Search content
Sort by
Showing 5 of 5 results by 45c3n
Re: FBI says it recovered $2 million in Bitcoin Ransomware payment... How?
The FBI may have had a CI, or may have had an agent undercover himself in one of these communities
Yep, this sounds much more reasonable than any other theories...
I'd say blowing a virtual identity for this particular incident seems totally worth it. They managed to send a strong message.
Re: FBI says it recovered $2 million in Bitcoin Ransomware payment... How?
...and as such, I believe discredits the theory the FBI was able to hack the hacking group.
I see, thank makes sense. So if we rule out the possibilities that an exchange just handed FBI their key; and that the FBI hacked the hackers; and (of course) that FBI cracked bitcoin with quantum computers... what are the odds?
Could it be possible that the FBI somehow scammed the hacker with their mixer, and then applied for a warrant to move the coins further? ..I'm also surprised that the hackers didn't even bother to try something like CoinJoin first.
Where do we see the reference where the FBI got access to the server the hackers used? Is there a link to follow and read?
SO many things come up actually, we can think of a lot of things including the government owns mixers or probably conspire with the exchange the hacker used. If you can consider yourself reliable for correcting the misinformation you might as well enlighten us with a link.
Forget about all the "investigation journalists", here are the legal documents released - but even with those we can't be sure that the FBI got the key from a seized server. I'm actually leaning on the opposite.
https://www.justice.gov/opa/press-release/file/1402051/download - This is the warrant. It mentions a location - Northern District of California - where some people believe refers to the location of a Coinbase's server.
But prior to getting that warrant, the FBI already stated they have the private key "in possession" in the affidavit - https://www.justice.gov/opa/press-release/file/1402056/download
Note that on page 7, paragraph 34 it says
"The private key for the Subject Address is in the possession of the FBI in the Northern District of California"
It is very likely that the location mentioned in that warren refers to a facility where the FBI stores the private key in.
Re: FBI says it recovered $2 million in Bitcoin Ransomware payment... How?
This would leave the possibility that FBI was able to somehow hack the hackers, but IMO this would not make sense, because why would they be creating private keys on a new server?
Sorry I didn't get it - What did you mean by creating private keys on a new server (who?) & how is it related to the possibility that FBI might have hacked the hackers? Thanks
Re: FBI says it recovered $2 million in Bitcoin Ransomware payment... How?
Seems plausible. They would still need a seizure warrant, I assume, right? I can't imagine the hackers would leave the money in an exchange, although it's possiblle it was part of their laundering plan.
I suppose it's also possible the FBI just seized some innocent guys money after the hackers exchanged it several times by now.
The seizure warrant was authorized earlier today by the Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California.
...
As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the “private key,” or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address. This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.
DOJ Statement: https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside
I suppose it's also possible the FBI just seized some innocent guys money after the hackers exchanged it several times by now.
The seizure warrant was authorized earlier today by the Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California.
...
As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the “private key,” or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address. This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.
DOJ Statement: https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside
The thing is, they explicitly stated they had the private key in the affidavit. That was before they received the warrant I believe. The warrant only granted them right to move the fund - but it seems the FBI did not obtain the key via legal seizure.
If that address was indeed a custodial one, then the timeline would be:
1. an exchange gave FBI the key without the presence of a warrant telling it to do so.
2. the FBI then lodged an affidavit in the morning of 7 Jun 2021 (https://www.justice.gov/opa/press-release/file/1402056/), and asked for permission to move the funds.
3. the FBI received warrant on the same day, 9:10 am (https://www.justice.gov/opa/press-release/file/1402051/download)
4. then they made the transfer at 10:40am (https://www.blockchain.com/btc/tx/943f2d576ed8d9f388ba75eb82fe35cce29479b84121827ac368a5a94f44cf7a)
This seems off... unless we take away (1) and assume FBI somehow got the key on their own. I mean, if they managed to get the key from an exchange, why didn't they have a warrant ready at the time?