Cryptocurrency exchange Finance announced today that it has awarded $200,000 to investigators for providing information about attackers and for the details about how the attack was carried out in March 2018.
According to the official announcement, the US Department of Justice (DOJ) identified two individuals responsible for the attack. Following the identification, the office of Foreign Assets Control also announced sanctions related to the individuals. The attackers created phishing sites to mimic Finance and collected sensitive information including login details and then used those details to plan the attack.
Soon after the attack, Finance promised a bounty worth $250,000 for any help or information leading to the arrest of the attackers. The security team at Finance helped the law enforcement agencies by passing on the findings of the private investigator. The exchange also mentioned that it also worked with US agencies to help in the identification of suspects.
According to the US Department of Justice and the Office of Foreign Assets Control, two Russian Individuals named Danil Potekhin and Dmitri Kamasavidi are the alleged culprits of the phishing scheme.
“As a result of this cooperation, the culprits have been identified and sanctioned, and are currently being pursued. Though the suspects remain at large, we decided to award a 200,000 USD bounty to the investigators for their work, with the remaining 50,000 USD to be given once the attackers are in custody, ” the exchange mentioned in an official announcement.
Crypto users have lost millions of dollars in phishing campaigns in recent years, the exchanges around the world are stepping up the security along with awareness campaigns to stop such incidents. The US Department of Justice added that both alleged perpetrators also carried out similar attacks on other exchanges including Gemini, Poloniex, Bittertrex with a combined value of more than $17 million. The department also mentioned that approximately 566 bitcoin (with a current value of around $8.8 million) was stolen from 142 exchange users through phishing schemes and fake sites between Dec. 19, 2017, and March 2, 2018.