A Former Bitcoin Exchange Admin Could Be Key to Mueller’s Russia Investigation
A Russian citizen accused of running a cryptocurrency exchange that helped a billion dollar money laundering operation could be in possession of valuable information that could potentially expose how a group of Russians indicted recently by U.S. Special Counsel Robert Mueller managed to hide their money trail using bitcoin.
Bloomberg reports that Alexander Vinnik, who is currently detained in a Greek prison was arrested in 2017 after being accused by US prosecutors of helping illicit money transfers using bitcoin, including transfers linked to a Russian military intelligence hacking unit called Fancy Bear. Officers from Fancy Bear are among the individuals indicted by Mueller of stealing Democratic Party email databases in an attempt to illegally influence the 2016 election.
Presently France and the US are fighting to extradite Vinnik on various charges related to cryptocurrency-aided money laundering and cybercrimes against their citizens. Russia is also fighting to have Vinnik extradited to his homeland, presumably in a bid to protect whatever secrets Vinnik may potentially hand over to NATO allies.
CCN reported in July that a Greek court granted an extradition request to Vinnik from France, sparking a furious reaction from Russia. Earlier in May, Greek police reportedly discovered a plot to murder Vinnik in prison.
On his part, Vinnik alleges that he has no knowledge of any money laundering operation and that he had no control over the $9 billion worth of bitcoin that flowed through BTC-e, the platform he managed. As a compromise however, he has agreed to work with French investigators from his location in Greece.
American investigators accuse Vinnik’s BTC-e exchange of completely sidestepping all KYC/AML guidelines by allowing customers move money anonymously, requiring only an email address and a password. Mueller’s investigation reported a similar pattern of transaction layering through crypto exchanges by Russian intelligence officers looking for anonymity.
Data firm Elliptic used the details provided in the indictment to search the blockchain and flesh out a pattern of such activities by Russian agents.
Speaking to Bloomberg about the findings, Elliptic Chief Data Officer Tom Robinson said:
“There was a strong link between much of the funds allegedly used by the Fancy Bear group and BTC-e. What I can’t say for certain is whether Fancy Bear obtained them directly from BTC-e, or whether there was an intermediary.”
Arkady Bukh, a lawyer representing Yengeniy Nikulin, a hacker accused alongside Vinnik says that the real aim of the US is to gain intelligence and insight on Russian state-backed hackers including information like emails, names and bank accounts.
CCN will bring more updates as the story develops.
Alexander Vinnik image from Shutterstock.
The post A Former Bitcoin Exchange Admin Could Be Key to Mueller’s Russia Investigation appeared first on CCN.
02
Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages
a close up of a sign: Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages © ZDNet Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages bitcoingold.png © Provided by CBS Interactive Inc. bitcoingold.png
Bittrex, one of the largest cryptocurrency exchange platforms, has delisted Bitcoin Gold (BTG) from its trading platform over the weekend after BTG maintainers declined to pay half of the damages Bittrex suffered during a complex multi-stage cyber-attack earlier this year.
According to a statement from the BTG team, Bittrex asked the BTG team to pay 12,372 BTG (~$256,000) as reparations for the attacks.
The BTG team declined to pay the asked sum, stating that their private assets can't be used to cover "a private company's losses from their own security failures."
BTG maintainers said they did all that was possible on their end to help trading platforms prevent the attacks, but they did not have the legal power to intervene inside a private company like Bittrex.
South Korean cryptocurrency exchange hack sees $40m in altcoin stolen | Another hack rocks cryptocurrency trading: Bancor loses $13.5 million
The hack at the center of this dispute took place between May 18 and 22, according to an incident response report published this May.
The BTG team says the hack was a combination between a 51% attack and a double-spend attack.
BTG experts said hackers rented servers through the NiceHash cryptocurrency mining market to overwhelm the Bitcoin Gold network and take control of more than half the BTG network computational hashrate.
This is what cryptocurrency experts call a "51% attack," a dangerous scenario that grants attackers the ability to modify transaction details on the entire Bitcoin Gold network.
The BTG team says that during the 3.5 days attackers overwhelmed the Bitcoin Gold network, hackers deposited large quantities of Bitcoin Gold funds at cryptocurrency trading platforms.
Seconds after these deposits, hackers would convert the funds into another cryptocurrency and transfer the money to new accounts at other exchanges.
Once funds were converted and stolen, hackers would then use their 51% control over the BTG network to reverse the initial BTG deposit, invalidating the transaction and returning their original Bitcoin Gold funds to their personal wallets. This second stage is what's known as a double-spend attack.
Hackers repeated this operation several times between May 18 and 22. Money was never stolen from end users' accounts but trading platforms only.
At the time, BTG maintainers repeatedly warned cryptocurrency trading platforms to raise transaction confirmation thresholds, a solution that would have made it more costly for attackers to mount a 51% attack.
The BTG maintainers also warned trading platforms about the attacker's wallet address, telling them to refuse any incoming BTG deposits, and hence preventing the more devastating double-spend attack even if the 51% attack was successful.
Back in May, cryptocurrency experts said hackers successfully used this dual 51% & double-spend attack to steal over 388,000 BTG coins (worth over $18 million at the time) from several cryptocurrency exchanges, but they did not reveal which platforms suffered losses during the attacks.
Most platforms either stopped the attacks in time or swallowed the losses after failing to heed warnings coming from the BTG team.
This cryptocurrency phishing attack uses new trick to drain wallets | Hackers steal almost $400M from cryptocurrency ICOs
But according to a statement published over the weekend by the BTG team, the only platform that didn't follow normal practices was Bittrex, who, in an unprecedented move, tried to convince the BTG maintainers to pay for a hack's losses.
Something like this has never happened before, and the BTG team didn't want to hear it. Bittrex tried to meet BTG maintainers in the middle, but the BTG team also declined to pay a halved reparations fee of roughly 6,000 BTG coins (~$126,000).
Following the failure to strike an agreement, Bittrex delisted Bitcoin Gold trading options on Saturday, September 1, telling BTG maintainers they reached their final decision after the BTG team did not take a part of the responsibility for the hack.
The team behind Bitcoin Gold said the delisting doesn't impact BTG trading, as Bittrex was never a top exchange for BTG operations.
Bitcoin Gold is ranked as the 29th most popular cryptocurrency on cryptocurrency ranking site CoinMarketCap. Bittrex is ranked as the 23rd most popular trading platform on the same site.
03
Major cryptocurrency exchange delists Bitcoin Gold following $18M hack
The threat of attack is very real for upstart cryptocurrency projects. Bitcoin Gold, a popular hard fork of Bitcoin, BTC is set to be delisted from cryptocurrency exchange Bittrex.
The reason for the removal is that the currency has suffered a series of debilitating heists that netted thieves over $20 million in stolen funds.
Back in May, Bitcoin Gold was hijacked with rented computing power. After hackers took control of more than 51 percent of the overall hash power, more than 388,000 BTG (approx. $18 million at the time) was stolen from cryptocurrency exchanges like Bittrex. Hackers were able to use “double-spending,” a method of repeatedly tricking an exchange into transferring more coins than it should.
It is uncertain just how much was taken directly from Bittrex, but Bitcoin Gold maintains that compensation of over 12,000 BTG ($255,000) was requested.
It shouldn’t be surprising, then, that by September 14, Bitcoin Gold will be completely removed from Bittrex.
In response, the Bitcoin Gold development team uploaded a lengthy statement, which told its side of the story:
Bittrex informed us that they make this decision because the BTG team would not “take responsibility for our chain,” and that taking responsibility meant paying Bittrex 12,372 BTG to cover the loss they incurred. They later informed us they would cover part of the loss from their own BTG reserves and requested we pay the remaining ~6,000 BTG ($127,000), and that if we did not, we would be delisted.
This is proof that security incidents really do have a lasting effect on cryptocurrency projects. The dev team does defend itself by claiming the 51 percent attack that led the double-spending was not its fault. Instead, it blamed the Proof-of-Work consensus style on which Bitcoin Gold operates.
The Bitcoin Gold team is not responsible for security policy within private entities like Bitrex [sic]; those who earn revenue running a private business must manage the related risks and are ultimately responsible for their own security.
Obviously, Bittrex does not feel the same way, but whether or not this will have an impact on the long-term survivability of Bitcoin Gold, isn’t yet clear. What is clear, though, is that market sentiment has turned.
Last year, when $3.3 million worth of Bitcoin Gold was stolen after users were tricked into downloading a fake wallet, it was ranked the fifth largest cryptocurrency by market cap.