Menu
Browse

Cyber Threat Actor: Alexander Vinnik

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Criminal
Russia
1 incident
Profile

Alexander Vinnik, also known by the alias Mr. Bitcoin, is a threat actor whose known location is Russia. He is referenced in open-source reporting under both names when discussing activity related to digital currency infrastructure. Public sources associate him with a specific incident that occurred in early 2014, which is the primary basis for any known profile of his behavior.

In February 2014, the Bitcoin network experienced a denial-of-service campaign that relied on mutated code injections to interfere with transaction confirmation processes. The injections affected major exchanges such as Mt. Gox and Bitstamp, prompting those platforms to temporarily halt customer withdrawals. While the Bitcoin Foundation confirmed that no wallets or funds were compromised, the disruption caused inconsistent transaction processing and contributed to noticeable price declines across trading venues. Core developers subsequently worked to restore normal operation, and the episode spurred renewed regulatory discussion about oversight of virtual currencies. The impact was noted to be most pronounced for users conducting frequent transactions, as their ability to move funds was intermittently impaired.

Attribution of the 2014 denial-of-service activity to Alexander Vinnik is based on the incident being listed under his attributed activities in open-source reporting. No public sources have identified a state sponsor or criminal consortium connection for him, and his activity remains limited to the reported incident. The 2014 Bitcoin network disruption remains the most concrete example of his operational capability, illustrating the use of code injection techniques to achieve service interruption without direct financial theft.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources