On Wednesday, January 18, 2013, the U.S. Department of Justice (“DOJ”) unsealed a criminal complaint in the Eastern District of New York charging Russian-national Anatoly Legkodymov, a senior executive at Bitzlato Ltd. (“Bitzlato”), a cryptocurrency exchange registered in Hong Kong. Legkodymov—also known as “Gandalf” and “Tolik”—is charged with conducting an unlicensed money transmitting business that failed to comply with required controls, such as anti-money laundering requirements, and for processing and transmitting funds derived from illicit means. Legkodymov was arrested in Miami on January 17th. If convicted, Legkodymov faces a maximum of five (5) years in prison.
Institutions that trade in cryptocurrency are not above the law and their owners are not beyond our reach. As alleged, Bitzlato sold itself to criminals as a no-questions-asked cryptocurrency exchange, and reaped hundreds of millions of dollars’ worth of deposits as a result. The defendant is now paying the price for the malign role that his company played in the cryptocurrency ecosystem.
Breon Peace, U.S. Attorney
Bitzlato was a hotbed for illicit cryptocurrency. That was the exchange’s business model. It marketed itself based on its lax know-your-customer (“KYC”) requirements – “Simple Registration without KYC. Neither selfies nor passports required. Only your email needed.” Bitzlato even maintained an internal management folder that included a document that listed the pros and cons of the exchange. The document states, I quote, “Positives: No KYC. . . . Negatives: Dirty money. . . .” Even when it implemented “required” verification for new users (and I use that term loosely), Bitzlato assured existing users that the new controls did not apply to them. Even when Bitzlato did request and receive identifying information on its users, it knowingly accepted false “straw man” information – basically, forged or stolen information. Quite the business model.
The DOJ alleged that Bitzlato maintained a reciprocal relationship with the Hydra darknet marketplace, which was sanctioned in April 2022. While Hydra was active, its users exchanged approximately $700 million in cryptocurrency with Bitzlato, sometimes indirectly through mixers or other intermediaries, but oftentimes directly with the exchange. Bitzlato was well aware of this relationship, as its users frequently used the customer support chats to request help with their Hydra transactions. Users would frequently admit they were using the exchange for illicit purposes in these chats and support just did not bat an eye. Legkodymov himself stated in internal corporate chat logs that he understood most of Bitzlato’s user base were “addicts” and “drug traffickers” but he and other senior leaders urged the company to look the other way so as to not hurt revenues. A recent Chainalysis report indicated that between 2019 and 2021, nearly $1 billion in cryptocurrency received by the exchanged was considered “illicit and risky,” which represents 48% of all value of cryptocurrency on the exchange.
Furthermore, Bitzlato maintained a significant number of U.S. customers. While the exchange claimed that they did not service U.S. customers, evidence shows otherwise. Legkodymov directly received reports that suggested U.S. users were visiting the site, including 250 million visits from U.S. IP addresses in July 2022 alone. Additionally, Bitzlato’s customer support repeatedly advised its users that they could transfer funds to and from U.S. financial institutions.
This investigation stands out for its international coordination. Cybercrime is notoriously difficult for law enforcement because it operates in a realm that doesn’t necessarily adhere to traditional jurisdictional lines. Many cybercriminals inevitably commit crimes all over the world, hiding and obfuscating their actual location using various tools, while still taking harbor in jurisdictions that lack extradition treaties with the United States (typically, Russia). This is why Bitzlato could so flagrantly flout KYC laws for a while, they thought they were untouchable operating in Russia and China. All the while, the law must play in the standard bounds of sovereign jurisdiction. This requires real time coordination that can be difficult if any level of bureaucracy gets in the way. On the U.S. side, the case was jointly prosecuted by the National Security and Cybercrime Section of the EDNY and the National Cryptocurrency Enforcement Team (“NCET”). International agencies include the Cyber Division of the Paris Prosecution Office, France’s Gendarmerie Nationale Cyberspace Command, EUROPOL, and Dutch and Belgian authorities.
Funny enough, there was some blowback without the cryptocurrency community following the announcement. The morning of January 18th, the DOJ released a statement that they would be announcing “a major, international cryptocurrency enforcement action.” That announcement sparked a furor of rumors across the internet, believing that the action would be catastrophic for the industry and that it must be some well-known exchange or key infrastructure, such as a major stablecoin. Instead, most learned the name Bitzlato for the first time when they listened attentively to the live coverage later that afternoon. The announcement initially caused crypto prices to dip across the board, though most recovered quickly following the reveal.
Despite the initial eye rolls from the community, this charge is obviously completely warranted, and the DOJ should be commended for the work they did in taking down the bad actors here. Chasing down cybercriminals can be brutally difficult work and this case is especially impressive considering the international coordination required. And by the way, if you’re running a Russian cryptocurrency exchange that specializes in money laundering and caters to darknet markets, ransomware, and cybercriminals—I’m not your lawyer and this is not necessarily legal advice—but it just seems like a bad idea to come party in the United States and continue operating your illegal exchange, where you’re within jurisdiction of U.S. law enforcement. That said, please continue to do so, happy to see you behind bars.