How were the 63.7 bitcoins recovered?

Taking a Shot at Virtual Currency Crime

FBI vs Hacking Group

Today was a humiliating day for hacker group Darkside, as the bitcoins it obtained in a global ransom attempt were not only devalued by the recent plunge in cryptocurrency prices, but also intercepted by the FBI in a transfer that was derided by their peers as “extremely low-tech. At the same time, this means that the unseen hand that has been threatening public safety and criminalizing the use of virtual currencies like Bitcoin has slapped itself hard in the face.

Incident

U.S. Deputy Attorney General Lisa Monaco said investigators recovered 63.7 bitcoins paid by Clonier Pipeline Transportation, or about 85 percent of the total amount paid, the Associated Press reported on July 7. The report said the bitcoins are now worth about $2.3 million (about $14.71 million) as the price of bitcoins has fallen. Monaco said in a news release, “We will continue to use all of our resources to increase our research into defending against ransomware attacks.”

How were the 63.7 bitcoins recovered?

In an FBI affidavit, law enforcement officials used a blockchain transaction monitoring tool in real time to track several transactions in Bitcoin and ultimately identify the address where the ransom was received. In addition, they obtained the private key. A private key can be simply understood as a “password”. However, no official documents or trial transcripts explain how the FBI obtained the private key.

How were the 63.7 bitcoins recovered?

Explanation of the transfer

In fact, in the documents made public by the U.S. Department of Justice, the entire process of this extortion time is detailed, and even the relevant addresses involved are basically disclosed.

From the disclosed documents, it appears that on May 8, 2021, Colonial namely transferred 75 bitcoins to the hacker’s address.

How were the 63.7 bitcoins recovered?

Although the relevant documents blocked some address information, with the on-chain analysis system of Zhongke Chain Security, we can still find the relevant addresses and transactions.

How were the 63.7 bitcoins recovered?

The other party’s

Then, the relevant bitcoins were further transferred to the new address of

How were the 63.7 bitcoins recovered?

That’s not all, the hackers made further transfers of the bitcoins in question, as well as splitting.

How were the 63.7 bitcoins recovered?

The next key is the story of the nearly 63.75 BTC, which was further transferred twice into a wallet (such a wallet includes multiple addresses created with the same private key), then the hacker went silent for a while and finally transferred all the bitcoins on the wallet, totaling 69.60422177 BTC, to a new address on May 27.

How were the 63.7 bitcoins recovered?

It could be argued that during this period of transfer, the hackers were only making ordinary transfers, which could not even be called “money laundering” and the whole process was very easy to trace, and then the hackers seemed to really start a process of splitting up the money laundering.

How were the 63.7 bitcoins recovered?

This is a typical bitcoin “chain money laundering” feature, but the process has just begun and ended, note the address XXXXdh77gls, yes, it was the bitcoins at this address that were intercepted by the FBI in the last two days, which is where we recently saw the news segment that fine-tuned the mention of “recovered 63.7 of those bitcoins” came from.

How were the 63.7 bitcoins recovered?

How was it recovered? From public information, this is not strictly a “recovery” process, it is known that the FBI intercepted the private key from the above address in North Carolina, re-imported it and took control of the bitcoin, as to whether the private key was obtained from the server or the suspect, no further information has been disclosed.

Taking a Shot at Virtual Currency Crime
The global crackdown on virtual currency crime has been ramping up in recent years. The use of virtual currencies such as Bitcoin for money laundering and extortion crimes has long been a focus of international attention. Global virtual currency money laundering crime remediation is imminent. Affected by this hacking attack, Colonial was forced to urgently shut down approximately 5,500 miles of fuel pipelines, suspending fuel supply to the east coast of the United States. The hack caused Kronil to stop oil supply for more than 10 days, and the eastern United States suffered an oil panic and a global oil price spike, causing huge economic losses.

How were the 63.7 bitcoins recovered?

This FBI ransom recovery incident also proves that virtual currency crime has not only been disrupting the financial order, it has risen to a means of crime that endangers public security.

More comprehensive and in-depth regulation of virtual currency through blockchain technology means of real-time monitoring, tracking, on-chain address anonymous penetration, on-chain data analysis identification, etc. is the way to the future development, where there is virtual currency crime, will be fired to where!

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/how-were-the-63-7-bitcoins-recovered/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-06-08 09:44
Next 2021-06-08 10:35

Related articles