The Supreme Court in Greece has ruled today that the owner of a shady Bitcoin exchange platform through which ransomware operators laundered cyber-crime money will be extradited to Russia, instead of the US or France, countries which also requested the hacker’s extradition.
The suspect at the center of this tug-of-war is Alexander Vinnik, also known under the nickname of “Mr. Bitcoin,” and the owner of the BTC-e.com cryptocurrency exchange.
US authorities shut down BTC-e in July 2017. Vinnik was arrested the same month by Greek police while vacationing in a seaside resort in the country’s northern Halkidiki region.
Also: Kelihos botnet operator jailed for account theft, ID trading in the Dark Web
The US requested Vinnik’s extradition on a case involving 21 charges related to money laundering and the operation of an unlicensed money exchange. Vinnik faced a combined maximum sentence of up to 35 years in prison, along with various fines, in the US case alone.
As soon as Vinnik’s arrest became public, Russia filed an extradition claim of their own. Russian authorities said Vinnik was also a suspected in an investigation in Russia in relation to a €9,500 ($11,000) fraud charge. Details about the case remained murky.
France filed its own extradition claim in June 2018, for involvement in “cybercrime, money laundering, and membership in a criminal organization and extortion.”
Greek judges waivered in the case at every turn and with every appeal. They initially agreed to extradite Vinnik to the US, then to France over the summer, then to Russia at the start of September.
The case eventually reached Greece’s Supreme Court, and today, it was decided that Vinnik should face charges in Russia, the suspect’s native country, and where he expressed his desire to be trialed, mainly because of the thinner charges brought against him.
Also: Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later
On the same day Greek authorities were arresting Vinnik, a team of researchers that also included Google staffers, presented findings at the Black Hat USA 2017 security conference, revealing that 95 percent of all ransomware ransom payments were cashed out and converted into fiat currency through Vinnik’s BTC-e portal.
Also on the same day, a group of Bitcoin security specialists calling themselves WizSec published the results of an investigation that linked Vinnik’s Bitcoin accounts to laundering funds stolen from the Mt. Gox exchange.
Researchers said that Vinnik was also involved in laundering funds stolen from other cryptocurrency exchanges, such as Bitcoinica, Bitfloor, and other platforms they did not name at the time.
US authorities said in an indictment that Vinnik’s platform helped launder over $4 billion in illegal funds. BTC-e’s website, before it went down, claimed to have handled over $7 billion during its lifetime.
Vinnik extradition to Russia is now in the hands of the Greek Justice Minister. The Minister can decline to sign, although, state officials rarely overrule justice systems on these decisions.