Домой United States USA — IT Why the feds took down one of Bitcoin’s largest exchanges

Why the feds took down one of Bitcoin’s largest exchanges

139
0
ПОДЕЛИТЬСЯ

An indictment paints Bitcoin exchange BTC-e as a hub of criminal activity, laundering proceeds from drug trafficking and ransomware attacks.
This week, one of Bitcoin’s largest and most notorious coin exchanges was brought down by law enforcement — and police and prosecutors are now beginning to explain why. On Thursday, the Department of Justice unsealed an indictment against Alexander Vinnik — thought to be the operator, or one of the operators of Bitcoin exchange BTC-e — charging him with 21 counts of money laundering and other related financial crimes. The counts range from operating an unlicensed money transmittal business to a variety of money laundering charges, including laundering associated with ransomware payouts and a theft from the now-defunct Mt Gox exchange. More generally, the indictment paints BTC-e as a hub of criminal activity, laundering the proceeds of everything from drug trafficking to ransomware attacks.
As some suspected, Vinnik’s alleged crimes go beyond just operating the exchange. Feds believe he played a role in the theft of more 800,000 bitcoin — about $400 million at the time — from Mt. Gox, a staggering loss that ultimately shuttered the exchange. According to the indictment, 530,000 of those bitcoin ended up passing through wallets controlled by or associated with Vinnik, although his role in the larger scheme remains unclear.
Read more from The Verge: Tesla Model 3 first drive: this is the car that Elon Musk promised YouTube wants to fix its awkward relationship with the music industry Saturn’s moon Titan has a key ingredient that could be used to cook up life
Vinnik himself is in custody, arrested while on vacation in Greece, but the Bitcoin world is still sorting through the larger implications of his arrest. BTC-e was one of the last major exchanges outside the reach of conventional finance, and now that it’s gone, it’s unclear what might replace it. There are many legitimate uses of Bitcoin, but Bitcoin transactions have also become essential for online crime — whether it’s ransomware or Silk-Road-style online marketplaces. There will continue to be demand for exchanges like BTC-e, and with feds directly targeting exchanges that don’t play by the book, the split between the two halves of Bitcoin is becoming starker and starker.
BTC-e, founded in 2011, always stood out as an anomaly among the major Bitcoin exchanges. Even a cursory look at BTC-e flagged it as a little strange. «Their exchange prices always seemed weird and out of line with every other exchange, and I had wondered why, » Matthew Green, a professor at Johns Hopkins University told The Verge in an email.
Nicholas Weaver wrote at Lawfare that BTC-e was noted for its «sketchy ownership and control.» The exchange was supposedly located in Eastern Europe, but there were no clues as to who ran it — until now.
But the big surprise in the indictment is how closely tied BTC-e is to a massive theft at Mt. Gox, one that eventually bankrupted the exchange in 2014. Founded in 2010, Mt. Gox dominated the Bitcoin world for years, at one point processing 80 percent of all bitcoin-to-currency transactions. Mt. Gox first suffered a multimillion-dollar theft in June 2011. When the exchange collapsed in 2014, the equivalent of nearly half a billion dollars was unaccounted for.
On Wednesday, in the wake of the arrest of Vinnik, WizSec published a blogpost presenting the findings of an investigation into the Mt. Gox thefts that they have apparently been preparing for years. According to WizSec, the Mt. Gox hot wallet private keys were stolen sometime in 2011, and the hacker (or multiple hackers) continued to steal bitcoin through 2012 and 2013. The bitcoin were laundered through wallets controlled by Alexander Vinnik. The indictment claims that 300,000 bitcoin were stolen from Mt. Gox went directly to three connected BTC-e accounts «directly linked» to «BTC-e administrative accounts» that only BTC-e admins and operators could have had access to. At least one of the accounts — under the name «Vamnedam» — was controlled by Vinnik and «others known and unknown.» (The «others known» are either not named in the indictment or have been redacted from the published document.)
More bitcoin from the theft were sent to other Mt. Gox wallets and wallets at a third exchange — the now-defunct Tradehill, which operated out of San Francisco, California. From there, they eventually ended up at BTC-e, in an account that was directly controlled by Vinnik.
WizSec also claims that the wallets that laundered Mt. Gox coins also handled «coins stolen from Bitcoinica, Bitfloor and several other thefts from back in 2011 and 2012.»
It’s not clear whether Vinnik was directly involved in the Mt. Gox theft, or how close he is to any of those previous thefts, or even the CryptoWall ransomware hackers whose funds he is accused of laundering. But when it comes to Mt. Gox, at least, BTC-e’s proximity to the theft is fairly suspicious.
While the Mt. Gox allegations are the most eye-catching, many of the charges that brought down BTC-e allege more straightforward money laundering. The very first count listed in the indictment is for operating an unlicensed money-transmitting business: a criminal charge based on failing to register with FinCEN, an intelligence network that’s mandatory for all financial companies dealing with US customers.
Participating in FinCEN comes with a range of requirements, from registration to internal anti-money laundering programs. Since 2013, it’s been clear that Bitcoin exchanges had to follow those same rules, and for the most part, exchanges have complied — and prosecutors haven’t been shy about filing charges against services that don’t. In recent years, BTC-e has been the largest Bitcoin exchange not registered with FinCEN, a distinction that made it an obvious target for law enforcement, even without Vinnik’s alleged Mt. Gox involvement.
«Anybody who thought about this for a second understood that law enforcement was working on a case against BTC-e, » said Jerry Brito, executive director of Coin Center. «The question was just whether the government would catch them.»
Where other counts in the indictment focus on money transfers linked to theft and ransomware, the first two — operation of an unlicensed money transmitter and conspiracy to commit money-laundering — focus on the technological capabilities of BTC-e itself, claiming that the exchange had a «criminal design.»
«BTC-e’s system was designed so that criminals could accomplish financial transactions with anonymity and thereby avoid apprehension by law enforcement or seizure of funds, » the indictment says, pointing out that BTC-e only required «a username, password, and an email address, » unlike «legitimate payment processors or digital currency exchangers.» The indictment also points to suspicious usernames like «ISIS, » «CocaineCowboys, » «blackhathackers, » «dzkillerhacker, » and «hacker4hire» as additional support for the money-laundering allegations.

Continue reading...