hack, CoinsPaid said it suspected Lazarus Group. Prior to the $37-million exploit, the hackers had made several attempts to infiltrate the platform starting in March 2023, but switched their approach to “highly sophisticated and vigorous social engineering techniques” after multiple failures — targeting individual workers rather than the company itself.
CoinsPaid said it had partnered with blockchain security company Match Systems to track the stolen funds, the majority of which were transferred to SwftSwap. According to the firm, many aspects of the hackers’ transactions mirrored those of the Lazarus Group, as in the $35-million hack of Atomic Wallet in June. The company was continuing to monitor any movement of the funds as of Aug. 7.
Magazine: Should crypto projects ever negotiate with hackers? Probably
CoinsPaid said it is now working with Estonian law enforcement and several blockchain security firms are assisting to minimize the impact of the July 22 exploit.
Cryptocurrency payments platform CoinsPaid has pointed the finger at North Korean state-backed Lazarus Group as being behind the hacking of its internal systems, which allowed them to steal $37.3 million on July 22.
“We suspect Lazarus Group, one of the most powerful hacker organisations, is responsible,” CoinsPaid explained in a July 26 post.
While CoinsPaid didn’t explain how the money was stolen exactly, the incident forced the firm to halt operations for four days.
CoinsPaid is back to processing after being hit by a hacker attack. Сlient’s funds were not affected and are fully available.
— CoinsPaid (@coinspaid) July 26, 2023
More details in our blog: https://t.co/XukI4ZTTLw pic.twitter.com/XjkKjjsluE
CoinsPaid confirmed that operations are back up and running in a new, limited environment.
The firm added that customer funds remain intact but considerable damage was done to the platform and the firm’s balance sheet.
Despite the huge exploit, CoinsPaid believes the cybercrime organization were chasing a much larger sum:
“We believe Lazarus expected the attack on CoinsPaid to be much more successful. In response to the attack, the company's dedicated team of experts has worked tirelessly to fortify our systems and minimize the impact, leaving Lazarus with a record-low reward.”
CoinsPaid filed a report with Estonian law enforcement three days after the hack to further investigate the exploit. In addition, several blockchain security firms such as Chainalysis, Match Systems and Crystal assisted in CoinsPaid’s preliminary investigation over the first few days.
The firm’s CEO, Max Krupyshev is confident that the Lazarus Group will be held accountable for their actions.
“We have no doubt the hackers won’t escape justice.”
Blockchain security firm SlowMist believes the CoinsPaid hack may be linked to two recent hacks in Atomic Wallet and Alphapo, which were exploited to the tune of $100 million and $60 million respectively.
MistTrack Update
— MistTrack️ (@MistTrack_io) July 26, 2023
Recently, the crypto community has been stirred by a sequence of incidents involving @coinspaid, @AtomicWallet, and Alphapo.
A veneer of mystery shrouds these incidents, yet there's a possibility that Lazarus might be behind them all! pic.twitter.com/ppxRk3xtUh
Online coding platform GitHub believes — with “high confidence” — that Lazarus Group is conducting a social engineering scheme targeted at workers in the cryptocurrency and cybersecurity sectors.
According to a July 26 post by cybersecurity platform Socket.Dev, Lazarus Group’s objective is to lure in these professionals and compromise their GitHub accounts with malware-infected NPM packages to infiltrate their computers.
Related: Era Lend on zkSync exploited for $3.4M in reentrancy attack
The cybersecurity platform said the first point of contact is often on a social media platform like WhatsApp, where the rapport is built before the victims are led to clone malware-laden GitHub repositories.
Socket.Dev urged software developers to review repository invitations closely before collaborating and to be cautious when abruptly approached on social media to install npm packages.
Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story
The majority of crypto companies attracted by the once favorable Estonian regulations have either abandoned or lost their licenses. According to the latest numbers released by the Baltic nation’s anti-money laundering bureau, only 100 businesses are currently authorized to provide digital-asset services. Most Estonian Licenses for Provision of Crypto-Related Services Expire A total of 389 […]
Estonia’s money laundering regulator highlighted a number of issues it found within local crypto firms, such as dodgy execs and nonsensical business plans.
Almost 400 Virtual Asset Service Providers (VASPS) have voluntarily shut down or had their authorizations revoked in Estonia following the government’s recently enhanced Terrorist Financing Prevention and anti-money laundering laws (AML) that came into effect in March.
The amended laws expanded the defined scope of VASPs, required firms to have legitimate links to Estonia, increased licensing fees, and capital and information reporting requirements, along with introducing the Financial Action Task Force Travel Rule.
According to a May 8 statement from the Estonian Financial Intelligence Unit (FIU), the amendment to the AML laws on March 15 has since seen almost 200 domestic crypto service providers voluntarily shut down.
While around 189 also had their authorizations revoked due to “non-compliance with the requirements.”
“Given the documents submitted by the service providers that have lost their authorisations, and their methods of operation and the risks involved, it can be argued that the legislator’s response with regard to the amendments to the Act, and the supervision activities both before and after the amendments, have been relevant,” noted Matis Mäeker, the Director of the Financial Intelligence Unit, adding:
“In renewing authorisations, we saw situations that would surprise every supervisor.”
Following the hefty clear-out, there were 100 active crypto firms registered in Estonia as of May 1, according to the FIU.
The FIU highlighted a number of general issues it found within the companies it forcibly shut down, particularly relating to misleading company information.
To name a few examples, some companies had registered board members and company contacts unbeknownst to the actual individuals themselves, while others companies had a number of people on the books that had falsified professional backgrounds on their resumes.
It also appears that many companies had copy and pasted identical business plans from each other, which were also found to be lacking “any logic or connection with Estonia.”
Related: Bitcoin takes flight in Liechtenstein: Minister proposes government services paid in crypto
Estonia has made a considered effort to enact strong AML laws across the board over the past few years. This is primarily due to the discovery in 2018 that around $235 billion worth of illicit capital had been laundered through the Estonian branch of Denmark megabank Danske Bank.
The ongoing war between Russia and Ukraine has also had an impact, as Estonia has pushed to “cut off revenues supporting Russia’s war machine and protect international financial systems,” via strong AML regulation as part of its partnership with the U.S.
Another factor which likely has contributed to the recently enhanced AML laws, is its membership to the European Union, therefore meaning it will soon have to implement the upcoming Markets in Crypto-Assets (MiCA) laws that are slated to come into effect in early 2025.
Under MiCA, crypto firms will be subject to stringent AML and terrorism prevention requirements.
Related: Magazine: Crypto regulation — Does SEC Chair Gary Gensler have the final say?
Bit4You suspended operations on April 26 amid CoinLoan insolvency investigation by Estonian regulators.
Belgian cryptocurrency trading platform Bit4You has suspended all operations, including withdrawals, amid an insolvency investigation of one of its key partners.
Suite à cela, nous avons immédiatement entamé plusieurs démarches pour comprendre la nature et la portée de cette situation.
— Bit4you (@Bit4you1) April 26, 2023
En savoir plus - https://t.co/wg7iHqN9jt
The company explained the freeze in a blog post, claiming it was a necessary action to protect platform users and citing regulation against CoinLoan, a partnering cryptocurrency loan service based in Estonia:
“We would like to inform you that we recently learned that one of our major service providers, Estonia-based CoinLoan, no longer had the required registration as a custodian of virtual currencies.”
Estonian regulatory authorities issued a stop order on April 24 prohibiting CoinLoan from processing or releasing assets without the expressed consent of an appointed “temporary insolvency practitioner.” This prohibits the platform from moving, releasing, or disposing of assets, or otherwise processing transactions without such permission.
Bit4You claims, as of April 26, that it has “no indication that virtual currencies held on behalf of our customers with CoinLoan will not be recoverable.”
A blog post from CoinLoan, cited by the Bit4You team in their announcement, states that the company believes it has the capability to meet its obligations:
“Our legal team has provided enough arguments to prove CoinLoan's ability to fulfill its obligations. The appointment of a provisional administrator seems to be the simplest way for the court to find a solution by allowing an independent third party to verify the financial situation of the company.”
The post also mentions that the Estonian court’s action was “unexpected” and would have an immediate effect.
Among the current list of Bit4You user and company assets locked up in the Coinloan suspension order is more than 145 Bitcoin (BTC) worth in excess of $4 million at the time of this article’s publication. Per the company’s blog post, this represents more than 81% of the organization’s total BTC assets.
Also frozen are 638,630 Cardano (ADA), 1,247,519 XRP (XRP), 1,097 Ether (ETH), and numerous other tokens.
CoinLoan has signaled its intent to appeal the decision but maintains that it must currently comply with the Estonian court’s cessation order.
