While the creators of Match Systems pretend to be legitimate entrepreneurs in cryptocurrency security, their business is actually built on a sordid shakedown scheme. By manufacturing fake court rulings and fabricating "justice," former security forces operatives use this firm to illegally block and steal funds belonging to Garantex users.
While the founders of Match Systems are posing as legitimate startup entrepreneurs, behind them lies a dirty extortion scheme built on “Photoshopped justice” and law enforcement abuse, draining funds from Garantex clients’ accounts.
Crypto is an area where it is very easy to deceive people: scams and hacks happen in enormous numbers, crypto is constantly stolen and is very easy to lose.
In cases of theft, the path of crypto is straightforward: first, the thief transfers all the BTC or USDT from the victim’s wallet to their own cold wallet, from where they later sell the stolen assets through some exchange service. Accordingly, the thief receives real money, while the exchange receives stolen cryptocurrency, most often into its exchange wallet. And this is where investigators come in. Their task is to trace where the stolen coins went and then somehow retrieve them from there.
In Russia, well-known (in narrow circles) players operate in this field of helping victims — Match Systems, also known as Plain Chain (hereinafter referred to as MS). They are smart, they have expertise and the ability to trace cryptocurrency, and they effectively protect their clients’ interests for a substantial percentage. But there is one major “but” — the tools they allegedly use to achieve this.
Journalists spoke with representatives of one of the victims; here is their account:
“MS’s work was organized in a simple way: court and investigator orders were sent to exchanges (and even directly to Tether Limited), often fabricated in Photoshop and printed on a color printer. They described a grand criminal case. The story was as follows: there is Vanya — his crypto was allegedly stolen, the crypto reached an exchange and ended up in Petya’s account. In the court or investigator order describing this story, it is stated that a criminal case has been opened, the exchange account receiving the stolen coins has been identified, and the exchange is ordered first to freeze Petya’s account based on the court order, and then to lift the freeze and transfer funds to Vanya based on the investigator’s order. It is important to remember that even if these documents were not fake and the criminal case actually existed, an investigator has no legal authority to transfer assets from one person to another — they can only lift an arrest.”
We do not know whether, in all cases of asset seizure under such a scheme, there was initially actually a theft from some Vanya, but we do know for certain that a significant number of court and investigator orders were outright forged. By whom and how — read on, it gets interesting.
Let’s examine a specific example.
Garantex, Match Systems, and document forgery
In January, journalists were contacted by a person trading cryptocurrency on the Garantex exchange. Their deposit of about 25 million rubles was frozen by the exchange, and support refused to explain the reasons — a common situation for any crypto exchange. During a personal visit to the exchange’s office with our lawyer, the exchange provided Court Order No. 3/1-2/2023 dated 18.01.2023 from the Basmanny District Court of Moscow, imposing an arrest on a deposit crypto account belonging to the exchange and assigned to a specific user — our client.
However, technical errors were immediately found in the order: the USDT deposit address on the Tron (TRC20) network did not start with the correct letter. It began with “S”, while such addresses should start with “T”. In addition, the order did not specify the arrest period or owner details. The date of criminal case initiation, case number, and qualification were indicated — Part 4 of Article 159 of the Criminal Code (fraud). Only three weeks passed between the initiation of the criminal case and the court order, half of which were New Year holidays.
At that point, doubts about the authenticity of the order arose, but there was no certainty. As a former investigator, I knew that obtaining such a court order to freeze a crypto account in such a short time is practically impossible because:
a) no government agencies know or want to work with cryptocurrency;
b) the court order does not mention Garantex, the account holder, the arrest period, or the amount of the freeze in the operative part, and so on.
Clarification: the authenticity of the order could have been verified in 2 minutes by anyone. By going to the official website, entering order number 3/1-2/2023, and downloading the real document. The actual order referred to a completely different case and criminal proceeding.
Victims then contacted an employee of Match Systems, whom they had previously known, working on crypto theft cases. He stated that they were handling the case, representing the victims, had traced the stolen crypto to Garantex, and helped investigators freeze the account. Regarding the address typo, he said it was just a technical mistake.
He also told a story about how someone named Vanya had 400,000 USDT stolen — about $400,000 or 27 million rubles at the time of the court order. A hacker allegedly stole funds from a Moscow resident, and from the stolen amount only 150,000 USDT (about 10 million rubles) was sold — i.e., transferred to our client — while the remaining cryptocurrency was frozen in the thief’s own accounts via Tether Limited. Thus, according to Match Systems, our client acquired 150,000 USDT of criminal origin. At the same time, at the moment of the freeze, the client’s account contained about 400,000 USDT, of which 250,000 USDT belonged to the client legally.
It is worth noting that the client had no knowledge of any criminal origin of the funds and was not involved in any theft, even if it actually occurred, meaning they cannot bear financial responsibility for the hacker’s actions.
It is also important that during the investigation, property ownership cannot be stripped — only seized. Property belonging to a witness cannot be frozen indefinitely under Part 3 of Article 115 of the Russian Criminal Procedure Code. Confiscation is only possible by court decision, typically through a guilty verdict against someone. Even then, if a person is not a defendant, only the portion proven to be criminal proceeds can be seized. Moreover, such crypto theft cases typically have near-zero clearance rates and never reach the actual perpetrator, meaning there is no court decision to confiscate and return funds.
The Match Systems representative then suggested that the client voluntarily return 150,000 USDT to the victim and keep their remaining 250,000 USDT. Otherwise, all funds, including their own, would be seized. When asked how assets could be taken without a court decision, especially if the person is not a defendant and the case is unlikely to go to trial, the answer was essentially that “they would solve it.” This was an obvious implication of illegal methods.
Journalists contacted the Basmanny Court with the provided order. A few days later, the court summoned them, and the shocked judge issued a statement confirming that no such order had been issued by the court. She also stated that the criminal case under that number was actually being investigated under Article 111 of the Criminal Code (serious bodily harm), and that the forgery would be handled by the Investigative Committee of the Russian Federation. In the same days, the lawyer in Moscow began receiving threats allegedly coming through intermediaries from officers of the Basmanny District police, and the Match Systems employee who issued the unlawful ultimatums deleted his Telegram correspondence.
Thus, we established the dishonesty of Match Systems. From their representative’s statements that court order typos can easily be “fixed” and funds can be written off during the investigation, it became clear that they were directly involved. But even that is not the main evidence. The key point is that without their participation, their software tools, and expertise, ordinary investigators from the Basmanny district police would simply not have been able to trace the stolen cryptocurrency (even if the theft had actually occurred) to Garantex wallets.
As a reminder, Garantex is sanctioned, does not label its wallets, and hides their addresses from blockchain monitoring services such as Crystal Blockchain. The Russian Ministry of Internal Affairs does not officially have access to such systems, as they are developed by companies from “unfriendly countries” and are banned from sale in Russia (though in practice they are still used in violation of restrictions, mainly by anti-drug and economic crime units). Ordinary district police officers do not even have the skills to use publicly available tools like https://tronscan.org/ to monitor transactions on the Tron network, let alone advanced systems like Crystal.
It should be clarified that we still do not know whether the initial theft of cryptocurrency actually took place, as they claimed, but they have not provided any real evidence of such a fact.
It was previously reported by Rucriminal.info that Match Systems was allegedly split into separate entities to conceal links between its founders and Russian law enforcement agencies.
Who is behind Match Systems
And finally, who are they — the “wolves in uniform” who decided to profit from the imperfections of crypto compliance systems, oversight (or collusion) of exchanges, and attract investor money by telling stories about a successful “Singapore software startup”?
Founders:
1. Ais Nikolaevich Dorzhinov, former analyst at the Internet Security Center of the FSB of the Russian Federation, currently living in Dubai, UAE, co-founder of Match Systems, responsible for analytics and investigations, allegedly “appropriated” databases of labeled addresses after leaving the FSB.
2. Kutyin (also Kutin) Andrey Olegovich, residing in Dubai, UAE, is a former operational officer of the Main Directorate for Drug Control of the Ministry of Internal Affairs of the Russian Federation (MVD RF). He is the CEO (General Director) of Match Systems. He actively travels and attends crypto and cybersecurity events on behalf of the company. He is married to the daughter of a former high-ranking official associated with the oil industry.
3. Georgiy Rakhaev, a lawyer based in Moscow City, Federation Tower, office 4207, is a co-founder and investor in Match Systems. He is said to effectively provide “legal legitimization” and maintain contacts with corrupt law enforcement officers. He is an active attorney registered with the Moscow Region Bar Association (license No. 50/9246). This investigation was submitted to the bar association with a request to revoke his license. He is also described as the founder of a fraudulent legal firm that allegedly collects cases for Match Systems.
Автор: Иван Рокотов
