block chain & cryptocurrency , critical infrastructure security , cybercrime
Cryptocurrency has a reputation for being tough to trace, which is just one reason anonymity-craving criminals favor using it. In reality, however, bitcoin and other cryptocurrencies don’t make users anonymous. Thanks to the blockchain, transactions can be traced, and especially when users convert cryptocurrency to cash, law enforcement and intelligence agencies have extra opportunities to tie the transaction to an individual’s identity.
Reading: How did the fbi recover bitcoin
see also: data exchange espionage: a discussion of fraud
As with all things encryption, furthermore, sometimes law enforcement officials do not need to crack crypto or unmask bitcoin users in order to find and seize funds or solve cases. other techniques may be available (see: encrypted communications network ‘anom’ was sting operation).
for example, in what appears to be some rare good ransomware news lately, us. uu. The Justice Department announced Monday that it was able to recover 63.7 of the 75 bitcoins paid to the dark side’s ransomware-as-a-service operation by the Colonial pipeline. the private company provides about 45% of the fuel used along the East Coast, and the May attack led to public hoarding due to lack of supply. Meanwhile, CEO Joseph Blount’s decision to pay criminals the equivalent of $4.4 million put him on the congressional bench as he was called to testify before various committees this week. >
but how did the fbi recover the nearly 64 bitcoins, now worth only $2.3 million, due to fluctuations in cryptocurrencies?
“by reviewing the bitcoin public ledger, law enforcement was able to trace multiple bitcoin transfers and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the fbi has the ‘private key,'” deputy u.s. Attorney General Lisa Monaco said at a news conference on Monday.
“extortionists will never see this money”, stephanie hinds, the interim user. attorney for the northern district of california, she said at the press conference.
wallets are used to store cryptocurrency, and a private key, the equivalent of a password, is required to unlock the wallet and control the funds it stores.
officials have declined to provide further details on how exactly they obtained the key.
more clues about recovery
but pamela clegg, director of education and research at blockchain analytics firm ciphertrace, speaking at the annual digital research conference hosted by swiss digital research product reseller arina, said she knew “from a good source “that the fbi had access to the dark side bitcoin wallet via a wallet private key, found on a device that was seized by a foreign law enforcement agency before the colonial pipeline attack occurred or was will pay any ransom.
The FBI did not immediately respond to a request for comment on Clegg’s insight. however, if true, it suggests that a foreign law enforcement agency had its eyes on a suspect with ties to the dark side, or at least the money laundering part of the operation.
the fbi has rightly been touting the recovery and its implications for people addicted to cybercriminals. “You can’t hide behind cryptocurrencies,” Elvis Chan, the deputy special agent in charge of the cyber branch of the FBI field office in San Francisco, tells the Wall Street Journal.
Officials said Colonial Pipeline immediately alerted the bureau to his May 9 payment to darkside, and the exact bitcoin address he transferred the cryptocurrency to, helped the FBI recover some of the proceeds.
in an affidavit Monday in support of a search warrant filed with the u.s. northern district of california. uu. district court, an fbi special agent – name redacted – notes that the day after the colonial pipeline payment, cryptocurrency moved through at least six other bitcoin wallets. The bureau followed the flow of funds until they ended up in a wallet whose private key “is in the possession of the FBI Northern District of California,” according to the special agent.
more bitcoin seizures
This is not the first time the bureau has seized bitcoin as part of an investigation.
In January, as part of the FBI’s disruption of ransomware-as-a-service operation netwalker, the government successfully seized around $454,530 in cryptocurrency that the operation had received through ransom payments, the justice department said in a press release. , although he did not provide details on exactly how it was done. Presumably, a suspect provided private keys during the course of an investigation in an attempt to reduce the charges he was facing.
last year, u.s.a. seized over $1 billion worth of bitcoins that had eventually been linked to the notorious silk road darknet marketplace, which specialized in mail-order narcotics. In 2013, the FBI arrested Ross Ulbricht, also known as “The Dread Pirate Roberts,” with an agent who attacked Ulbricht while he was working at the Glen Park Branch Library in San Francisco so that he couldn’t turn off his computer.
In addition to a great deal of evidence, that maneuver also allowed the FBI to seize 174,000 bitcoins from Ulbricht, worth approximately $105 million at the time. The cryptocurrency was later sold at auction and Ulbricht was sentenced to life in federal prison.