Source: www.rucriminal.info
At the end of 2023, the VChK-OGPU telegram channel published a series of investigations that lifted the veil of secrecy over the beneficiaries of the Garantex exchange. Recently, Rucriminal.info introduced readers to the work of Match systems, also known as Plain chain, which position themselves as blockchain investigators. Today we have a topic in which Garantex, Match systems, former FSB employees, current investigators of the Ministry of Internal Affairs of the Russian Federation and, of course, scams for gigantic sums are intertwined.
Crypto is an area where it is very easy to deceive people, there is an incredible amount of scams and hacks, crypto is constantly stolen and it is very easy to lose it. In cases of theft, the crypto route is not tricky: first, the thief takes all the bits or tether from the victim’s wallet to his cold wallet, from where he sells the stolen goods in some exchanger. Accordingly, the thief receives real money, and the exchanger receives the stolen cryptocurrency, most often, to his exchange wallet. And this is where investigators come into play. Their task is to track where the stolen coins went, and then somehow get them out of there.
In the field of helping victims of this kind, there are some very well-known guys in narrow circles - Match Systems, aka Plain Chain, or Plain Chain (hereinafter referred to as MC). The guys are smart, they have the competence and the ability to search for cryptocurrencies, they effectively protect the interests of their clients for a decent %. But there is one significant problem: what tools do they use to achieve this? Ructiminal.info talked with representatives of one of the victims, here is his story:
“The work of the MC was carried out in a simple way: decisions of the court and the investigator, often created in Photoshop and on a color printer, were sent to the exchange (and even directly to Tether Limited). They told about a great criminal case. The legend is this: there is Vasya - his crypt was allegedly stolen, the crypt reached the exchange and settled on Petya’s account. In the resolution of the court or investigator, where this legend is set out, it is written that allegedly a criminal case has been opened on this fact, an account has been established on the exchange where the stolen coins went, and the exchange was ordered to first seize Petit’s account by court order, and then lift the seizure with the transfer funds to Vasya by order of the investigator. At the same time, it is important for the reader to remember that even if the decisions were not drawn in Photoshop, and the criminal case actually existed, the investigator does not have the right, by his decision, to transfer assets from one person to another, he can only lift the arrest and nothing more.
We do not know whether in all cases of withdrawal of funds according to such a scheme, there was initially a fact of theft of funds from a certain Vasya, but we know for certain that a significant number of decisions of courts and investigators were directly falsified. By whom and how – read on, it’s interesting.
Let's look at a specific example.
Garantex, Match Systems and document forgery. A series of bedtime stories.
In January, we were contacted by a person trading cryptocurrency on the Garantex crypto exchange. His deposit of about 25 million rubles was frozen by the exchange and support refused to explain the reasons - a common story for any crypto exchange. During a personal visit to the exchange office with our lawyer, the exchange provided Resolution of the Basmanny District Court of Moscow No. 3/1-2/2023 dated January 18, 2023 on the seizure of a deposit cryptocurrency account owned by the exchange and registered with a specific user - our principal. At the same time, the resolution immediately revealed technical errors: the deposit account of the USD Tether cryptocurrency, or USDT, in the Tron network (TRC20) did not begin with the letter with which accounts in this network begin. It began with S, and such addresses should begin with the letter T. In addition, the decree did not indicate the period of arrest and information about the owner of the account, in case it was a special entity - the investigation did not check. But the latter is a minor matter and is regularly admitted by real courts. The date of initiation, the number of the criminal case and qualifications were also indicated - part 4 of Art. 159 of the Criminal Code of the Russian Federation, fraud. Moreover, from the initiation of a criminal case to the issuance of a court order for arrest, 3 weeks passed, one and a half of which fell on the New Year holidays.
At that moment, I already had doubts about the validity of the resolution, but I was not sure. As a former investigator, I knew very well that in such a short time it is almost impossible to obtain a court order to seize a cryptocurrency account - this is, in principle, bordering on science fiction, since: a) no government agencies know how to work with cryptocurrency and do not like to work with it; b) the court ruling does not indicate the Garantex exchange that owns this deposit account, there is no indication of the owner of the account, there is no term of arrest, there is no amount of arrest in the operative part, and so on.
Clarification: anyone could check the accuracy of the Resolution immediately, in just 2 minutes. Let's go to website https://mos-gorsud.ru/rs/basmannyj/search, enter the number of the resolution 3/1-2/2023 there and follow the link https://mos-gorsud.ru/rs/basmannyj/cases/docs/content /852a0270-8b54-11ed-8108-359a2851742a we can easily download the actual resolution. This decision was made on a completely different fact and a different criminal case. I didn’t think to do this right away, because in Yekaterinburg, where I live and work, district courts do not post materials from such proceedings on the site (the sites have different engines).
On this issue, I turned to one of the Match Systems employees, whom I had previously known, and I knew that they were dealing with cases of cryptocurrency theft. He himself explained to me that they were involved in this case, represented the interests of the victims, traced the path of the stolen cryptocurrency to Garantex and helped the investigation to seize this account. Regarding the typo with the account address, he explained that it was just a technical error. He also told the story of how 400,000 USDT was stolen from a certain Vasya, that is, 400,000 US dollars or about 27 million rubles as of the date of the court ruling. A certain hacker allegedly stole funds from a certain resident of Moscow; of the allegedly stolen funds, he managed to sell - that is, sell to our client - only 150,000 USDT, or about 10 million rubles, and the remaining cryptocurrency was frozen in the cryptocurrency accounts of the thief himself through Tether Limited itself. Thus, our principal, according to Match Systems, acquired 150,000 USDT of criminal origin. At the same time, at the time of arrest, the principal’s account contained a comparable amount of about 400,000 USDT, where the remaining 250,000 USDT was the legal property of the principal.
Garantex, Match Systems and document forgery. A series of bedtime stories. Part 3.
It is worth noting that the principal had no idea about the criminal nature of the origin of the funds and had nothing to do with any theft, even if it actually took place, and therefore cannot bear financial responsibility for the actions of the mythical hacker.
It is also important to note that during the investigation it is impossible to deprive a person of property rights; only property can be seized. And the property of a witness cannot be seized indefinitely in accordance with Part 3 of Article 115 of the Code of Criminal Procedure of the Russian Federation. Property can only be deprived by a court decision, in this case by a guilty verdict against anyone. But even so, if our person is not the accused, then the court may decide to take away from him only that part of the criminal coins that he acquired. And, besides, we know very well that such cryptocurrency thefts have zero detection and never reach the point of catching the real criminal and bringing him to trial, and therefore to a court decision to take something from someone and return it to the victim .
Next, the person from Match Systems told me that he was offering the principal to voluntarily return 150,000 USDT to the victim and keep his own 250,000 USDT. Otherwise, all funds will be confiscated from him, including his own, to which the alleged victim had access. In response to my reasonable question, how can anything be taken from him before the trial, especially if he is not accused, the case is not going to trial, no one has found the real hacker, etc., I heard in response that , they say, they will solve this issue. That is, there was an obvious hint of illegal methods. I grinned, said goodbye and went digging on my own.
We appealed to the Basmanny Court with the ruling that we received at the stock exchange. A few days later, the court summoned us, and the dumbfounded judge gave a certificate stating that the court had not made such a decision. She also said that a criminal case with this number is generally being investigated under Article 111 of the Criminal Code of the Russian Federation - serious bodily injuries, and that this forgery will be dealt with by the Investigative Committee of the Russian Federation. During the same days, our lawyer in Moscow began to receive threats emanating through intermediaries from employees of the Department of Internal Affairs of the Basmanny District, and a person from Match Systems, who issued illegal ultimatums, cleaned up the correspondence with me on Telegram.
Thus, we are convinced that Match Systems is dishonest. From the words of their person that typos in the court order can be easily corrected, and funds can be written off from the account directly during the investigation, it became obvious that they have a direct connection to this. But this is not even the main evidence. The point is that without their participation, their software and knowledge, no investigators of the Basmanny Department of the Ministry of Internal Affairs would simply be able to trace the path of the stolen cryptocurrency (even if the theft actually took place) to the Garantex wallet. And we remind you that Garantex is sanctioned, does not mark its wallets and hides their addresses from monitoring services like Crystalblockchain. The Ministry of Internal Affairs of the Russian Federation officially does not have access to such systems, since they were developed by companies from unfriendly countries and are prohibited for sale in the Russian Federation (spoiler - they are still used, bypassing restrictions and copyrights, but mainly by the departments of UNK and OBK). Ordinary employees of district police departments do not have the experience and skills to using even the public service https://tronscan.org/ to monitor transactions on the Tron network, let alone the complex Crystal.
It is important to clarify that we still do not know if the original theft of cryptocurrency took place, which they told us about, but these people still have not provided any real evidence of such a fact. After the publication of the story about the arrest of investigator Shakina, representatives of Match Systems, of course, began to deny involvement - they say that the cops themselves drew something there, and they are honest crypto-investigators helping victims. Yeah, we didn’t stand with a candle, we believe.
As Rucriminal.info previously reported, Match systems fictitiously split up to hide the founders’ connection with Russian law enforcement agencies.
And finally, who are they, werewolves in uniform, who decided to get rich from the imperfections of cryptocurrency compliance systems, oversight (or collusion) of exchanges and attract investor money for this by telling tales about a successful software startup “from Singapore”.
Founders
1 Dorzhinov Ice Nikolaevich
ex-analyst at the Center for Internet Security of the FSB of the Russian Federation
lives in Dubai, UAE
co-founder of Match systems, responsible for analytics and investigations, “borrowed” databases of tagged addresses after leaving the FSB
2 Kutin (also Kutin) Andrey Olegovich
lives in Dubai, UAE
ex-operator of the Main Directorate for Drug Control of the Ministry of Internal Affairs of the Russian Federation
CEO Match systems
actively travels and attends crypto and security events on behalf of the company, is married to the daughter of a former high-ranking official involved in the oil business.
3. Georgy Rakhaev
advocate
Moscow City, Federation Tower, office 4207
co-founder and investor in Match systems, actually provides “legalization” and contacts with werewolves in uniform
current lawyer of the Moscow Region Bar Association 50/9246 (this investigation was sent to the board for a petition to revoke the license) creator of a fraudulent law firm collecting orders for Match systems
But further - more.
The next publication will contain new facts about this scam.
To be continued
Source: www.rucriminal.info