Two Florida men have been arrested for operating unlicensed bitcoin exchange Coin.mx. The site runners also might have been involved in a larger criminal scheme related to a hacking attack against JPMorgan Chase a year ago.

Two men were charged with running an unlicensed bitcoin exchange Coin.mx in the United States. Yuri Lebedev and Anthony R. Murgio were arrested in Florida on 21 July, the FBI press-release states.

“Since at least late 2013, Murgio, Lebedev, and their co-conspirators have knowingly operated Coin.mx, a Bitcoin exchange service, in violation of federal anti-money laundering (“AML”) laws and regulations, including those requiring money services businesses like Coin.mx to meet registration and reporting requirements set forth by the United States Treasury Department.”

Lebedev and Murgio reportedly operated the exchange through a fraudulent front-company “Collectables Club” and a federal credit union acquired by Murgio.

Coin.mx has operated since 2013. It allowed users to buy bitcoins using credit or debit card and charged a 3.5% fee. According to the FBI, between October 2013 and January 2015, tens of thousands of customers used Coin.mx services, exchanging at least $1.8 million for bitcoins. Among the exchange clients were people who were allegedly engaged in criminal activity as well as victims of bitcoin ransomeware “Cryptowall” who bought digital currency to pay their attackers.

“In doing so, Murgio, and his co-conspirators knowingly enabled the criminals responsible for those attacks to receive the proceeds of their crimes, yet, in violation of federal anti-money laundering laws, Murgio never filed any suspicious activity reports regarding any of the transactions.”

The scheme involved Murgio transferring “hundreds of thousands of dollars” to bank accounts in Cyprus, Hong Kong, and Eastern Europe and receiving the same amount of money from bank accounts in Cyprus and the British Virgin Islands. The front-end company “Collectables Club” had its own website and pretended to be “a members-only association of individuals who discussed, bought, and sold collectable items, such as sports memorabilia”. Later Murgio obtained a beneficial control of a New Jersey-based federal credit union, which served primarily local low-income residents. Lebedev and others joined the union’s Board of Directors and transferred bitcoin exchange banking operations to the union. Such activity came to the National Credit Union Administration’s notice. The regulating body then forced Murgio’s union to cease those operations. Since then Coin.mx owners used some overseas payment processing channels.

Moreover, according to the New York Times, Lebedev’s and Murgio’s criminal activity was not limited to running an unlicensed exchange. The media reported two other people arrested in Israel and charged with running a pump-and-dump stock scheme dating back to 2011. A fifth man was charged but hasn’t been apprehended yet. That group might have been involved in a huge computer attack against JPMorgan Chase in summer 2014. The attack resulted in compromising the contact information for 83 million bank customers. According to media’s anonymous sources, no one was charged with JPMorgan hacking yet but the authorities hope that some of the defendants will seek to cooperate with the investigation providing enough evidence to file additional charges. The NYT suggests that shortly after the attack federal authorities managed to identify some of its perpetrators but did not have enough evidence to charge them. So the FBI started investigating these individuals to find any evidence of their involvement in other criminal activity and consequently discovering the pump-and-dump scheme and the illegal bitcoin exchange.

The legal status of Coin.mx has long been discussed by the bitcoin community. Some people voiced their concerns the scheme bore the marks of a scam. Bitcointalk user armenmerikyan wrote in November 2013:

“Doing money transactions in US and not registering as a Money transfer business is against Federal Law. They are messing with the biggest criminal in the world, The US government.”

According to bitcoiners who shared their experience with Coin.mx, their credit cards were charged from Baku, Azerbaijan, though the company declared to be Florida-based. These operations were disguised as children toys purchases.

Coin.mx recently provoked a scandal on Reddit by sending its users emails encouraging them to post positive reviews on popular bitcoin forums for reward. These emails were posted on Reddit, which was regarded as a manipulation and an infringement of Reddit’s rules.

The exchange despite its illegal status did not keep a low profile. This April, Coin.mx’s Ania Amador took part in a bitcoin discussion on Ron Paul’s Channel. Ron Paul, two times republican presidential candidate and a father to Rand Paul, a current bidder for White House and a bitcoin proponent, shared his interest in the digital currency in his YouTube broadcast.

As CoinFox reported, the FBI was actively investigating multiple cases regarding bitcoin ransomware attacks. The agency believes CryptoWall to be “the most current and significant ransomware threat targeting U.S. individuals and businesses”. Since April 2014 IC3 has received 992 complaints related to cryptocurrency ransomware. Victims’ estimated losses exceeded $18 million. Coin.mx might have been mentioned in some of these complaints.

Earlier this week twenty people were arrested by the Spanish police because of their involvement with a Ponzi scheme featuring the unete cryptocurrency.

Nadya Krasnushkina