A 21-year-old Ukrainian student was tortured and burned alive in Vienna after attackers forced him to reveal passwords to his crypto wallets, emptying his digital accounts before setting him on fire in his father’s Mercedes.

According to local reports, two suspects, a fellow student aged 19 and a 45-year-old Ukrainian national, fled to their home country with large amounts of cash but were arrested days later by Ukrainian authorities.

The victim, Danylo K., was the son of Kharkiv’s deputy mayor. His body was discovered on November 26 in a burned-out vehicle on Marlen-Haushofer-Weg in Vienna’s Donaustadt district after fire alarms alerted residents to the blaze around 12:30 a.m.

The charred remains were found in the back seat of a Mercedes S 350D bearing Ukrainian license plates beneath the Ostbahn railway line.

Torture Began in Hotel Garage, Ended in Flames

The attack started hours earlier in the underground parking garage of the Sofitel “SO/Vienna” hotel on Praterstraße, where the 19-year-old suspect ambushed his fellow student following a loud confrontation.

A hotel guest alerted reception after hearing the altercation, prompting police to be notified.

Passersby later noticed a large pool of blood in the stairwell leading to the parking area.

Investigators say Danylo was beaten severely in the garage before being forced into his father’s black Mercedes.

The assailants drove him to the Donaustadt location while subjecting him to extended torture to extract his crypto wallet passwords.

His teeth were knocked out during the assault as the violence escalated over several hours.

After gaining access to two crypto accounts, the attackers doused Danylo with gasoline purchased earlier from a Wagramer Strasse station.

He was set ablaze while crouched in the back seat, suffocating on his own blood and dying from head injuries and burns that consumed 80 percent of his body.

Colonel Gerhard Winkler of the State Criminal Police Office confirmed the autopsy findings indicated suffocation or heatstroke as the decisive factors. Forensic teams recovered a melted gasoline canister from the vehicle.

International Manhunt Tracked Suspects to Ukraine

Vienna police identified both suspects through surveillance footage captured at the hotel garage and the gas station where they purchased fuel canisters.

The pair crossed into Ukraine at precisely 9:07 a.m. the morning after the murder, triggering an international manhunt.

Ukrainian authorities arrested the suspects on November 29 after finding them in possession of enormous amounts of U.S. dollar bills.

Investigators believe the crypto was rapidly converted to cash following the robbery.

Austrian officials have transferred the case to Ukrainian jurisdiction, as extradition is not possible under existing agreements between the countries.

Police confirmed that Danylo’s crypto accounts were completely emptied after his murder, though authorities declined to specify the total sum stolen.

His family in Ukraine had reported him missing on November 25 after losing contact with him and discovering his digital wallets had been drained.

The wealthy student, who had been living temporarily in a luxurious apartment in Vienna’s Triiiple Tower on Landstrasse’s Danube Canal, was residing with his partner and their child at the time of his death.

Kharkiv Mayor Igor Terekhov declined to offer a detailed comment but acknowledged the tragedy, saying, “This is a human tragedy,” while noting the loss remained a family matter for his deputy.

Physical Crypto Crimes on The Rise

The murder marks Austria’s entry into a fast-escalating pattern of violent attacks targeting cryptocurrency holders worldwide.

Security researcher Jameson Lopp has documented over 60 such “wrench attacks” in 2025, representing a 169% surge since February and a 33% increase over all of 2024.

France leads global incidents with 14 confirmed cases, while violent robberies have been reported across Canada, the United States, and the United Kingdom this year.

Last week, a British Columbia court detailed a 2024 home invasion where attackers tortured a family and stole $1.6 million in crypto after demanding 200 Bitcoin.

Similar patterns emerged in an Oxford robbery where masked assailants forced victims to transfer £1.1 million in crypto during a car ambush.

Analysts attribute the surge to rising crypto values, which have made holders high-value targets for criminals.

The post 21-Year-Old Burned Alive in Austria Over Crypto Assets appeared first on Cryptonews.

The Silk Road was the first modern dark web marketplace, an online place for anonymously buying and selling illegal products and services using Bitcoin.

Ross Ulbricht created The Silk Road in 2011 and operated it until 2013 when the FBI shut it down. Its creator was eventually arrested and sentenced to life in prison.

But in a plot twist right out of a spy novel, a cyber attacker stole thousands of bitcoins from Silk Road and hid them away. It took law enforcement years to find the perpetrator. By then, the Bitcoins were worth more than $3.3 billion.

The extended law enforcement operation was difficult and complex. But ultimately, this saga set the stage for future action against darknet marketplaces.

Here’s what happened.

How Silk Road Worked

Two technologies assured anonymity for both sellers and buyers on Silk Road: The Tor network and Bitcoin. The Tor network is a browser and service that routes internet traffic through a series of servers. Each of these servers then hides the IP address so that it becomes untraceable.

Bitcoin is a digital currency created in 2009. It allows for peer-to-peer transactions without the need for a central authority, such as a bank or government. Instead, the blockchain records, secures and authenticates these transactions.

People bought and sold a wide range of products and services on the Silk Road. By 2013, however, some 70% of the purchases were drugs.

Tracing drugs shipped by mail to temporary P.O. boxes became The Silk Road’s undoing. This allowed law enforcement to arrest Ulbricht’s freelance employees and piece together the Silk Road story.

Still, the Tor network prevented law enforcement from nailing down exactly who was behind Silk Road. That was the case until an FBI agent got a lucky break. A Reddit post warned that Silk Road’s IP address had become visible online. The agent probed the claim by posting various data on Silk Road, then used software to analyze the traffic until he could expose the IP address.

After some incredible and persistent desk-jockey sleuthing, Ulbricht, who used the online nickname “Dread Pirate Roberts”, was eventually caught logged into the site from a public library. He was arrested and charged with money laundering, computer hacking crimes, conspiracy to traffic narcotics and attempted murder to silence at least five people who threatened to unmask Silk Road.

Ulbricht turned down a plea deal offering a minimum 10-year sentence, which turned out to be a big mistake. He was convicted, given five sentences, including two life sentences without parole, and fined $183 million.

Mystery of the Missing Billions

Initiated by U.S. Senator Charles Schumer, the DEA and Department of Justice conducted a long and intense investigation to find the billions in Bitcoin stolen from Silk Road before the site’s shutdown.

In 2012, a man named James Zhong created some nine Silk Road accounts anonymously. He then triggered more than 140 transactions in a way that tricked Silk Road’s withdrawal processing system into releasing around 50,000 Bitcoins into those accounts.

He exploited a flaw in the system, where he made an initial deposit, then rapidly withdrew an amount less than the deposit but made the same withdrawal many times within a second before the system could register that the account was depleted. Zhong repeated this on multiple accounts, making a total of 140 withdrawals.

Zhong then moved his ill-gotten proceeds into a range of addresses to conceal who owned and controlled the Bitcoins.

Almost five years after this theft, Zhong benefited from a hard fork coin split, where Bitcoin split into two cryptocurrencies: traditional Bitcoin and Bitcoin Cash. He converted the latter back to Bitcoin, which amounted to 3,500 Bitcoin.

He then used an exchange to convert the stolen bitcoin to dollars. This made it easy for investigators to trace the transaction. They knew he was out there somewhere and waited for him to reveal himself.

To Catch a Bitcoin Thief

After the government had been investigating the crime for a decade, they finally got tipped off when a man in Athens, Georgia, called the police to say that he was burglarized and that the thieves stole “a lot of Bitcoin”, which attracted the attention of the IRS. That man was James Zhong. 

Police raided his home and found Bitcoin hidden in a “single-board computer” stashed in a popcorn tin in Zhong’s bathroom. They also found $662,000 in cash, along with bars of gold and silver, in a floor safe. 

In November of 2021, the U.S. Attorney for the Southern District of New York announced that a law enforcement operation seized more than 50,676 Bitcoin worth an incredible $3.36 billion.

Zhong pleaded guilty to one count of wire fraud, which carries a maximum sentence of 20 years in prison. He is scheduled to be sentenced on February 22, 2023, and is currently out on bail.

How the Silk Road Affair Changed Crime and Law Enforcement

The value of the seizure, the second largest ever after the $3.6 billion in stolen crypto linked to the 2016 hack of Bitfinex, caused federal law enforcement to prioritize crypto-related crimes, adding expertise and developing methods for tracing such transactions.

To cyber criminals — and also many law-abiding citizens who shared Ulbricht’s utopian libertarian views advocating for the freedom for people to buy and sell anything they like — Ulbricht’s double life sentence without the possibility of parole was a shock and an outrage. Still, no doubt, it strongly discouraged participation in dark web sites for people within reach of Western law enforcement. It also motivated everyone involved in such marketplaces to up their security and anonymity.

The post How the Silk Road Affair Changed Law Enforcement appeared first on Security Intelligence.

Do you ever wonder if your cryptocurrency platform cashes in ransomware payments? Maybe not, but it might be worth investigating. Bitcoin-associated ransomware continues to plague companies, government agencies and individuals with no signs of letting up. And if your platform gets sanctioned, you may instantly lose access to all your funds.

What exchanges or platforms do criminals use to cash out or launder ransomware payments? And what implications does this have for people who use exchanges legitimately?

Blacklisted Exchanges and Mixers

Between 2014 and 2017, the BTC-e crypto exchange allegedly cashed out nearly 95% of all ransomware payments worldwide. Feds asserted that BTC-e ringleader Alexander Vinnik also played a role in the theft of about 800,000 bitcoin (about $400 million at the time) from the Japanese Mt. Gox exchange. Eventually, the U.S. government indicted Vinnik, who was sentenced to five years in jail. BTC-e eventually shut down, along with all its accounts. Meanwhile, many legitimate BTC-e customer account holders remained stuck in limbo.

Then came SUEX, the OTC cryptocurrency broker reportedly receiving $160 million from ransomware and other scammers. In 2021, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) placed the Russia-based broker on the Specially Designated Nationals and Blocked Persons (SDN) List. Americans are prohibited from doing business with any company on the SDN list.

More recently, the virtual currency mixer Tornado Cash was sanctioned. According to the U.S. Treasury, the mixer “has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.” A State Department spokesman said the mixer had provided “material support” to the Lazarus Group — an organization believed to work on behalf of the North Korean government. As of August 2022, the platform was also on the SDN List.

Given these incidents, how can you tell if a crypto platform is being used for nefarious purposes? What signs indicate that criminals could use your exchange, too?

Putting Things In Perspective

The reality is that malicious actors can use any financial entity for fraudulent purposes. In 2021, the illicit share of all cryptocurrency transaction volume reached an all-time low of 0.15%. Meanwhile, the UN estimates the amount of fiat money laundered globally in one year is 2 to 5% of the global GDP, or $800 billion to $2 trillion.

It’s not unheard of for criminals to use multinational banks to launder money. But if you invest in crypto and your platform gets sanctioned overnight, you might not be able to recover your coins the next day.

How Crypto Platforms Deter and Detect Illicit Activity

Three key policies can help crypto businesses to deter money laundering and ransomware payouts. When evaluating the platform you use, ask if they implement:

1. Know Your Customer (KYC). This means requiring customer verification when establishing a business relationship when a customer carries out a transaction and if required by law. Verification can include collecting customer data such as their name, address and date of birth.
2. Travel Rule. According to the Financial Action Task Force’s “Travel Rule,” crypto platforms must collect and share data on parties in transactions. The data collection threshold (transaction size) differs between countries.
3. Transaction monitoring. This includes a system for ongoing transaction monitoring to detect signs of money laundering. For example, exchanges can analyze wallet addresses and transaction hashes.

Some red flags crypto businesses look out for that might indicate money laundering include:

• Transactions of unusual size, location or pattern. For example, a sudden, large transaction between two parties with no prior connection.
• Sending cryptocurrency to darknet marketplaces, mixing services, questionable gambling sites, fraudulent exchanges and platforms with lax anti-money laundering (AML) standards. Blockchain analysis can detect the use of mixing services.
• Structuring several transactions, all just below reporting thresholds. This is how criminals break down large payouts into smaller sums.

Cryptocurrency Business Regulation

Given the ongoing cryptocurrency scams, many are calling for regulatory action. A recent DIFC Fintech conference outlined the current cryptocurrency regulatory scenario. Some of the highlights include:

• Approximately 95% of regulators have a team working on crypto regulations now.
• The crypto industry is lobbying for clear regulatory action. Regulations can have a positive effect on cryptocurrency business development.
• When global cryptocurrency exchange Binance introduced KYC verifications, more than 96% of its customer base complied.
• The SEC imposed approximately $2.35 billion in total monetary penalties against digital asset market participants in 2021.

Complex Cryptocurrency Jungle

In a recent executive order and strategy documents, President Biden pledged to support the development of cryptocurrencies and to restrict their illegal uses. But regulation often hinders innovation speed. Meanwhile, the United States continues to develop cryptocurrency policies with a global impact. These policies include sanctioning cryptocurrency exchanges, recovering ransomware payments and improving collaborative security efforts with other countries.

KYC and AML policies have been applied to U.S. cryptocurrency exchanges for years. Still, this can’t prevent actors from pivoting to exchanges in other less regulated countries that enable illicit transactions. For now, the only way to combat this is to continually monitor for platforms involved in illegal activity.

In November 2021, less than two months after the SUEX sanctions, the Treasury Department followed up with sanctions on Chatex, another Russian platform, as well as three of Chatex’s suppliers. Then, in April 2022, the Treasury Department added a third exchange operating in Russia, Garantex, to the SDN List.

Looking Ahead

So far, the efforts to fight cryptocurrency crime are all a step in the right direction. Still, no in-depth analysis has measured the overall impact of these actions on levels of crypto crime.

Sanctions and policing efforts have also been accompanied by a call to develop a U.S. central bank digital currency (CBDC). However, a CBDC collides with privacy and sovereignty issues that largely gave rise to cryptocurrencies in the first place.

Undoubtedly, no simple solutions exist for cryptocurrency-related crimes. But easy answers never existed with paper money either.

The post How to Spot a Nefarious Cryptocurrency Platform appeared first on Security Intelligence.

Cryptocurrency exchange Bitzlato, better known to the Russian-speaking segment of the market, has been taken down as part of an “international cryptocurrency enforcement action,” the U.S. Justice Department announced. The Russian owner of the platform has been arrested for his role in the alleged transmission of illicit money. Bitzlato claimed it was hacked.

US, France Hit Cryptocurrency Exchange Bitzlato, Russian Co-founder Detained in Miami

U.S. authorities have apprehended Anatoly Legkodymov, a resident of China, on charges that his Hong Kong-registered crypto trading platform, Bitzlato, processed illicit funds worth hundreds of millions of dollars. The Russian, a co-founder and majority owner of the exchange, was arrested by the FBI in Miami on Tuesday, a high-ranking official from the United States Department of Justice (DOJ) revealed.

Speaking during a press conference, Deputy Attorney General Lisa Monaco said that Justice Department agents and prosecutors, working with the U.S. Treasury Department and French law enforcement, have “disrupted Bitzlato, a China-based cryptocurrency exchange, notorious for laundering criminal proceeds from the darknet” and ransomware attacks. She also stated:

Today, the Department of Justice has dealt a significant blow to the crypto crime ecosystem.

Legkodymov is accused of operating the exchange as a “high-tech financial hub that, in his own words, catered to ‘known crooks’,” Monaco explained. She went on to allege that Bitzlato was a “crucial financial resource” for Hydra, the largest darknet market, with Russian roots, which was shut down in April, last year, by the German police with the support of U.S. agencies.

According to the DOJ, Hydra buyers funded illicit purchases from crypto accounts hosted at Bitzlato while sellers of drugs, stolen financial information and hacking tools sent criminal proceeds to accounts at the exchange, collectively amounting to $700 million in direct and indirect transfers between 2018 and 2022.

The deputy attorney general also said that the participants in the operation have engaged in a “coordinated campaign of disruption.” This included law enforcement actions in a number of European countries and the seizure of Bitzlato’s servers. By midday Wednesday, Bitzlato’s website was replaced by a notice saying that the service had been seized by French authorities, Reuters reported.

Crypto Exchange Bitzlato Claims It Was Hacked, Halts Withdrawals

Also on Wednesday, the operators of Bitzlato announced on Telegram, that the exchange had suffered a hacking attack. They told users that withdrawals had been suspended indefinitely and asked them to refrain from sending coins to the platform until the issue is resolved.

“Our service was hacked, part of the funds was withdrawn from the service,” the exchange said, noting that the attackers were able to steal a small portion of the funds without specifying the amount. It also sought to assure customers in a second message that their assets were not lost, stating:

For all victims, we guarantee a refund.

“As a security measure, we have disabled the service, we ask you not to replenish the wallets of our service until the work is restored,” Bitzlato reiterated, adding that its team was working on the problem. At the time of writing, the platform is still offline.

The hack presumably took place after on Tuesday the exchange announced maintenance scheduled for Thursday, Jan. 19, “aimed at improving the operation of the service and its security.” The notice informed users it will halt transactions between 5 and 9 a.m. Moscow time.

“We strongly recommend that you organize your work activities taking into account the amendments in order to avoid unpleasant situations,” the platform advised customers, informing them that it plans to disable deposits, withdrawals and trading.

Bitzlato launched in 2016 under the name Changebot and later became a cryptocurrency exchange offering peer-to-peer (P2P) trading services. It lists pairs of the Russian ruble with BTC, ETH, USDT, and other digital coins which can be bought and sold with a variety of payment methods.

Online crypto exchangers like Bitzlato are popular in Russia and the former Soviet space but as crypto assets are yet to be fully regulated in the region, they are often targeted by authorities across the Commonwealth of Independent States. A report recently revealed that the Belarusian judiciary has imposed a hefty fine on the operator of one such platform.

Do you expect other similar operations against crypto trading platforms in the near future? Share your thoughts on the subject in the comments section below.