When Bitcoin burst onto the scene in 2009, Bitcoin followers hailed the cryptocurrency as a revolutionary financial instrument that could be safely transacted, decentralized and anonymous outside of the traditional financial system.
Criminals, often operating in hidden areas of the Internet, flocked to Bitcoin to conduct illegal transactions without revealing their names or locations. This digital currency quickly became popular with drug dealers and tax evaders and other criminals.
But in the recent Colonial Pipeline ransomware attack, federal officials have recovered most of the bitcoin ransoms, exposing a serious problem with bitcoins; they are not as hard to track as cybercriminals believe.
On Monday, the Justice Department announced it had tracked down 63.7 of the 75 bitcoins, equating to about $2.3 million of the $4.3 million in stolen money that Colonial Pipeline paid to the hackers, according to a report in The New York Times. The ransomware attack shut down the company’s computer systems, triggering fuel shortages and spikes in gasoline prices in many parts of the eastern United States.
The fact that federal investigators tracked the flow of ransom money through at least 23 different electronic accounts belonging to the hacker group DarkSide before accessing one account suggests that law enforcement is growing with the industry, The New York Times has learned.
That’s because the ability of cryptocurrencies to transfer money instantly without bank permission can also be used by law enforcement to track and seize criminals’ funds at the speed of the Internet.
Bitcoin is also traceable. While digital currency can be created, moved and stored outside the purview of any government or financial institution, every payment is recorded on a permanent fixed ledger called a blockchain.
This means that all bitcoin transactions are public. Anyone with access to the blockchain can view the Bitcoin ledger.
It’s digital ‘breadcrumbs,'” says Kathryn Haun, a former federal prosecutor and investor in the venture capital firm Andreessen Horowitz. With one lead, law enforcement can follow it very well.”
Ms. Horowitz added that the Justice Department seized most of the ransom money at an “alarming” rate, also thanks to the hackers’ use of cryptocurrencies. By contrast, she said, obtaining records from banks often takes months or years of paperwork and bureaucracy, especially when those bank accounts are hidden overseas.
U.S. Deputy Attorney General Lisa Monaco announced on Monday the recovery of some of Colonial Pipeline’s ransom money.
Given the public nature of the ledger, all law enforcement needs to do is figure out how to connect criminals to the digital wallets that store bitcoin, cryptocurrency experts say. To do that, authorities are likely to focus on so-called “public” and “private” keys. A public key is a string of numbers and letters that a bitcoin holder uses to transact with others, while a “private key” is used to secure the wallet and is known only to the wallet’s owner. Authorities say that tracking a user’s transaction history only requires figuring out the public key they control.
Seizing assets would require obtaining the private key, which is much more difficult. It’s unclear how federal agents obtained the DarkSide private key.
Marc Raimondi, a Justice Department spokesman, declined to say more about how the FBI seized DarkSide’s private keys. According to court documents, investigators obtained the password to one of the hackers’ bitcoin wallets, but they did not elaborate on how they did so.
Cryptocurrency experts explained to The New York Times that the F.B.I. does not appear to have relied on any potential vulnerabilities in blockchain technology and may have relied solely on traditional police work to complete the operation.
Federal agents could have seized DarkSide’s private keys by planting human spies in its network, hacking into computers that stored its private keys and passwords, or forcing the service holding its private wallet to hand over its private keys through a search warrant or other means.
If they can get the private key, then they can block the stolen money,” said Jesse Proudman, founder of cryptocurrency investment site Makara. Just putting it on the blockchain doesn’t absolve that fact.”
The FBI has partnered with several companies that specialize in tracking cryptocurrencies in digital accounts, according to the New York Times. As law enforcement agencies and banks try to stay ahead of financial crime, startups under the names TRM Labs, Elliptic and Chainalysis have blossomed, tracking cryptocurrency payments and flagging possible criminal activity.
Their technology tracks the blockchain, looking for patterns of illegal activity. It’s similar to the way Google and Microsoft identify and block emails that are spamming around.
Ari Redbord, head of legal affairs at TRM Labs, a blockchain intelligence firm that sells analytics software to law enforcement and banks, told the New York Times, “Cryptocurrencies allow us to use these tools to track money and financial flows along the blockchain in a way that we couldn’t with cash.” He previously worked at the Treasury Department as a senior advisor on financial intelligence and terrorism.
Some longtime cryptocurrency enthusiasts say the recovery of most bitcoin ransoms is a victory for the legitimacy of digital currencies. They say it will help change the negative image of bitcoin as a playground for criminals.
Hunter Horsley, CEO of cryptocurrency investment firm Bitwise Asset Management, said, “In case after case, the public is slowly being shown that bitcoin is good for law enforcement and bad for crime, which is clearly contrary to what many people have historically believed. “
Cryptocurrencies have become increasingly mainstream in recent months, and companies such as PayPal and Square have expanded their cryptocurrency services. coinbase, a startup that allows people to buy and sell cryptocurrencies, went public in April and is now valued at $47 billion. Last weekend, a Bitcoin conference in Miami drew more than 12,000 attendees, including Twitter CEO Jack Dorsey and former boxer Floyd Mayweather Jr.
As more people use bitcoin, most are accessing the digital currency through a central intermediary like a cryptocurrency exchange, in a manner similar to traditional banks. In the U.S., anti-money laundering and identity verification laws require such services to know who their customers are, creating a link between identity and account. Customers must upload proof of government identification when they sign up.
Ransomware attacks have put unregulated cryptocurrency exchanges under the microscope. Cybercriminals have flocked to thousands of high-risk exchanges in Eastern Europe that do not comply with these laws.
In the wake of this ransomware attack, some financial experts have proposed banning cryptocurrencies.
Lee Reiners, executive director of the Center for Global Financial Markets at Duke University School of Law, wrote in the Wall Street Journal, “We can live in a world with cryptocurrencies or we can live in a world without ransomware, but we can’t have both.”
Cryptocurrency experts say hackers may be trying to make their Bitcoin accounts more secure. Some cryptocurrency holders go to great lengths to store their private keys away from any connection to the Internet, in so-called “cold wallets.” Some remember the string of numbers and letters. Others write them down on paper, although these can be obtained through search warrants or special police investigations.
The only way to get the truly immutable characteristics of an asset class is to remember the keys and not have them written down anywhere,” Mr. Proudman said.
Mr. Raimondi of the Justice Department said the Colonial Pipeline ransom seizure was a special operation by federal prosecutors to recover illegally obtained cryptocurrency. He said the Justice Department has “seized many funds, amounting to hundreds of millions of dollars,” from uncustodied cryptocurrency wallets used for criminal activity.
In January, the Justice Department dismantled another ransomware group, NetWalker, which used ransomware to extort money from municipalities, hospitals, law enforcement agencies and schools.
As part of that operation, the department obtained approximately $500,000 in NetWalker’s cryptocurrency from ransomware victims.
“While these individuals believe they operate anonymously in the digital space, we have the skills and time to identify and prosecute these criminals and seize their criminal proceeds to the extent permitted by law,” Maria Chapa Lopez, then U.S. Attorney for the Middle District of Florida, said in announcing the case.
In February, the Justice Department said it had warrants to seize nearly $2 million in cryptocurrency that North Korean hackers had stolen and deposited into two different cryptocurrency exchange accounts.
Last August, the department also released a complaint stating that North Korean hackers stole $28.7 million in cryptocurrency from a cryptocurrency exchange and then laundered the proceeds through a Chinese cryptocurrency laundering service. f.b.i tracked those funds to 280 cryptocurrency wallets.
Madeleine Kennedy, a spokeswoman for Chainalysis, a startup that tracks cryptocurrency payments, said, “Cryptocurrencies are actually more transparent than most other forms of value transfer, especially when compared to cash.”
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/new-york-times-fbi-breaks-hackers-private-key-the-traditional-way-intercepts-63-7-stolen-bitcoins/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.