Microsoft Engineer Stole $10M, Used Colleagues As Scapegoats

Volodymyr Kvashuk, a Ukrainian citizen and former Microsoft software engineer, was sentenced to nine years in prison for stealing over $10 million worth of currency stored value (CSV) including gift cards over two years.

Kvashuk used Microsoft Store test accounts while being a part of the company’s Universal Store Team (UST) to steal about $10.1 million worth of CSV from Microsoft via unauthorized simulated purchases of products according to court documents.

His scheme was discovered by Microsoft’s UST Fraud Investigation Strike Team (FIST) in February 2018, after noticing a suspicious increase of Xbox Live subscriptions bought using CSV.

Stolen CSV sold at a discount

The CSV stolen between August 26, 2016, and June 22, 2018, when he was fired (after first being a contractor and then a full employee starting with December 1, 2017) was then resold at a discounted price on online markets via at least two resellers, nokeys.com and g2a.com.

Also Read: Going Beyond DPO Meaning: Ever Heard Of Outsourced DPO?

These third parties were then able to redeem the CSV and purchase both digital and physical goods from Microsoft.

In all, Microsoft was only able to blacklist around $1.8 million in CSV from being redeemed after being sold by Kvashuk to his customers, amounting to a total financial loss of roughly $8.3 million.

Kvashuk then used the services of chipmixer.com, a bitcoin mixing service, to hide the origin of the funds he obtained after selling the stolen CSV, as well as by buying bitcoin using Xbox gift cards on the Paxful peer-to-peer cryptocurrency trading platform.

He was able to transfer roughly $2.8 million in bitcoin to his investment and bank accounts, money later camouflaged as gifts from his relatives in falsified tax return forms.

In March 2018, Kvashuk bought a Tesla vehicle for roughly $162,000, while three months later, in June 2018, Kvashuk paid around $1.675 million for a Renton lakeside house.

Colleagues used as scapegoats

After initially using his test account to illegally purchase CSV, Kvashuk switched to accounts created by some of his colleagues to hide his tracks and direct future investigations to the wrong people.

“Initially, Kvashuk stole smaller amounts totaling about $12,000 in value using his own account access,” a Department of Justice press release says.

“As the thefts escalated into millions of dollars of value, Kvashuk used test email accounts associated with other employees.”

The accounts were used to buy the largest share of stolen CSV and, after flagging them, Microsoft found no evidence that the two employees who created them were involved in any way in the unauthorized CSV purchases.

Microsoft was later able to connect Kvashuk with the three fraudulent test accounts after he used redeemed funds to buy three GeForce GTX 1070 graphics cards and had them delivered to his apartment complex via FedEx, to a different unit and under a different name.

“Kvashuk’s scheme involved lies and deception at every step. He put his colleagues in the line of fire by using their test accounts to steal CSV,” prosecutors said.

Also Read: Limiting Location Data Exposure: 8 Best Practices

“Rather than taking responsibility, he testified and told a series of outrageous lies. There is no sign that Kvashuk feels any remorse or regret for his crimes.”

Besides having to spend nine years in prison for 18 separate federal felonies related to his fraudulent scheme and being ordered to pay $8,344,586 in restitution, Kvashuk may also be deported following his prison term.