OneLife, OneFraud
OneLife, OneFraud
Crypto Coins, Crypto Cult Leaders, Crypto Hackers, and Scam Judge
OneCoin
There are a lot of cryptocurrencies in the world. According to Coin Market Cap, a site which tracks prices and trading volumes, there are a hundred tokens (since they are not all “coins” I will call them “tokens” for clarity) with total value over $44 million dollars. The total value of all the tracked tokens on the site is $249 billion dollars as of this writing. That’s a lot! There are a variety of uses for cryptocurrency, and a lot of people trying to sell you on one of them, so the value of their tokens can go up.
Then there’s OneCoin. Back in 2014, a woman calling herself Dr. Ruja Ignatova came up with the idea for a cryptocurrency, and enlisted the help of a global network of marketers to promote her coin. It went on to make somewhere between 4 and 15 billion dollars for the group behind it. The problem? There wasn’t a coin. There was no blockchain. It was a complete fraud.
I’ll talk about Ignatova in the next section, for now let’s focus on OneCoin, and how it spread across the globe. Some people have called it a Ponzi scheme, and perhaps it…sort of was? In the sense that people thought they were investing in an asset that would go up in value, perhaps. Like a Ponzi scheme, the people behind it were simply taking the money from “investors” and using it to buy yachts and mansions, and to pay the marketers who brought them new investors. They would periodically give out new “coins” to their network, but that’s easy to do when you don’t actually have a blockchain or any coins. They were simply changing numbers in a database.
So, was it a Ponzi? Okay, let’s call it a Ponzi. Was it also a pyramid scheme? You bet! The key to the success of OneCoin was its vast group of “network marketers” aka MLMers who brought people in to buy “packages” of OneCoin. The marketers then got a cut of each package they sold. Some of them made millions of dollars off the deal, by leveraging the same networks they used to sell beauty products or leggings. The intrepid folks at Behind MLM have a useful write-up of the primary actors in the pyramid side of the business:
At the peak of his thievery, Ted Nuyten’s Business For Home was celebrating Parhiala’s monthly theft of over 4 million euros from OneCoin victims.
OneCoin had leader boards for its MLMers, showing how a few guys were stealing millions of Euros a month from unsuspecting marks around the globe, much of it from their “downline” or the marketers they had recruited into the network. Pyramid scheme? Yup.
Was OneCoin also a money laundering operation backed by organized crime? Hell yeah it was! The recent conviction of Mark Scott, the lawyer who helped set up a web of international shell corporations OneCoin used to launder its proceeds, tells the tale:
Scott was convicted of washing a sizable portion of that haul. He was found guilty Thursday with laundering $400 million starting in 2016. He now faces potentially up to 50 years in prison, as well as disbarment.
The money flowed through an elaborate network of fraudulent private equity investment funds and between international tax havens, from the British Virgin Islands to Ireland, to the Cayman Islands, that obfuscated their source, according to the press release.
In the process, Scott skimmed off $50 million for himself.
Fake investment funds in tax havens? Check! Co-conspirators being put in witness protection because they fear for their lives? Check:
The BBC said [Konstantin] Ignatov could be moved into the U.S. witness protection program depending on the longevity of his sentence. Court documents say individuals have come forward with threats against him.
Warnings not to use email because “Russians guys” can read them? Check:
…audio of Ruja Ignatova telling Gilbert Armenta: "Gilbert, we can get access to your emails between now and 24 hours if we want to. You cannot prevent this shit. You have to be fucking careful. What these Russian guys can do, you cannot imagine. I mean, if they can do it, everybody can do it. The only advice that you get from me, do not use emails. Do not -- like, just face-to-face or encrypted phones. Nothing else is safe. Just believe me. Please.”
To sum up, a Bulgarian woman with impressive-seeming credentials appeared on the scene out of nowhere, claiming she had a crypto coin that would yield unbelievable investment returns. She teamed up with some of the world’s most potent network marketers to sell billions of dollars’ worth of coins. When people tried to reveal OneCoin as a sham, she and her army of sycophants would form a virtual mob to silence them, giving cover for the scheme to continue. At some point the mafia appears to have become involved, perhaps to help launder the proceeds, or perhaps because they saw there was money to be made and wanted a piece. After two years, countries began cracking down and arresting members of the organization, seizing whatever funds hadn’t been funneled away. Dr Ruja remains at large, having disappeared in 2017.
I am unable to reach OneCoin’s website at this time, though their faux “marketplace” DealShaker still exists on the web. Reports from last year indicate OneCoin is still doing business in the developing world, in part because pyramid schemes can thrive in places with lax consumer protection laws and limited access to information.
Since the organization behind OneCoin started to break apart, many of its primary actors have gone elsewhere, attempting to start new coins - some of them actual crypto tokens - to cash in on the phenomenon. None appear to be all that successful, which brings us back to the central question - how did this happen? The answer may lie in the story of OneCoin’s founder. Who is Ruja Ignatova?
The Crypto Queen
Ruja Ignatova came to my attention thanks to an excellent podcast and associated article from Jaime Bartlett at the BBC. His team went on a hunt to find out why Dr Ruja disappeared in late 2017 - spoiler, the most believable theory is that she caught wind of a sealed indictment by the FBI and fled - and whether she is still alive. While this makes for good listening, it is not the story I am interested in talking about. What I want to explore is how Ignatova and OneCoin rose to such dominance, how she was able to recruit armies of true believers, and what this means for the future of online scams.
Bartlett’s podcast explores Ignatova’s past - a modest upbringing in Bulgaria and Germany. Out of nowhere, she and her father purchased an ironworks in southern Germany, running it quickly into bankruptcy and skipping town. She was eventually convicted of fraud by the government and received a suspended sentence. The nature of the deal - employees fired with no notice, documents and records destroyed in the factory - sounded like organized crime to me.
As Bitcoin and cryptocurrency surged in the early 2010s, Ignatova seized upon it as the next big thing. It wasn’t so much her creation of a coin - as I’ve said, there were hundreds in existence by 2014 - as her framing of the thing. Using some resumé fluffing, Ignatova presented OneCoin as the first coin created by an ex-finance professional. She talked up her Oxford PhD, claimed she had worked at McKinsey advising banks. Here was someone who understood how bad the banking system was, and wanted to bring financial freedom to ordinary people.
Any good scam requires a bit of luck, and Ignatova’s timing couldn’t have been better. By 2014 much of the world was still reeling from the financial crisis - especially in Europe and Africa, austerity imposed by governments had made things worse. Average citizens watched bankers get away with destroying the global economy, as they were asked to tighten their belts. Along comes a woman - when you listen to OneCoin enthusiasts describe Ignatova it sounds cult-like - who tells them that there is hope. They can become part of a movement - a family - to free the world from oppressive bankers and governments. This message played particularly well in poorer parts of Europe, China, and Africa.
Then, there was the meteoric rise of Bitcoin during these years. Ignatova rode that rocketship, promising her adherents that OneCoin would grow faster and bigger than Bitcoin. Anyone who stopped to do the math - OneCoin marketers promised buyers returns that would have made them millionaires many times over - would have realized it was impossible, but people don’t do math when they are swept up in emotion.
It was, in retrospect, the perfect combination of a charismatic evangelist, and an aggressive network of MLM kings who had spent years honing the ability to get people to buy into fads. They preyed ruthlessly on the hopelessness of people who had just survived a terrible recession, and used their lack of technical sophistication to sell them on a miracle coin that would make them rich.
How much did Ignatova know? Did she set out to build a multi-billion dollar scam selling non-existent cryptocurrency, or did she really believe she could help the poor and desperate become wealthy? Emails unearthed in the Department of Justice investigation that led to her indictment show that she knew exactly what she was doing:
On June 11, 2014, Ruja wrote to Founder-2 concerning the OneCoin business plan:
“It might not be [something] really clean or that I normally work on or even can be proud of (except with you in private when we make the money) – but … I am especially good in this very borderline cases [sic], where the things become gray – and you as the magic sales machine – and me as someone who really can work with numbers, legal and back you up in a good and professional way.
We could really make it big – like MLM meets bitch of wall street”
She emailed her co-conspirator about exit strategies:
The first option that Ruja listed was,
“Take the money and run and blame someone for this (standard approach, see Wenyard.)”
Her blockchain was…not a blockchain:
“We are building our own cryptocurrency – and would like to set up an internal exchange service for them.
We would like to be able to set the price manually and automatically and also control the traded volume.”
They never intended to allow outside control of the price or trading volume information they showed their customers:
Goals:
6. Trading coin, stable exchange, always close on a high price end of day open day with high price, build confidence – better manipulation so they (investors) are happy.
[…]
We can manipulate the exchange by simulating some volatility and intraday pricing [sic].
The damning emails go on, but what emerges is a picture of a willful conwoman, who created OneCoin with full knowledge of what she was doing.
As Bartlett and the BBC tried to rack down Ignatova, they realized she was very likely not only still alive but hiding in plain sight, likely in a European country. This speaks to a thing I talk a lot about in this newsletter - how ill-equipped law enforcement is to deal with criminal fraudsters in the digital age. Bartlett speculates that Ignatova had extensive plastic surgery, acquired a new identity, and has been able to move freely around Europe and the Middle East for years. This is probably due to the lack of tools international law enforcement agencies have - when criminals are caught, it is almost always at the airport. Ignatova’s brother was picked up at an airport in 2019, waiting to board a plane to Bulgaria. For moderately more clever (and wealthy) criminals, it is possible to slip into anonymity and move around using either false identities or private yachts and planes. Jho Low, who I’ve written about a couple times, is still on the run despite being a higher profile thief than Ignatova.
The OneCoin scam exposes the gaping holes in our global digital economy. Charismatic hucksters used to be limited by geography - now they can spread their sleazy gospel to an audience of millions, or billions. Pyramid schemes used to be constrained by overhead costs, or the complexity of putting together fake financial documents - now, a halfway competent programmer can create a website with a stock ticker and an online store and steal billions of dollars in a matter of a year or two. Law enforcement agencies simply lack jurisdiction to shut these scams down. They can go after criminals or funds located within their borders, but smart thieves can take advantage of the banking infrastructure created by the wealthy to hide their money and make off with huge sums, staying out of the reach of the cops.
This will happen again. There is no amount of digital literacy we can impart to stop this - the impulses driving people to take part in scams, pyramids, and Ponzis predate the Internet by a hundred years. Until we address the reasons people feel so desperate they cling to the promise of riches, savvy fraudsters like Ignatova will continue to prey on the weak and innocent.
In unrelated news, the BBB has released its Scam Tracker report for 2019 and cryptocurrency scams are on the rise:
Lazarus Group
This week, the Treasury Department issued sanctions against two Chinese nationals they claim were involved in a scheme to launder stolen cryptocurrency using iTunes gift cards:
Lazarus Group cyber actors used the private keys to steal virtual currencies ($250 million dollar equivalent at date of theft) from this exchange, accounting for nearly half of the DPRK’s estimated virtual currency heists that year.
Tian ultimately moved the equivalent of more than $34 million of these illicit funds through a newly added bank account linked to his exchange account. Tian also transferred nearly $1.4 million dollars’ worth of Bitcoin into prepaid Apple iTunes gift cards, which at certain exchanges can be used for the purchase of additional Bitcoin.
Yes, you’re reading that correctly. They also provided a helpful infographic:
I assume someone at Treasury got to spend a few days making that, and I support this use of my tax dollars. More people in government should be like the CPSC guy and make dank memes I can use to explain complicated financial crimes. Anyhow, someone who worked for a large cryptocurrency exchange downloaded North Korean malware and gave Lazarus Group access to all of their customer wallets. I would like to imagine people who work for crypto exchanges have better security protocols than an 80-year-old grandmother, but the reality is that, as I wrote about last week, email phishing has become highly sophisticated. If you work for a company that controls hundreds of millions of dollars’ worth of cryptocurrency, which cannot be retrieved once it’s stolen, you are absolutely going to be a prime target for hackers.
The laundering of funds through iTunes is a real cherry on top - iTunes gift cards are a favorite currency of scammers. At what point is Apple in some way liable for this? The FTC has been warning people about this for years, and Apple has a page saying it’s bad but, like, they can stop this if they want? They could make the cards easier to trace, or harder to trade? What are people buying with all these App Store dollars? I have reached out to Apple, I will report back if I learn anything.
Scam Judge??
Scam Judge:
A cursory Google search tells me there is no law against it, so I’m changing my name to President Colin for the hotel upgrades.
Short Cons
McClatchy - “CryptoMB is part of an aggressive marketing pitch and alleged global fraud scheme run through a Ukrainian telemarketing center named Milton Group. It offers investment in so-called cryptocurrencies, commodity trading and foreign currency markets.”
Vox - “Yet, while the law firm is unlikely to receive much relief from the Supreme Court, the case is likely to fundamentally alter the relationship between the president and at least some federal agencies.”
AARP - “Nearly half (47%) of U.S. adults have been targets of an impostor scam. Specifically, this study examined adults’ experiences with relationship scams (i.e., online romance scams and grandparent scams) and government impostor scams (including Census scams).”
Check Out My SoundCloud
At the request of a few people, I am experimenting with reading my newsletter each week and turning it into a pod…cast? Or something like that. Anyway, here is the audio version of this newsletter, in case you want to hear it. In the future, I will probably stick the audio at the top of the newsletter, so you don’t have to read all the way through to find it.
Happy Consumer Protection Week! Tips to scammerdarkly@gmail.com
Great article! Thank you.
Ps. It's JAMIE Bartlett (not Jeremy) ;)