Yahoo News Flashy Russian Rapper Charged With Laundering $$ For Cybercrime
A Russian rapper living in Florida is charged with working for an organized crime group known as QQAAZZ, which allegedly provided money laundering services for cybercriminals stealing from American businesses.
Maksim Boiko, 29, was in the United States for two months before the U.S. Attorney’s Office in Pittsburgh charged him with conspiracy to commit money laundering. Before the musical artist was cuffed, he shared Instagram stories from sunny Florida: sandy beaches, a swimming pool at a luxury building, and a drive through the nightlife of South Beach.
In January, a federal court unsealed the indictment against five other alleged QQAAZZ members who are also charged with conspiring to launder cyberthieves’ funds. Boiko had a “close, personal relationship with a QQAAZZ leader,” an FBI agent’s affidavit in support of the criminal complaint alleges.
Boiko’s musical alter ego appears to be “Plinofficial,” which has 1,533 monthly listeners on Spotify and operates under the label “Smells Weed Music.”
While he was allegedly laundering victims’ money in 2017, Boiko was also shooting music videos for his song “Night High.” Another 2014 music video (for “Not About Money”) was shot in front of Guangzhou International Finance Center in China, a country where Boiko is accused by authorities of concealing ill-gotten gains. In the footage, Boiko flaunted a hat with the words “Ri¢h Ambitions.”
“God bless America! Especially Florida!” Boiko posted on Twitter on Jan. 20.
“Only in America do I feel myself 100% free and safe,” Boiko tweeted in Russian on Jan. 28. “But by habit all the same I tense up at the sight of cops. They say that will pass with time.”
In February, he shared a tweet announcing the birth of his daughter. “A citizen of the USA and Russia,” he wrote. “My main pride in life. Thanks to the universe!”
Last year, Boiko’s Instagram stories showed him living the high life on a yacht, sipping Moët under blue skies. “Dom Perignon, baby,” Boiko says in another video from a seaside escape. “Cheers!”
Boiko’s case was unsealed on Monday, according to the Pittsburgh Post-Gazette, which first reported on the court filing.
Authorities say Boiko and his wife entered the U.S. via Miami in January. The alleged cybercriminal (who also went by Maxim Boyko and “gangass” online) came to America with $20,000 in U.S. currency, the affidavit says.
When interviewed by U.S. Customs and Border Protection, Boiko said “his income came from investments in Bitcoin and rental properties in Russia,” the court filing states.
Boiko allegedly conspired to commit money laundering in Pennsylvania and elsewhere from 2015 until his arrest. The affidavit includes some of Boiko’s social media photos as “evidence of Boiko’s unexplained wealth” and says the posts are “inconsistent with the practices of a legitimate business operation.”
In April 2016, Boiko shared an Instagram photo of a stack of hundred-dollar bills against a Mercedes Benz steering wheel, with a caption of "#BALLIN #SELFMADE." Another Instagram post from August 2015 displayed Chinese Yuan stacked on a table, along with a sign that says “Maksim.” The text declared: “Say My Name.”
The feds say Boiko laundered money for “significant cybercriminals” by providing access to “criminally controlled bank accounts,” where they could transfer funds siphoned from victims’ online bank accounts. Boiko is accused of converting some of that stolen money into bitcoin and other digital currency.
Boiko’s email address was used to register an account on BTC-e, a cryptocurrency exchange website shut down by law enforcement in 2017, the affidavit states. Data from the BTC-e platform allegedly revealed Boiko’s account received $387,964 worth of deposits and had withdrawn about 136 bitcoins.
The rapper’s arrest was part of an FBI probe into the QQAAZZ organized crime group, which is made up of individuals from Georgia, Bulgaria and Latvia. Since 2015, the group has allegedly opened hundreds of personal and corporate bank accounts, using shell companies, at financial institutions around the globe. The group members used these accounts to “facilitate the theft of an estimated tens of millions of dollars from victims in the United States and throughout the world,” the affidavit alleges.
Authorities say QQAAZZ’s services are advertised on Russian dark web forums like Mazafaka and Verified, and the group communicated with cyberthief clientele on encrypted Jabber messaging, using monikers including “ricrich” and “donaldtrump55.”
The cybercriminals gained access to victims’ malware-infected computers to obtain their online banking credentials, then logged into the victims’ accounts to initiate fraudulent transfers, federal prosecutors allege.
Once QQAAZZ received the stolen funds, they’d transfer the money to other bank accounts for withdrawal, or to services that converted it into cryptocurrency. The group would take a 40- to 50-percent cut for themselves, the affidavit says.
A search warrant executed on a QQAAZZ email account revealed a directory of dozens of shell companies and their bank accounts categorized by country. Some of the shell companies and bank accounts were in Bulgaria, Spain and Portugal.
On March 20, 2017, a cybercriminal known as “Moneybooster” contacted Boiko, who went by “gangass,” on the Jabber instant messaging platform and asked for a corporate account that could receive a “200-300k” wire transfer.
Minutes later, gangass provided a Hong Kong bank account. “I’ve sent around 300k,” the cyberthief said, to which gangass replied, “[G]ot you, bro!”
After the transfer was blocked by the victim’s bank, gangass allegedly provided another account for the wire days later. That attempt was also blocked by the bank for the victim, which was a business in California.
The FBI discovered numerous attempted wire transfers—and completed wire transfers—from U.S. companies to the shell company Sauvage Real LDA in Portugal, the affidavit says. In August 2018, PNC Bank in Pittsburgh reported three fraudulent transfers totaling $700,000 from a victim company based in Ohio. The bank “was able to stop this wire and did not suffer a loss,” the affidavit says.
— with additional reporting by Allison Quinn
Get our top stories in your inbox every day. Sign up now!
Daily Beast Membership: Beast Inside goes deeper on the stories that matter to you. Learn more.
