US loses extradition battle with Russia for Bitcoin kingpin

Around 95 percent of all ransomware payments were laundered through Vinnik's BTC-e platform.
Written by Catalin Cimpanu, Contributor

The Supreme Court in Greece has ruled today that the owner of a shady Bitcoin exchange platform through which ransomware operators laundered cyber-crime money will be extradited to Russia, instead of the US or France, countries which also requested the hacker's extradition.

The suspect at the center of this tug-of-war is Alexander Vinnik, also known under the nickname of "Mr. Bitcoin," and the owner of the BTC-e.com cryptocurrency exchange.

US authorities shut down BTC-e in July 2017. Vinnik was arrested the same month by Greek police while vacationing in a seaside resort in the country's northern Halkidiki region.

Also: Kelihos botnet operator jailed for account theft, ID trading in the Dark Web

The US requested Vinnik's extradition on a case involving 21 charges related to money laundering and the operation of an unlicensed money exchange. Vinnik faced a combined maximum sentence of up to 35 years in prison, along with various fines, in the US case alone.

As soon as Vinnik's arrest became public, Russia filed an extradition claim of their own. Russian authorities said Vinnik was also a suspected in an investigation in Russia in relation to a €9,500 ($11,000) fraud charge. Details about the case remained murky.

Also: 7 tips for SMBs to improve data security TechRepublic

France filed its own extradition claim in June 2018, for involvement in "cybercrime, money laundering, and membership in a criminal organization and extortion."

Greek judges waivered in the case at every turn and with every appeal. They initially agreed to extradite Vinnik to the US, then to France over the summer, then to Russia at the start of September.

The case eventually reached Greece's Supreme Court, and today, it was decided that Vinnik should face charges in Russia, the suspect's native country, and where he expressed his desire to be trialed, mainly because of the thinner charges brought against him.

Also: Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later

On the same day Greek authorities were arresting Vinnik, a team of researchers that also included Google staffers, presented findings at the Black Hat USA 2017 security conference, revealing that 95 percent of all ransomware ransom payments were cashed out and converted into fiat currency through Vinnik's BTC-e portal.

Also on the same day, a group of Bitcoin security specialists calling themselves WizSec published the results of an investigation that linked Vinnik's Bitcoin accounts to laundering funds stolen from the Mt. Gox exchange.

Researchers said that Vinnik was also involved in laundering funds stolen from other cryptocurrency exchanges, such as Bitcoinica, Bitfloor, and other platforms they did not name at the time.

Also: Best Home Security Devices for 2018 CNET

US authorities said in an indictment that Vinnik's platform helped launder over $4 billion in illegal funds. BTC-e's website, before it went down, claimed to have handled over $7 billion during its lifetime.

Vinnik extradition to Russia is now in the hands of the Greek Justice Minister. The Minister can decline to sign, although, state officials rarely overrule justice systems on these decisions.

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

What is malware? Everything you need to know

Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

Editorial standards