The US Department of Justice announced the detention of 40-year-old Russian citizen Anatoly Legkodymov in Miami. He lived in China, but flew to the United States for a while, where he was detained. The Florida District Court is expected to rule on Legkodymov’s arrest after the charges are filed. If found guilty, the Russian will face up to five years in prison. The agency believes that the detainee is a senior executive director and majority shareholder of Bitzlato, a crypto exchange operating around the world. According to the US Department of Justice, the site positions itself as an exchange with minimal identification of its users. The company deliberately ignored KYC (“Know Your Customer”) procedures, which is why it became a “safe haven” for criminal proceeds.
According to the Ministry of Justice, Legkodymov, nicknamed Gandalf, ran a site that processed more than $700 million from drug deals and illegal gambling on Hydra, while Bitzlato received more than $15 million from viral ransomware. The platform helped extortionists, including the Conti group, carry out transactions, the agency claims. According to U.S. Treasury Deputy Secretary Wally Adeyemo, she has ties to the Russian government and the darknet market. Conti members speak Russian and consider themselves patriots. Most often they attack structures from the USA (58.4%), Canada (7%), Great Britain (6.6%) and Germany (5.8%), Group-IB experts noted. At the same time, their attacks on Russia were not recorded.
The US Department of Justice claims that Legkodymov deliberately built the work of the platform registered in Hong Kong, ignoring the rules for identifying users. At the same time, one of the colleagues warned the founder of Bitzlato that their “client base consists of drug addicts buying substances on Hydra” and drug dealers, prosecutors say.
The authorities of France, Spain, Portugal and Cyprus have already arrested the infrastructure of the crypto exchange. They were assisted by Belgian and Dutch law enforcement officers together with Interpol. At the time of publication, the site now displays a “stub” reporting enforcement action against Bitzlato. According to the Deputy Attorney General of the United States, Lisa Monaco, the operation against Bitzlato was “a significant blow to the crypto-criminal system.”
Legkodymov was arrested on 17 January. The day before, Bitzlato reported a hack and shut down the service. Initially, the team stated that the hackers withdrew part of the funds from it, and asked not to use the service “for the duration of the proceedings.” The platform has suspended the withdrawal of money.
A few hours later, the service reported that the scammers “were able to withdraw a small part of the funds,” and guaranteed a refund to all victims. Later on January 18, the team promised to resume work “in two to three days.” In the comments on this post, the possible administrator of the Bitzlato Telegram channel on January 19 assured users that “everything will be fine, even a little better,” but did not provide details.
However, the platform team’s optimism looks strained against the backdrop of an order from the US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN). According to the agency, the leading counterparties of Bitzlato in terms of the number of bitcoins received from May 2018 to September 2022 were:
cryptocurrency exchange Binance;
darknet store Hydra;
financial pyramid “Finiko”.
The top contractors-senders included:
darknet store Hydra;
P2P platform LocalBitcoin;
financial pyramid “Finiko”.
Finiko is one of the most famous modern financial pyramids in Russia. She called herself “a system of automatic profit generation” and promised investors an income of 1 to 5% per day of the invested amount, allegedly due to competent trading. However, the Central Bank and the investigation claims that there was no trading in fact, and payments to depositors were made according to the pyramid principle – at the expense of other “investors”.
The pyramid was founded in 2019 by Kirill Doronin, Zygmunt Zygmuntovich, Edward and Marat Sabirovs. Their project ceased operation in 2021. The Ministry of Internal Affairs opened a criminal case on fraud, Doronin was detained, and Zygmuntovich and the Sabirovs were put on the wanted list. According to the investigation, over the entire existence of Finiko, more than 10 thousand investors have invested about 5 billion rubles in it.
“Approximately two-thirds of Bitzlato’s top receiving and sending counterparties are associated with darknet marketplaces or fraud,” FinCEN added. A Binance spokesperson told Cointelegraph that he “provided substantial assistance to law enforcement in this investigation.”
Chainalysis analysts reported a year ago that Bitzlato was laundering money. According to them, from 2019 to 2021, the platform received $2 billion, of which half were suspicious transactions. They also found that the Terrikon humanitarian crypto / NFT project is withdrawing funds through the platform. Its website states that the goal of the project is “to help the soldiers of Donbass.” Chainalysis found out that the office of the crypto exchange is located in the Federation Tower in Moscow City. This was confirmed by the Dossier Center blocked in Russia. According to him, the Bitzlato office is located on the 24th floor of the Federation and accepts only those who are ready to bring in cash from $100,000, including in ruble terms.
The publication noted that Bitzlato grew out of a Telegram bot created back in 2016. A bot called BTC banker allowed transactions between individuals, while he himself acts as a guarantor. The bot gained great popularity among drug users who bought cryptocurrency without verification and transferred it to Hydra wallets, Dossier writes, citing a source.
The site itself has a legal entity registered in Hong Kong – Bitzlato Limited, and the site of the exchanger is also designed for it. According to the register of companies referred to by the publication, Bitzlato Limited has three shareholders: Anatoly Legkodymov (73.4%), Anton Shkurenko (24.5%) and Sergey Shakhnov (2%). All of them come from the Krasnodar Territory, Legkodymov and Shkurenko at the end of the 2000s worked at OJSC Southern Telecommunications Company, which later joined Rostelecom.
Follow us: