Examining Potential Links Between the Lithuanian Crypto Exchange Arrest and Indian KYC Scams

On March 12, 2025, a significant arrest took place in India that has drawn attention to the complex world of cryptocurrency-related fraud. This report investigates whether the recent arrest of Lithuanian national Aleksej Besciokov in Kerala might be connected to Know Your Customer (KYC) scams documented by Indian Reddit users. While both situations involve financial fraud, determining their relationship requires careful analysis of the available evidence, the operational methods employed in each case, and the broader context of cryptocurrency-related crimes in India.

The Arrest of Aleksej Besciokov in India

In a coordinated operation on March 12, 2025, the Central Bureau of Investigation (CBI) and Kerala Police apprehended Lithuanian national Aleksej Besciokov. He was arrested while allegedly planning to flee India, following a provisional arrest warrant issued at the request of the United States through the Ministry of External Affairs under the Extradition Act of 19624. Besciokov’s arrest represents a significant development in international efforts to combat cryptocurrency-related financial crimes.

Besciokov stands accused of establishing and administering Garantex, a Russia-based cryptocurrency exchange that allegedly facilitated extensive money laundering operations. According to US authorities, Besciokov served as Garantex’s primary technical administrator from approximately January 2019 through early 2025. During this period, the exchange allegedly processed around $96 billion in cryptocurrency transactions linked to transnational criminal organizations, including terrorist groups4. These transactions reportedly enabled various criminal activities, including hacking, ransomware attacks, terrorism, and drug trafficking, with significant impacts on victims in the United States.

The operation against Garantex was part of a broader international effort announced on March 7, 2025, involving authorities from the United States, Germany, and Finland. This coordinated action resulted in the seizure of Garantex’s domains and servers, the freezing of over $26 million in illicit funds, and criminal charges against Besciokov and another administrator, Aleksandr Mira Serda5. Despite being sanctioned by the US Treasury’s Office of Foreign Asset Control in April 2022, Garantex had continued operations, evading restrictions and processing transactions with US-based entities.

Garantex’s Operational Model

Garantex emerged in 2019 and rapidly established itself as a preferred platform for Russian cybercriminals. By 2021, the exchange had processed more than $20 billion in transactions, with a substantial portion linked to illicit activities5. The exchange’s appeal stemmed primarily from its deliberately lax know-your-customer policies and willingness to handle funds from high-risk sources, creating an environment conducive to financial crime.

According to blockchain analytics firm Chainalysis, Garantex facilitated money laundering for major criminal enterprises, including ransomware operators like Conti and darknet marketplaces such as Hydra (which was dismantled in 2022). Even after facing sanctions, Garantex reportedly continued processing more than $6 billion in transactions, including approximately $1.5 billion connected to sanctioned entities5. The exchange’s infrastructure, strategically positioned in Germany and Finland despite being headquartered in Russia, likely helped maintain its legitimacy and access to Western markets until the recent enforcement actions.

KYC Scams Reported on Indian Social Media

In January 2025, an Indian Reddit user named Ravi Singh detailed his year-long struggle against identity theft and KYC impersonation. His account describes how fraudsters acquired his Permanent Account Number (PAN) and Aadhaar information, using these credentials to secure unauthorized loans across multiple Indian financial institutions1. The fraud began with an alarming notification about changes to his Central KYC (CKYC) records, which revealed that while his name and date of birth remained unchanged, the records had been updated with a different person’s photograph, address, and phone number.

Singh reported that the impostor successfully obtained a ₹10,000 loan from KreditBee, with funds transferred to an Axis Bank account that Singh had never opened. Despite providing documentation proving his identity, filing a cybercrime report, and demonstrating the discrepancies in the loan application, Singh encountered significant resistance from KreditBee when attempting to resolve the situation1. Only after escalating the matter to the Reserve Bank of India (RBI) Ombudsman and completing an additional video KYC verification process did KreditBee finally agree to correct his records and remove the fraudulent loan from his credit report.

Singh’s experience highlights serious deficiencies in the KYC verification processes of several Indian financial institutions, including KreditBee, Axis Bank, Poonawalla Fincorp, ICICI Bank, and HDFC Bank. His account suggests that these institutions failed to detect clear inconsistencies in identity verification, enabling fraudsters to successfully impersonate legitimate customers and secure unauthorized loans1. The case underscores the vulnerability of India’s financial infrastructure to determined identity thieves, particularly when KYC processes rely heavily on documentary evidence that can be compromised.

Cryptocurrency P2P Scams in India

Additional Reddit posts from February 2024 and November 2023 describe a different but potentially related type of fraud involving peer-to-peer (P2P) cryptocurrency transactions in India. In these scenarios, victims engage in P2P trades on platforms like Binance, only to discover later that the Indian Rupees (INR) they received came from stolen funds or fraudulent transactions2. When the original victims report these unauthorized transfers, the cryptocurrency traders find their bank accounts frozen despite having completed what appeared to be legitimate transactions.

One user described conducting approximately 4,500 P2P trades worth 17 crore rupees (approximately $170 million), only to have funds frozen when a transaction was disputed2. Another commenter suggested that these situations typically arise when crypto buyers pay using someone else’s compromised bank account, essentially laundering stolen money by converting it to cryptocurrency and then cashing out through different channels. This pattern of activity creates a complex chain that complicates the recovery of stolen funds and identification of the actual perpetrators.

The cryptocurrency regulatory environment in India further complicates matters. According to Reddit discussions, Indian exchanges do not permit users to withdraw cryptocurrency to external wallets, forcing users to rely on international exchanges or P2P transactions, which create additional vulnerabilities3. This regulatory landscape, combined with inconsistent enforcement and identity verification standards, creates opportunities for sophisticated fraud schemes that span traditional banking and cryptocurrency systems.

Analyzing Potential Connections

While both the Garantex case and the documented KYC scams involve financial fraud, several important distinctions exist between these scenarios. Garantex operated primarily as a large-scale international money laundering operation, processing billions of dollars for ransomware groups, darknet markets, and sanctioned entities5. The exchange’s lax KYC policies were designed to facilitate these transactions rather than to enable the specific type of identity theft described in the Reddit posts.

In contrast, the KYC scams detailed on Reddit involve targeted identity theft aimed at securing relatively small loans from Indian financial institutions1. These operations rely on compromising India’s domestic financial infrastructure and exploiting weaknesses in how banks verify customer identities. While cryptocurrency may play a role in how these criminals monetize their activities, the primary vector of attack is the traditional banking system rather than cryptocurrency exchanges.

The P2P cryptocurrency scams described represent a third, intermediate category of fraud that shares characteristics with both the Garantex operation and the KYC loan scams. These schemes involve using stolen funds to purchase cryptocurrency, potentially as part of a money laundering process2. While Garantex could theoretically serve as a recipient exchange for cryptocurrency purchased using such methods, the search results provide no direct evidence connecting these specific Indian P2P scams to Garantex’s operations.

Geographical and Operational Considerations

Garantex was primarily Russia-based but maintained infrastructure in Germany and Finland to facilitate its operations5. While the arrest of Besciokov in India raises questions about potential connections to Indian financial crime, it may simply reflect where authorities were able to locate him rather than indicating operational ties to Indian scams. The search results do not suggest that Garantex specifically targeted Indian users or had particular infrastructure within India.

The KYC loan scams described on Reddit appear to be perpetrated by actors with intimate knowledge of India’s banking system and identification requirements1. These operations target documents specific to India (PAN and Aadhaar) and exploit relationships with Indian financial institutions. While international criminal organizations sometimes operate across multiple countries, the methods described suggest local expertise rather than the kind of global operation that Garantex represented.

What does it all mean?

Based on the available evidence, there is no direct link established between the arrest of Aleksej Besciokov for his role in the Garantex cryptocurrency exchange and the KYC scams described by Indian Reddit users. While both involve financial crime and may utilize cryptocurrency at different stages, they represent distinct operational models targeting different vulnerabilities in the financial system.

The Garantex case illustrates the challenges of regulating international cryptocurrency exchanges that deliberately position themselves to evade oversight and facilitate large-scale money laundering. The KYC scams in India demonstrate the vulnerabilities in identity verification processes within traditional financial institutions, particularly when identity documents can be compromised without biometric verification. The P2P cryptocurrency scams represent an intersection of these worlds, where traditional banking fraud meets cryptocurrency markets.

As cryptocurrency continues to evolve as both a legitimate financial tool and a vector for criminal activity, more sophisticated connections between these different forms of financial crime may emerge. Law enforcement agencies worldwide are increasingly coordinating their efforts to address these interconnected threats, as demonstrated by the multinational operation against Garantex. For Indian consumers, this highlights the importance of regularly monitoring credit reports, securing personal identification documents, and remaining vigilant for unauthorized financial activity—regardless of whether it occurs through traditional banking or cryptocurrency channels.

Citations:

1. https://www.reddit.com/r/CreditCardsIndia/comments/1i2i6tf/abandoned_by_the_banks_exposing_indias_kyc/
2. https://www.reddit.com/r/CryptoIndia/comments/1aoerti/p2p_scam/
3. https://www.reddit.com/r/CryptoIndia/comments/185xfxo/indian_crypto_exchanges_allowing_crypto/
4. https://indianexpress.com/article/india/cbi-kerala-police-arrest-lithuanian-wanted-in-us-for-cryptocurrency-fraud-9883830/
5. https://www.crowdfundinsider.com/2025/03/237226-coordinated-international-crackdown-dismantles-russian-crypto-exchange-garantex-analysis/
6. https://www.reddit.com/r/kucoin/comments/180l8ml/kyc_issue_why_does_this_feel_like_a_scam/
7. https://www.reddit.com/r/BitcoinIndia/comments/1auit7z/crypto_without_kyc/
8. https://www.cnn.com/2025/03/12/politics/india-arrests-lithuanian-crypto-exchange/index.html
9. https://www.reddit.com/r/Scams/comments/tw8rwx/changelly_the_infamous_kyc_scam/
10. https://www.bitget.com/news/detail/12560604626030
11. https://thehackernews.com/2024/09/us-sanctions-two-crypto-exchanges-for.html
12. https://www.reddit.com/r/PiNetwork/comments/1daxcpm/kyc_checks_seem_to_be_no_longer_valid_are_we/
13. https://www.reddit.com/r/CryptoIndia/
14. https://www.reddit.com/r/Crypto_com/comments/10m8bvm/check_out_the_error_message_on_the_site_of/
15. https://thehackernews.com/2025/03/thn-weekly-recap-new-attacks-old-tricks.html
16. https://www.reddit.com/r/Scams/comments/1aks7dh/kyc_fees/
17. https://www.reddit.com/r/CryptoCurrency/comments/tui60y/why_the_eu_proposal_to_kyc_self_custodial_wallets/
18. https://www.reddit.com/r/CryptoCurrency/comments/xx7yp8/dutch_bank_rabobank_asks_customer_for_indepth/
19. https://www.reddit.com/r/CryptoIndia/comments/1gtyqn6/your_crypto_is_not_safe_in_any_indian_exchange_as/
20. https://www.reddit.com/r/CryptoIndia/comments/1cjdxrn/sharing_my_p2p_scam_experience/
21. https://www.reddit.com/r/CryptoIndia/comments/1h0z4z6/tips_on_buying_crypto_in_india_and_taking_self/
22. https://www.reddit.com/r/CryptoIndia/comments/1gzcoc6/using_nonkyc_exchanges_in_india/
23. https://www.reddit.com/r/mkindia/comments/1e4j2w7/is_the_kyc_requirement_msg_from_global_morning_a/
24. https://www.reddit.com/r/CryptoIndia/comments/1i40o4n/india_is_pathetic_on_crypto/
25. https://www.reddit.com/r/CryptoIndia/comments/1ii1tnr/best_cexs_that_work_in_india_no_kyc_low_fees/
26. https://cryptobriefing.com/p2p-crypto-security-proposal/
27. https://www.reddit.com/r/CryptoIndia/comments/1bef57c/selling_crypto_in_india_without_being_tracked_by/
28. https://www.reddit.com/r/CoinBase/comments/1ba4k9d/kyc/
29. https://www.reddit.com/r/CryptoIndia/comments/1hxasmi/indian_exchange_that_allows_inr_deposits_crypto/
30. https://www.reddit.com/r/FTXOfficial/comments/1hyhdtp/is_ftx_once_again_scamming_their_clients_ftx_is/
31. https://www.reddit.com/r/CryptoIndia/comments/1dyod2u/platforms_like_onramp_are_openly_scamming_people/
32. https://www.reddit.com/r/CryptoIndia/comments/1f1mi86/non_fiu_crypto_exchanges/
33. https://www.reddit.com/r/binance/comments/olxf08/bank_of_lithuania_issued_warning_to_cryptoasset/
34. https://www.reddit.com/r/monzo/comments/18svg1y/monzo_closed_my_account_out_of_nowhere_im/
35. https://www.reddit.com/r/btc/comments/1j9zm0v/india_arrests_man_accused_of_running_96_billion/
36. https://www.reddit.com/t/cryptocurrency/
37. https://www.reddit.com/r/Revolut/comments/14cgi7r/is_revolut_good/
38. https://www.reddit.com/r/CryptoCurrency/comments/1brc7um/kyc_requirements_are_getting_worse_and_worse_over/
39. https://en.wikipedia.org/wiki/Cryptocurrency
40. https://cryptonews.com/cryptocurrency/memecoin-supercycle/
41. https://tapchibitcoin.io/?p=574344
42. https://snowfl.com
43. https://www.reddit.com/r/crime/comments/1j4bil6/eu_sanctions_russian_crypto_exchange_garantex/

Answer from Perplexity: pplx.ai/share