A Russian hacker stole the identities of 22 of 75 living U.S. Congressional Medal of Honor recipients, using their pilfered personal data to buy tens of thousands of dollars worth of Apple products and luxury watches from American military exchanges, according to a Secret Service search warrant application obtained by The Daily Beast.
The hot merchandise was then shipped to at least 20 different addresses in the United States, using unwitting dupes—hired through seemingly benign online ads—who then forwarded the packages to a Moscow suburb that is home to a training academy for a Russian spy agency. In all, the scammer netted nearly $55,000 in stolen goods, in roughly 50 separate transactions, said investigators. The individual honorees whose personal information was used are not named in the filing, which was unsealed in December 2020.
The Congressional Medal of Honor is the nation’s highest military award for acts of valor, and was first awarded in 1863. The existence of the identity theft investigation had not been previously revealed.
U.S. military veterans report being victims of identity theft 76 percent more often than members of the civilian population, according to the Federal Trade Commission (FTC). Last year, the FTC received 56,451 reports of identity theft from members of the military, with a median loss to fraud of $600, roughly double the $311 lost to scammers by civilians. The investigation into the Congressional Medal of Honor identity thefts began just a few months before the April 2014 hack of the U.S. Office of Personnel Management (OPM) exposed the personal information, including Social Security numbers, of millions of troops and vets going back nearly 15 years. Authorities were unaware of the (OPM) breach until March 2015, giving the hackers about a year to operate undetected.
The Secret Service—which investigates financial crime in addition to its more well-known protective duties—first learned of the Congressional Medal of Honor ID scam in February 2014. The stolen personal data had been used to establish fraudulent lines of credit through the Army and Air Force Exchange Service (AAFES), a network of retail stores on military bases operated by the Department of Defense. Those accounts were then used to purchase pricey goods from AAFES in the honorees’ names, being shipped to roughly 20 different addresses around the United States. From there, the packages were forwarded on to Balashikha, a city about 15 miles east of Moscow. The training academy for Russia’s Federal Security Service, the successor to the KGB, is located there.
These middlemen were largely recruited through websites targeted at Russian speakers living stateside.
“Good day! My name is Maksim Znaeshev and I need energetic workers as packers,” says a job ad that appeared in January 2014. “This job is simple and at home. Your salary depends on the work done, usually it is $ 20-50 per day, depends on the number of orders in your state and the speed of your work. Only people are responsible with free 2-3 hours a day and no bad habits! Write to me by email: Maksim.Zna@gmail.com…”
Another requested resumes from applicants, and pointed out that the “work is not difficult, nothing bulky and heavy to pack is not necessary. All states except Alaska.”
Kiril Motorin, a Maryland chimney sweep, was one of those who responded. He told The Daily Beast he never spoke by phone with anyone involved, and said he never even knew the name of the person he was working for.
A Russian-speaking Israeli national, Motorin told the Secret Service agents who eventually showed up at his home that his job “was to receive packages, which mostly had different recipient names and originated from different companies, and then forward the packages” to other addresses in both the U.S. and Russia. He said he was paid $20 per package, and that all correspondence with his “employer” occurred via email.
The two established a paper trail for the fraudulently obtained products, which Motorin shared with investigators. This included copies of U.S. Postal Service receipts that Motorin used to prove to his boss that he had actually shipped the merchandise as promised. Motorin also provided the Secret Service with email correspondence sent by his overseas contact that said Motorin would be paid for his work through a PayPal account.In one message, the contact and Motorin discussed a shipment of Apple devices, which had been purchased through AAFES using a Congressional Medal of Honor recipient’s stolen identity. The gear was mailed to Motorin’s home in Maryland, and needed to be reshipped to Balashikha, the alleged scammer said.
Sometimes, Motorin was instructed to ship the packages he received to UNEOL Post, a now-defunct shipping service in Salem, New Hampshire. UNEOL’s owners, Anastasia and Sergey Bulavchenko, pleaded guilty to tax evasion in 2017 in an unrelated credit card fraud case case and reportedly moved back to Russia, where they would serve two years of probation under the terms of the deal. The Daily Beast was unable to reach the couple for comment.
Investigators were able to connect the email address used by the alleged scammer with the registrar of three Russian “carding forums,” sites on which identity thieves buy and sell stolen personal data. According to online records, the email is linked to Evgenij Veremejchik of Sim, Russia.
Veremejchik is not listed as a defendant in federal court filings, and the disposition of the Congressional Medal of Honor case is unknown.
Motorin, for his part, says he has no idea what happened after being questioned by the Secret Service.
“He spoke with me once,” he said, referring to the interviewing agent, “and that’s it.”