Eastern Europe has become a hotbed for cryptocurrency scams, according to a new analysis, with addresses in the region having a high rate of exposure to illicit transactions — second to only Africa.
A new report from Chainalysis, a blockchain forensics firm, mapped out the crypto crime landscape of Eastern Europe over the past year. Notably, a little-known billion dollar Ponzi scheme called Finiko accounted for more than half of funds in the region sent to scam addresses.
Indeed, crypto scams emanating from the region’s 290 million strong population are only dwarfed by the continent of Africa, which has a far larger estimated population — 1.3 billion people. According to the report, illegal crypto activity made up 0.5 percent of total crypto value, or more than $400 million sent and received from Eastern Europe.
With a market capitalization already at $2 trillion, half a percent of all the region’s crypto transactions is concerning to say the least, said Tyler Moffitt, a senior security analyst with Canada-based information security company, OpenText.
“Even if the market continues to rise every four or five years, illicit crypto flows should only keep growing, especially in places like Eastern Europe where cybercrime is abundant,” he added.
And the stakes are higher as scams proliferate. In the past year, the Russia-based Ponzi scheme and exit scam called Finiko dominated Eastern Europe’s illicit crypto flows. According to Chainanalysis’ report, more than 60% of all cryptocurrency sent from the region went to addresses attributed to “TheFiniko.com.”
An exit scam is a crypto-based trap whereby promoters (or founders) of an online business vanish without returning investor holdings. Well known perpetrators include the high-yield investment program and cryptocurrency, Bitconnect; and Canada-based bitcoin exchange, Quadriga, which lost $215 million of customer funds after its founder mysteriously died on his honeymoon.
More recently, an alleged $3.6 billion worth of crypto was stolen from investors who used the South Africa-based crypto platform, Africrypt.
Other major crypto scams highlighted by Chainanalysis included J-Enco, which accounted for half the illicit crypto flows in Eastern Asia, and Mirror Trading International (MTI), another South Africa-based scam that received more than 60 percent of illicit crypto flows on the continent before its founder flew the coup.
In the past year, Eastern Europe received approximately $950 million in crypto from scam addresses, and the region also sends more cryptocurrency to ‘dark net’ markets than any other. This comes largely from Hydra market, a dark web market place that caters only to users in Russian-speaking countries throughout the region.
“Think of [Hydra market] as a competitor to Uber or Amazon Fresh but with the items for sale to include guns, drugs, false IDs, or anything else you covet on the black market, much of the same way that we might have groceries delivered to us,” said Carol Alexis Chen, a partner with the global law firm Winston & Strawn. She specializes in investigating and prosecuting large-scale white collar crime.
Eastern Europe’s massive illicit volume is unsurprising to Chen. She pointed out that by creating a widely expanding market for buyers and sellers, decentralized finance (DeFi) has offered criminals new opportunities to take advantage of the social and economic fallout stemming from COVID-19.
While the majority of money flooding into crypto over the past year appears legitimate, regulators have already begun to threaten crackdowns on questionable projects that offer higher than usual gains.
On Wednesday, U.S. Securities and Exchange Commissioner Gary Gensler pointed out that the more than $2 trillion asset class is “truly global” and “could continue to be a catalyst for change in the fields of finance and money.”
But he also reiterated the need to incorporate crypto into global public policy in order to protect investors, hinting at the DeFi and stable space.
“We’ve seen a lot of frauds, scams and abuse in the field,” Gensler told an audience at the European Union’s Committee on Economic and Monetary Affairs.”We’re focused on platforms, whether it’s trading or lending.”
Later that day, the SEC charged the founder of the crypto exchange platform, BitConnect, with fraudulently raising $2 billion dollars from retail investors.
Launched in Russia in 2019 before going international the next year, Finiko once described itself as an “automated profit-generating system” on its now defunct website.
The company offered a number of haphazard investment programs such as loan repayments and discounts for buying cars or real estate. Its main deal, a supposed stablecoin called CFR, guaranteed investors a 20 to 30 percent monthly return, at a minimum payment of $1000 worth of Bitcoin or Tether.
Unlike most cryptocurrencies which are volatile, stablecoin prices don’t fluctuate. However, they can be staked for yield on DeFi platforms, such as Uniswap or SushiSwap.
“A stablecoin that guarantees to pay you 30 percent returns is not real,” said OpenText’s Moffitt. The analyst, who invests in cryptocurrency, admitted to falling prey to an Ethereum scam several years earlier.
“Anyone who buys into a scam desperately needs money. Some of Finiko’s initial investors might have even made a return, at the beginning of the Ponzi,” Moffitt said. “They might have also thought they were geniuses onto something no one else could see. That’s how they get you.”
And Chainalysis found that Finiko received more than $1.5 billion worth of cryptocurrency between December 2019 and August 2021 worldwide.
With the majority of volume coming from large and high exchanges, the scheme amounts to one of the largest crypto investment frauds perpetrated against investors, predominantly in Russian and Ukraine. This stands in stark contrast to the territory’s burgeoning ransomware industry, which often uses code that specifically restricts hurting victims within the region’s countries.
Three of Finiko’s founders were arrested by Russian authorities back in December 2020. In May, Finiko announced the launch of another cryptocurrency, FNK token. This cryptocurrency’s price and market cap varies widely based on cryptocurrency price tracking websites — but all show a massive price spike on June 17, when Finiko transferred all depositor settlements from into FNK tokens.
Withdrawal issues began in July shortly after the FNK price collapsed according to the blog, BehindMLM which tracks Ponzi schemes and multi-level marketing scams.
In July, Finiko’s main founder and Instagram Influencer, Kirill Doronin, withdrew all the company’s remaining funds from Turkey, then returned to Russia — leaving his investors on the hook for millions.
Authorities detained Doronin and put him on trial in his hometown in the Russian city of Kazan. In a Yotube video posted 5 months earlier titled, Money Now, Money Tomorrow, Money Later, Doronin explained to his audience, “no one can give us any guarantees in this world. Uncertainty is the norm. We’re open to it.”
David Hollerith covers cryptocurrency for Yahoo Finance. Follow him @dshollers.