Selling cryptocurrency may result in legitimate bank clients being included in the Central Bank's fraudulent database, which may result in restrictions on transactions. As Oleg Zamiralov, head of the T-Bank ecosystem protection center, reported to RBC, starting in July 2024, banks must suspend money transfers made to details from this database for two days. Banks also have the right to completely block card and online banking transactions for their clients if their details are found on this list.

Experts interviewed by RBC-Crypto commented on the risks associated with laundering and distribution of stolen digital assets from the Bybit crypto exchange. And should Russian-speaking users of exchangers, p2p platforms and exchanges worry that they can buy assets somehow related to the hack, and what security measures can be taken.

Bybit is the second largest crypto exchange by trading volume after Binance and one of the world's largest platforms for trading crypto assets. In January 2025, it accounted for more than 6% of the world's cryptocurrency trading volume. The platform is also very popular in Russia – almost a third of Internet traffic in January 2025 came from Russia. On February 21, Bybit was hacked due to loss of control over the so-called cold wallet where Ethereum was stored. The attackers managed to steal $1.4 billion in cryptocurrency at the prices at the time of the hack.

Banks have no choice

As for the exchange of cryptocurrency for the national currency, the risks include money related to any illegal activity getting into the bank account. After all, the user's details get into the fraudulent database of the Central Bank by simply filing an application with the Ministry of Internal Affairs, indicating that funds were transferred to them by deception (fraud). All this is regulated by the norms of Law 161-FZ with amendments made in the summer of 2024, writes Andrey Tugarin, founder of the legal company GMT Legal.

“If the details have entered the Central Bank of the Russian Federation database through the Ministry of Internal Affairs, then blocking will not take long and will be carried out within a few days. In this case, access to all banks and online applications is blocked. The person is instantly left without access to all their money,” the expert noted.

And virtually any user of a cryptocurrency exchange service can end up in such a situation. As Tugarin pointed out, this can happen by submitting an application on a p2p exchanger, where the user does not actually see who can send him funds. And subsequently, he is brought to criminal proceedings as the person to whose details the money was received.

“No one is immune from this, since in the Russian Federation there is still not a single legal act that would regulate crypto exchange activities,” Tugarin said.

As Nikita Zuborev, senior analyst at the exchange service aggregator Bestchange, confirmed, among the potential risks when selling cryptocurrency for fiat money, the most dangerous is the possibility of becoming an unwitting accomplice in money laundering or a fraudulent scheme.

Exchange risks

The risks for users of p2p exchangers when buying cryptocurrencies are not that high, although they are perceived in the public consciousness as exaggerated due to the frequency of mentions of such events in various media, Zuborev said. But they should not be completely ignored either.

“If we talk about a typical p2p exchange situation on any major exchange, the risks here are not high, although they are not completely absent. However, it is very important in such places to pay attention to the history of successful transactions, the profitability of the proposed rate relative to other offers and the “age” of participation on the site. Any deviation from the norm should make you nervous,” the expert shared.

However, Tagurin believes that the risk of using p2p exchangers for Russian cryptocurrency users is very high. And now it is worth considering not only sanctions on foreign platforms, but also more carefully choosing exchangers for selling your digital assets.

“Exchangers where we do not see participants are the riskiest group of platforms. The risk of receiving “tainted” cryptocurrency is very high, since the user does not understand until the very end from which address the funds will be received. And this is the same as the user cannot conduct a preliminary check,” Tagurin comments.

Wallet and transaction marking systems are used by most crypto exchanges and other legal services. Thanks to the transparency of the blockchain, monitoring tools track the intersection of funds with sanctioned exchange services, criminal wallets or crypto mixers. If funds are received from such an address to a user's account, this increases the risk score of the cryptocurrency, and the exchange's compliance service can block the transfer. In most cases, analytical systems work in such a way that risks are distributed chronologically forward: a hack occurred – the hacker's address and all the paths of movement of the stolen funds are colored. But if the theft is not immediately discovered, the marking will be distributed retroactively. Thus, coins in the wallet of any user can suddenly become colored.

What to do

When asked how to reduce risks when using exchange platforms, experts advised users to check the addresses from which cryptocurrency will be credited and choose “trusted” services.

“The measures today are very simple – this is a preliminary check of the address from which you plan to accept cryptocurrency for cleanliness. “Digital hygiene” is trending today, friends,” Tagurin said.

The main advice given by Grigory Osipov, Director of Investigations at Shard, also boils down to “basic digital hygiene”:

“Using trusted crypto exchanges with a good reputation with mandatory compliance with KYC and AML requirements, since such services act as a kind of “verification buffer.”

Osipov added that if the counterparty does not provide the user with the address from which the payment will be made or such an address is associated with risky and illegal activities, it is better to refuse the transaction. According to the expert, the times of thrill-seekers who want to remain anonymous without undergoing any verification and without using AML providers are coming to an end.

The Aftermath of the Bybit Hack

According to Osipov, the Bybit hack, which became the largest in the history of the crypto market, will radically strengthen the regulation of cryptocurrencies in those countries where they are legalized and will directly affect the Russian market, which uses mainly foreign infrastructure.

Zuborev also notes the possibility of strengthening control over exchange services:

“Regarding the recent Bybit exchange hack situation, it could cause a small crisis in the exchange market, due to the fact that potentially such tagged cryptocurrency could end up through interaction with DEX or some exchanges without KYC, which would trigger an investigation before the exchange is completed.”

As another recommendation, Osipov suggested not to use rare cryptocurrencies for making exchanges – this is due to the fact that, theoretically, the attackers who hacked Bybit could exchange part of the stolen funds for them, and the AML provider databases do not yet support such coins.

It is not only Russian-speaking users who should be concerned, but also everyone who conducts cryptocurrency transactions, Tugarin writes. Although the main risk here is the same as before – blocking of the account with the possible reason “connection with illegal activity.”

“Therefore, for the first time after the hack, the AML systems of centralized exchanges will raise flags on the user’s acceptance of tokens directly or indirectly related to the Bybit hack,” the expert concluded.

Источник: cryptocurrency.tech