The scam worked like this - setup websites that looked like known and trusted exchanges, trick people into clicking links to them, then steal their login information. Once they had that, they could log into the real exchanges and drain their wallets.According to a statement from the Ukrainian government:After stealing the victims cryptocurrency, they would cash out using exchanges which convert cryptocurrency to fiat cash, transferring the funds to bank accounts opened with other stolen identities.Ukrainian cybercrime investigators say a total of 6 fake exchange sites were created by the 4 people they arrested.