The statement of facts is linked to from the press release, and describes generally how the Feds were able to trace the stolen funds (they found a file listing private keys, after gaining access to the suspect's cloud storage)
https://www.justice.gov/opa/press-release/file/1470186/downl...
> The 2017 transfers notwithstanding, the majority of the stolen funds remained in Wallet 1CGA4s from August 2016 until January 31, 2022. On January 31, 2022, law enforcement gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage account, which had been obtained pursuant to a search warrant. The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys.
> ...The connection among the VCE 1 accounts was further confirmed upon reviewing a spreadsheet saved to LICHTENSTEIN’s cloud storage account. The spreadsheet included the log-in information for accounts at various virtual currency exchanges and a notation regarding the status of the accounts
> ...Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted
> they found a file listing private keys, after gaining access to the suspect's cloud storage
That's backwards. It's how they wrapped it all up. The real trail is pretty clearly AlphaBay 2016/2017 transactions (under gov control around that timeframe), to KYC-flagged accounts at an exchange, with a web of accounts with real info linked together past there.
If he instead started to draw NFTs, and sell it from his KYC account to his dirty wallet, could he still be convicted? What if only one out of every 100 NFTs his dirty wallet purchased was from his KYC account?
Or what if he decided to create his own crypto-currency and it just so happened that his dirty wallet was an early investor of ETH to his fund.
Seems like he could have done more to distance himself.
> Seems like he could have done more to distance himself.
Bitcoin's public ledger makes transactions into prosecution futures.
This is why it's such a poor choice for revolutionaries and funding the marginalized. You leave a permanent indelible public record in posterity that will in the course of time be de-anonymized, automatically, and traced back to you.
Is it illegal to sell your artwork at an auction, and a criminal happens to be the one to buy it? I honestly don't know.
is the onus on an artist or on an "auction house" to vet buyers. If post sale it turns out the money was fraudulent, does the artist need to pay it back?
In crypto terms. You the artist simply put a NFT up for auction at OpenSea. You the scammer happened to purchase the artwork on OpenSea. However KYC is not well enforced, enabling for money laundering between the two wallets.
It's not illegal if it's a coincidence, however, that may reasonably be probable cause for investigation, and if the investigation finds out that it's not that the criminal "just happened" to buy it but that you colluded to do that, that's a felony.
I mean art and other not easily evaluated assets are used for drug trafficking and money laundering.
Auction houses are known to be on the trick -- that is passively mainly/ they don't care and work to "pump" the prices of artwork. But of course law enforcement agencies know about it too.
It shouldn't be illegal: people should be free to buy what they want. But let's not hide behind our noses.
More simply, they might get away with it because, by and large, they're not actually laundering illegal funds, but merely using the exact same tricks to obscure all sorts of socially disreputable but not actually illegal stuff. Of course, there's a real gray area since arguably a lot of disreputable stuff should also be illegal. But by the same token, some people might genuinely want more privacy depending on their circumstances.
> is the onus on an artist or on an "auction house" to vet buyers. If post sale it turns out the money was fraudulent, does the artist need to pay it back?
No. Normally you have to return items that were stolen from someone even if you purchased them without knowing they were stolen. But money is an exception. See:
> If post sale it turns out the money was fraudulent, does the artist need to pay it back?
Maybe? IIRC, if you unknowingly buy stolen property, and they trace it to you, I think you have to surrender it to its rightful owner (without compensation from the police).
I don't think that works with money, though. I can't imagine someone who sold a house to Bernie Madoff would have to give up the proceeds of the sale years later when he is found out to have been running a Ponzi scheme.
In a closely related scenario, if you sell a kilogram of gold to a buyer who pays in counterfeited US currency, then the secret service will seize the $50,000 and you will not be compensated.
Doing business with criminals can bite you, even if you were not participating in a criminal enterprise.
I don’t think thats quite the whole story though. The feds would have no obligation to make you whole but you would almost certainly have a civil cause of action vs the buyer for the full amount, if you could ever collect. So don’t do business with people who can disappear or avoid court judgements.
> Is it illegal to sell your artwork at an auction, and a criminal happens to be the one to buy it? I honestly don't know.
Law on receiving stolen goods is vague, complex, and jurisdiction-dependent. But in some cases, if the money you get paid is "the same" money that was stolen (something that's actually much easier to show with Bitcoin, where every input to every transaction is another transaction's output), and you know about the crime, yes. See People ex Rel. Briggs v. Hanley.
It may depend on the particular country, and jurisdictions on the internet are gray areas... That said, in the US if you are paid with stolen money and then informed of that fact then you are knowingly in possession of stolen money and would have to return it. If you no longer had the money (used it to pay bills, live your life, etc) then it probably gets more complicated.
I get what you're doing here, but that's way too many steps. just because bitcoins ledger is open & transparent doesn't mean there aren't a million other privacy focused coins you could swap into leaving the trail cold.
You can walk in the river instead of trying to cover your tracks.
To be fair there are some cc* that try to address this. Apparently signal was forced to choose the relatively unknown MobileCoin exactly to avoid this problem.
> Seems like he could have done more to distance himself.
On a value system with an inherently public ledger that eventually has to hit a fiat off ramp with KYC/AML requirements? Nah. Everyone has quality opsec until they don't, and the record of your criminal activity is immutable and highly durable.
You can just sell the bitcoin for monero, then sell the monero for btc.
also, as time goes on, the proportion of btc that are "dirty" approaches 1, so these chainalysis strategies become less effective, assuming you aren't stupid enough to do some criminal act then cash out at a kyc exchange the next day from the same wallet
But are there any exchanges that swap btc for monero or eth that don’t have KYC requirements? Seems like it’d need to be off-chain somewhat, unlike uniswap.
Not unless those actors running those non-KYC exchanges are well hidden away from US extradition. Anybody who doesn't have KYC requirements in this space are risking serious prison time. People don't know it yet but the guys running Tether are going to go away for a long time. What they are doing is far worse than Liberty Reserve and Arthur still has 16 year left in his sentencing.
Morgan and Ilya appear to be the original hackers as well so on top of the money laundering sentencing which is around 10~20 years, they now have to deal with the hacking charge which appears to be a separate trial.
Morgan and Ilya aren't the only ones involved and the rest of the guys will eventually appear on DOJ website.
As far as I understand buyer and seller still have exchange information for the transaction to happen. The moment the buyer tries to use the stolen bitcoin he will have the police knocking on his door to find out where he got them from. The seller basically ends up completely at the mercy of the buyers security, with the added bonus that bisq doesn't enforce a completed transaction, so the buyer might just disappear once the goods changed hands without ever paying.
There are plenty that'd swap bitcoin (BTC) for litecoin (LTC) without KYC despite the fact that LTC can now do private transactions via MWEB. As networks integrate private Tx support, breaking the visible chain is going to be getting easier and easier.
"also, as time goes on, the proportion of btc that are "dirty" approaches 1"
I don't follow what you're saying here. Nothing stops something from being dirty multiple times, does it? So nobody might care that it could be traced back to something sketchy 5 years ago, if more immediately it's traced back to last month's crime.
Suppose he deposited it into AlphaBay and then withdrew from AlphaBay, and FBI didn't seize AlphaBay's logs. Where is the criminal immutable durable record now? There is no proof of connection between incoming and outgoing coins. Same principle with mixers.
I mean, for a recent example of how this works in practice: Polygon got whacked for like 650MM last August, but all the fiat and even stablecoin exchanges blacklisted the addresses and the guy got like 5MM “bug bounty” or whatever.
There might be prestige in some circles for taking down some dumbass Solidity coder, and some people seem to be getting some money out still (e.g. Wormhole).
But overall I’m short Trail of Bits consulting rate.
Ps not condoning the theft but I just find it strange that people with the skills to steal this much get caught using bog standard cloud storage. You'd think they could afford something better ;) Something along the lines of "you don't take notes on a criminal f** conspiracy" :)
> I just find it strange that people with the skills
people in Tech will yak-shave choosing the "correct" cypher. Then get pwned by an implementation detail like a bug in enigmail.
1) Hacking, 2) opsec and 3) tradecraft are totally different skills. The most dangerous people (to themselves) are the ones who cover only one of 3. The more advanced among them _know_ they lack in the other areas, but think they can compensate going even deeper on whatever they already know.
Anakata (guy who founded the pirate bay) hacked a bank and he is definitely some kind of genius. His idea for getting money out of the bank was to enlist a teenage thug to go to the ATM and withdraw money, which he had sent to the guy's account. Smart people do stupid shit all the time.
Why couldn't they just use a brain wallet on an offline device with no internal storage.
Keep a hand written copy of the generated passphrase laminated in some plastic in some fake plaster rock under a tree in a wood or something.
People are sometimes too busy to deal with the many details of 'perfect' opsec. In other circumstances, they hire a professional to handle it for them, but that is more difficult for criminals.
Is it me or should he have literally just gotten a hardware wallet, transferred everything to that account, then burned the old key?
Of course that txn would show up on-chain, but if you don't have possession of the private key for the first account, and no digital device has ever "seen" the hardware account then he would've been fine.
This is assuming the key piece of evidence was his private key, and he wouldn't have been prosecuted without it.
Additionally, putting your key in cloud storage sounds like the dumbest thing ever... Just memorize your seed phrase and write it down. Its 4bn for christ sake.
Yeah, a hardware wallet is good, although for a billion dollars, 100 hardware wallets would be better. Could even go so far as to split a private key into seven horcruxes using Shamir's Secret Sharing and bury them in locations around the world.
Memorizing a seed phrase leaves you vulnerable to a $5 wrench attack, I wouldn't recommend it.
> Taihuttu has two hiding spots in Europe, another two in Asia, one in South America, and a sixth in Australia.
> We aren’t talking buried treasure – none of the sites are below ground or on a remote island – but the family told CNBC the crypto stashes are hidden in different ways and in a variety of locations, ranging from rental apartments and friends’ homes to self-storage sites.
I hope this is all a decoy or else it’s the worst opsec I’ve seen since about five hours ago.
I would not want to be a friend to the sort of idiots who would say stuff like this. Having a target painted on my back as a decoy somehow makes it even worse.
You don’t need splitting the private key. Bitcoin has multisig setup. For example, you can setup your wallet such that 6 out of 10 private keys need to sign in order to transfer funds. Spread that 10 private keys out. Or 3 out of 10. Or 2 out of 5. Any n out of m.
I assume they’d get it on roughly the same basis as the warrant they got for the cloud storage.
I’m also curious what here looks like parallel construction to you - I thought the statement of facts was surprisingly mundane, but perhaps I missed some red flags?
It doesn't unless you chose something stupid like "correct horse battery staple" or "word + word + number". 7 words chosen from 1000 word dictionary password encrypted AES 256 cannot be cracked with existing technology, 8 words impossible with future tech.
That depends entirely on the hash function being used.
With a bad choice like SHA256, a 7 word passphrase could be cracked in as little as a few months with a single ASIC. The US government probably has a bunch of them already, so I think that an 8 word passphrase is already within reach for current tech.
Of course, with a real key derivation function like Argon2id, things would look much better.
Yeah, but at the end of the day these keys have to be used by human beings so the passwords were likely something practically sized and easy to use.
Especially since in general the likeliest failure mode would be the user forgetting the password to their millions of dollars worth of Bitcoin keys, followed by someone attacking the password.
This depends on the key derivation function used. PBKDF2 or BCrypt with strong enough difficulty factor makes even fairly short passwords difficult to crack. On the other hand, a straight SHA-256 hash method can be broken insanely quick with fairly long passwords.
I never really did the math before but I whacked something together real quick in Excel. At $0.30/THash BTC we can come up with some cost expectations for password lengths. Here I will use a 74 possible character password using 26 upper and lower case letters, 10 numbers and 12 symbols. Totally random of course. Using (Possible Chars ^ Password Length) as the number of combinations and guessing we will find our answer at about %50 of our guesses. (See! Super rough)
With SHA-256 it takes about $21 to crack a 6 character password.
$1500 to crack 7 characters.
$108,330 to crack 8 characters.
$7.8 million to crack 9 characters.
$561 million to crack 10 characters.
$40 billion to crack 11 characters.
$3 trillion to crack 12 characters.
$200 trillion to crack 13 characters.
Edit Note: BTC is kinda expensive per hash right now. Usually this would all be cheaper. Past 14 characters it could be 1 cent and still outrun the usual US budget for a couple years.
Random example but my passwords look something like chOf$Tyl83fhn@54R. I keep them written down because they are hard to remember. My threat model is no one. Seems so amateur to use a simple password that could be brute forced. Especially with so much on the line.
>Seems so amateur to use a simple password that could be brute forced. Especially with so much on the line.
There's selection bias going on because only dumb criminals get caught, so you only hear about the dumb opsec practices of those criminals. Conversely, you'll never hear about the opsec practices of that professional crew with perfect opsec that hacked an exchange/difi contract and disappeared into thin air.
Until the least bright member of the crew makes a mistake, gets caught, and turns in the rest. Being perfect is difficult to maintain forever, though it's possible in principle. It might require the thief to live like a grad student even though he has billions of dollars/euros worth of stolen wealth; being flashy attracts attention and if nothing else, the tax authorities.
If a person is that financially rich but still has to live like a grad student, it seems like the only point of that wealth is to rebel against the legal system. Even if one isn't caught, there's still a loss of freedom to avoid getting caught.
I haven't studied criminology, but I alternatively suppose someone who does that just doesn't think that far ahead. This likely also explains why the vast majority of people with these capabilities choose to live a life in accordance to their country's laws.
There's money laundering; have a front business and gradually mix in a bit of the illegal money and pretend it came from the business. That's how mobsters do it.
That's right; your comment brings to mind this scene where the character Saul Goodman explains money laundering in Breaking Bad (this clip is supposedly shown as part of university lectures): https://www.youtube.com/watch?v=RhsUHDJ0BFM
Or, the TLA involved have some sort of crack or acceleration procedure; the TLA say "the criminals were dumb" because the people involved can't combat that without admitting guilt, and who'd believe them. The real reason is the TLA used illegal access and tools that we wouldn't be happy they're using against the civilian population? Oh, and the people using the tools are guilty by association so they're inhibited from whistleblowing.
Or the one that stole $3.9B worth, went to great lengths to put $3.6B where it could get tracked down, but linked to somebody else. Then they took $200M and made it even harder to track down, but linked to somebody else. Then they kept $100M with insane opsec knowing that the incentive to recover it had been reduced by 90+%.
> The 2017 transfers notwithstanding, the majority of the stolen funds remained in Wallet 1CGA4s from August 2016 until January 31, 2022. On January 31, 2022, law enforcement gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage account, which had been obtained pursuant to a search warrant. The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys.
> ...The connection among the VCE 1 accounts was further confirmed upon reviewing a spreadsheet saved to LICHTENSTEIN’s cloud storage account. The spreadsheet included the log-in information for accounts at various virtual currency exchanges and a notation regarding the status of the accounts
> ...Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted