[HN Gopher] Feds arrest couple, seize $3.6B in hacked Bitcoin funds
___________________________________________________________________
Feds arrest couple, seize $3.6B in hacked Bitcoin funds
Author : mikeyouse
Score : 372 points
Date : 2022-02-08 16:50 UTC (6 hours ago)
(HTM) web link (www.washingtonpost.com)
(TXT) w3m dump (www.washingtonpost.com)
| throwaway9191aa wrote:
| I'm not well versed in BTC, so my prices may be wrong. But this
| is webscale in a way I haven't thought of before.
|
| It is alleged they stole 119754 BTC, which in 2016 was <
| $1000USD. Which would have been < $100,000,000. Today, it is
| worth 5bln. (not that 100mm is nothing.... but it is a lot less).
|
| Could you imagine stealing something that most people thought was
| a toy. Suddenly it became so valuable that the government could
| justify who-knows-how-much resources to catch you?
| jnwatson wrote:
| This is a great argument for Monero. It is much easier to launder
| money on a privacy-oriented blockchain.
| ilamont wrote:
| Are there any cases involving theft of this scale (or even 1/10th
| of this scale) that have been successfully prosecuted in the
| U.S.?
| vmception wrote:
| > "digital currency heists executed through complex money
| laundering schemes _could undermine confidence_ in
| cryptocurrency," said U.S. Attorney Matthew M. Graves
|
| Well now you US prosecutors aren't reading hacker news!
| AlexanderTheGr8 wrote:
| > "After the execution of court-authorized search warrants of
| online accounts controlled by Lichtenstein and Morgan, special
| agents obtained access to files within an online account
| controlled by Lichtenstein," the press release said. "Those files
| contained the private keys required to access the digital wallet
| that directly received the funds stolen from Bitfinex, and
| allowed special agents to lawfully seize and recover more than
| 94,000 bitcoin that had been stolen from Bitfinex. The recovered
| bitcoin was valued at over $3.6 billion at the time of seizure."
|
| So most likely,
|
| 1) they didn't launder it properly, leading to police being able
| to trace it to their bank accounts. I wonder if tornado.cash was
| used.
|
| 2) then police had their names, leading to warrants for all
| online accounts - google account, apple account, etc.
|
| 3) they made the big blunder of keeping their private keys in
| their online account. Most likely a txt file in google drive.
| That is such a silly blunder. Without the private keys, the
| police has zero proof of anything. They could have made a hundred
| excuses for how they got money in their bank account, as long as
| the police didn't have the private keys. Who keeps their private
| keys in an online account?
|
| Apparently the biggest criminals make too many silly mistakes.
| The old saying applies here: "you don't have to be smart, just
| don't be an idiot"
| soco wrote:
| This would have happened: https://xkcd.com/538/
| AlexanderTheGr8 wrote:
| lol using a mixer means that the feds don't know which
| account contains the bad funds. So they don't find the
| identity of the perp. So no possibility of beating the perp.
| duxup wrote:
| Well you don't want to lose those keys ... there is a bit of a
| conundrum there (granted you don't have to do it the way they
| did either).
|
| As far as how exactly they got caught, there was a reward
| offered by the company it was stolen from. It may have been
| someone tipped the feds off for the reward.
| AlexanderTheGr8 wrote:
| Crypto 101: never store private keys online.
| giaour wrote:
| Crypto 102: weep for the coins you lost when your cousin
| spilled soda on the hard drive containing the offline-only
| copy of your private keys
| hungryforcodes wrote:
| It's funny! But really there are loads of ways to store
| your keys physically that are human readable.
| Miner49er wrote:
| Yeah, and then they could be fairly trivially memorized,
| even.
| giaour wrote:
| This plan doesn't really scale to the 2000 wallets
| mentioned in the OP. But maybe that scenario only comes
| up when you're looking to launder billions of dollars
| worth of BTC?
| rjbwork wrote:
| I'm not invested in crypto or really at all interested in it.
| That said, my mentor seems pretty excited about it and is
| pretty heavily invested as of the past few months. I advised
| him to do something like
| https://en.wikipedia.org/wiki/Shamir's_Secret_Sharing and
| distribute it across a wide number of storage mechanisms,
| physical, digital, and custodial. For instance, in google
| drive, in drop box, in a bank safety deposit box, engraved in
| a gold bar buried in your yard, in your house safe, etc.
|
| Why anyone with a significant amount of crypto assets isn't
| going to insane extremes in terms of secrecy and durability
| is beyond me.
| thinkmassive wrote:
| For Bitcoin specifically, multi-signature wallets are far
| superior to SSS: https://en.bitcoin.it/wiki/Multi-signature
| pcthrowaway wrote:
| This is already done by Trezor: https://trezor.io/shamir/
| duxup wrote:
| I don't understand the math but I think I have seen that
| style of secret management where any 3 of say 10 secrets
| can access something but no 2 or any 1 secret can do it.
|
| It would seem to solve a lot of just organizational
| problems where "jan is out of the office today" and nobody
| can do the thing ... but if access is spread out among 10
| people ... 3 probably are in the office when needed.
|
| Granted I've never seen it used in production personally,
| not / seen it on a granular level.
| shagie wrote:
| Hashicorp Vault uses it.
|
| https://learn.hashicorp.com/tutorials/vault/rekeying-and-
| rot...
|
| > In order to prevent one person from having complete
| access to the system, Vault employs Shamir's Secret
| Sharing Algorithm. Under this process, a secret is
| divided into a subset of parts such that a subset of
| those parts are needed to reconstruct the original
| secret. Vault makes heavy use of this algorithm as part
| of the unsealing process.
| londons_explore wrote:
| I have used it. It works. Tooling is still pretty poor.
| Every use, we ended up bringing the necessary people into
| a room, booting up an offline laptop from a sha-summed
| live USB, QR code scanning each of our secrets, combining
| them, then using the key to sign whatever we needed to
| sign, photographing the signature as a QR code. We use
| software from 2008 because an OS stack contains code from
| tens of thousands of developers, and we felt old software
| was less likely to have an active 'steal these keys and
| exfiltrate them via open wifi' malware.
|
| We would first go through the process with 'dummy' keys
| to check everyone was happy with the process and what we
| were going to do (ie. which commands, what software, what
| exactly will be signed). We would then do it again with
| the real thing. And then we'd power off the computer till
| next time it needed to be used.
|
| "Clunky" would be a good way to describe it... But it's
| hard to make it better without relying on a bunch of
| software we don't have the resources to audit.
| duxup wrote:
| Yeah it seems very much like an elegant solution whose
| usage would be a bit of its own kind of beast to deal
| with.
| [deleted]
| A4ET8a8uTh0 wrote:
| While I do partially agree that some of it may be
| grandstanding. The whole:
|
| "Thanks to the meticulous work of law enforcement, the
| department once again showed how it can and will follow the
| money, no matter what form it takes."
|
| and suggesting AEC and chain hopping is futile is an effective
| propaganda tool. I mean its possible something major changed,
| but I think your thoughts are closer to reality.
|
| If true, this is interesting, because apparently fake identity
| accounts on exchanges are cheap ( partially 'thanks' to all the
| breaches over the years ).
|
| edit: added '' to thanks
| salawat wrote:
| ...any system appropriate for shluffing around value by
| definition comes with being able to trace things with enough
| attention to detail.
| AlexanderTheGr8 wrote:
| I agree. Propaganda is very effective here. And it's actually
| good - it deters potential criminals.
|
| But if someone who knew how crypto works wanted to commit a
| crime, they can. That's scary.
| A4ET8a8uTh0 wrote:
| Sorry, yes. I used the term propaganda, but I briefly
| forgot its negative connotation. In this particular
| instance, I meant it more along the lines of 'shock and
| awe' your adversaries. I am hardly cheering on an alleged
| hacker/thief/launderer. The point stands, but thank you for
| pointing the perception issue out.
| [deleted]
| mardifoufs wrote:
| You have to keep in mind that a lot of those highlighted
| "trivial" series of mistakes can be just the result of parallel
| construction, and what evidence really "did them in" can be
| completely different from what's stated by the prosecution. It
| is very easy to find tons of small mistakes once you already
| know what you have to look for thanks to an undisclosed huge
| exploit/honeypot/technically-illegal-seizures that you can use.
|
| Proving this is hard by design, but a good example of that
| would be how they used the Hansa market as a honeypot by
| running the market themselves for months.
|
| The entire investigation around Alphabay and how they got to
| the owner is a bit shady, too, and there have been tons of
| rumors of the entire official case being based on ad-hoc
| parallel construction.
| paulpauper wrote:
| _3) they made the big blunder of keeping their private keys in
| their online account. Most likely a txt file in google drive.
| That is such a silly blunder. Without the private keys, the
| police has zero proof of anything. They could have made a
| hundred excuses for how they got money in their bank account,
| as long as the police didn 't have the private keys. Who keeps
| their private keys in an online account?_
|
| Not necessarily. If they can spend stolen $, presumably that
| may be enough to persuade a jury they own it.
| AlexanderTheGr8 wrote:
| I agee. Also, intimidation tactics can work here - e.g.
| telling them they might go to prison for life bec justice
| wants to make an example out of them.
| X6S1x6Okd1st wrote:
| There's a lot of evidence in the statement_of_facts however
| it's unclear how much of it can only be reconstructed with the
| private keys. Interested parties should really look to what was
| known to grant the search warrant.
|
| https://www.justice.gov/opa/press-release/file/1470186/downl...
| AlexanderTheGr8 wrote:
| They don't usually give details of how they caught them,
| because the next bad-actor will read that to know their
| tactics.
|
| Search warrants are given on _reasonable doubt_. When it
| comes to cryptocurrencies, the feds have _reasonable doubt_
| on everyone. So it is always possible for them to get a
| search warrant.
|
| I emphasized private keys, bec without them, no matter how
| much doubt the feds had, they couldn't prove anything.
| aksss wrote:
| > reasonable doubt
|
| I think you mean reasonable suspicion & probable cause.
|
| Reasonable doubt is the threshold prosecutors must appear
| to exceed for a successful finding of guilt with a jury
| (elimination of reasonable doubt).
| AlexanderTheGr8 wrote:
| You are right. I meant "reasonable suspicion & probable
| cause". My bad. Got confused between the 2.
| not2b wrote:
| The (alleged) criminal only has to make one mistake to get
| caught, if the pursuers are good. Steal enough money and the
| best pursuers will be assigned to catch the perp.
| AlexanderTheGr8 wrote:
| Agreed. But the (alleged) criminal kept private keys on cloud
| AND used weak encryption. These are extremely silly mistakes.
|
| They could have used bitwarden (or a password manager) and
| they would be good to go.
|
| Also the best pursuers needs 6 years (2022 - 2016) to catch
| them. Plenty of time for the perps to take a lot of measures.
| paulpauper wrote:
| John Ruffo who stole $300 million still at large after 20
| years
| axiosgunnar wrote:
| might be dead by now?
| aksss wrote:
| https://en.m.wikipedia.org/wiki/John_Ruffo
|
| $25,000 bounty seems pretty small, considering.
| paulpauper wrote:
| Tornado only works for eth. they would need a bridge.
|
| they were done-in by I am assuming to be a weak password,
| enough entropy would have made it uncrackable
| AlexanderTheGr8 wrote:
| good point. If they had tried to use a bridge to convert
| their _bad_ bitcoin with _good_ ethereum, would they have
| been denied service since everyone knew that these btc were
| _bad_?
|
| As to your 2nd point, I agree. Another mistake was uploading
| private keys to google drive.
| zozbot234 wrote:
| A good guess is that "laundering" billions of dollars is
| inherently a non-trivial problem, and perhaps not feasible at
| all without cooperation from shady real-world actors _outside_
| the whole cryptocurrency ecosystem. This is actually good news
| for small-scale users who just want to keep their
| microtransactions reasonably private - the usual mechanisms
| might actually work well enough for that case.
| AlexanderTheGr8 wrote:
| I agree. But if not for privacy, why use crypto at all? Even
| bank accounts are reasonably private, if you are not doing
| anything considered suspicious by society.
|
| Also, with mixers such as tornado_cash, laundering money is ,
| _sadly_ , pretty trivial.
| wcoenen wrote:
| Mixing is not laundering.
|
| The difference is that laundering provides you with an
| explanation for wealth and/or income. Example of
| laundering: buy a business (with clean or borrowed money),
| have fictional customers "spend" their cash money at your
| business every day, then report your income and pay taxes.
| Now if anybody asks about where you got your money, you
| have a seemingly legit explanation.
|
| Mixing does none of that. So mixing may be trivial, but
| laundering is not.
|
| edit: now that I think about it, is that why NFTs are so
| popular? Are people pretending to have gotten capital
| gains, while in reality they're buying these things from
| themselves? That would explain a lot.
| AlexanderTheGr8 wrote:
| tornado.cash puts your crypto in a completely fresh
| account (using smart contracts). You can claim that you
| earned this crypto mining it back in 2010. You can
| definitely come up with a decent excuse for this.
|
| Then you can convert those crypto (in new account) into
| fiat money.
|
| Everyone will know you are lying, but they will never be
| able to prove it.
| buryat wrote:
| you would need to show crypto addresses from 2010 and
| prove that you still have access to them
| 323 wrote:
| If you read the indictment, they claimed they had bitcoin
| from mining in 2011, the exchange asked for further
| proof, and they just abandoned the bitcoin (~$150k). The
| exchange surely notified the authorities, because who
| abandons $150k of legit bitcoin?
|
| So claiming it was from mining didn't work in this
| particular instance.
|
| They don't need to prove you are lying in all instances,
| it's enough to prove you are lying in one instance. They
| will get you for that one instance where you didn't
| launder it properly if they are after you.
| whatshisface wrote:
| That sounds impossible, wouldn't people be able to see
| that the account didn't have those coins in 2010?
| [deleted]
| everfree wrote:
| It's very common to use more than one account, and send
| money between them for various reasons.
| andruby wrote:
| Wrt NFT: yes. Just like the art business is great for
| laundering, so is the art+crypto combo of NFT's.
|
| At least, that's how I think about it.
| TremendousJudge wrote:
| Regarding NFTs, that's how the high art market works.
| It's for money laundering. "I just sold this Picasso,
| that's where this money came from Mr Taxman"
| boc wrote:
| I love how you're just realizing that NFTs are a pure
| money-laundering scheme. Just wash trade your bored ape
| and "sell" it to your alter ego and bam! Legitimate
| income for the cost of some ETH gas.
| Dwolb wrote:
| Speculation, self-sovereignty, ease of
| use/trade/leverage/exchange
| AlexanderTheGr8 wrote:
| > Speculation
|
| You can do that by _owning_ crypto. No need to use it.
|
| > Self-sovereignty
|
| Majority people use centralized exchanges, which
| regularly control transactions.
|
| > Ease of use/trade/leverage/exchange
|
| Fiat banking is much easier to use than crypto. It's also
| faster. Now everyone uses 1-tap payments. Crypto
| transactions are more complicated than that. They also
| take longer. Also are bad for the environment (not as bad
| as media portrays, but bad nonetheless)
| tedivm wrote:
| Even the apps built off of the "blockchain" rarely touch
| the blockchain. Companies aren't looking up NFTs on the
| chain, they're just hitting OpenSea APIs.
| Dwolb wrote:
| A few counterpoints,
|
| Speculation for IDOs usually requires directly
| interacting with the contract with your wallet. Likewise
| new tokens are found on DEXes which requires taking
| custody of the token.
|
| Borrowing against crypto, leveraging it, going delta
| neutral, buying options are all available on chain,
| typically with better yields, and with a higher variety
| of tokens.
| kyleee wrote:
| with that amount one would be wise to get in touch with HSBC,
| they provide laundering services (but don't market it to the
| general public)
| iskander wrote:
| They mention chain hopping and privacy chains. Maybe they
| slipped up using ZEC and made some of their transactions
| public?
| AlexanderTheGr8 wrote:
| Could be. But even if some of the transactions became public,
| it should be fine as long as the end transactions (crypto ->
| fiat) is private, right?
| iskander wrote:
| There are very few exchanges left which don't require KYC
| and even then the real final step is cashing to some kind
| of bank account. I don't think crypto->fiat privacy is
| possible beyond a certain level of wealth.
| 35fbe7d3d5b9 wrote:
| OFAC has broadened enforcement to the point that pretty
| much _any_ financial transaction across the world has a
| US nexus. Moving that much stolen crypto without the feds
| noticing? No chance.
| paulpauper wrote:
| where do mention?
| tsimionescu wrote:
| Well, the police had a search warrant, so the police could have
| found them if they had had them in their possession anyway.
|
| Sure, they could have destroyed them, losing the money but
| maybe not getting arrested?
| AlexanderTheGr8 wrote:
| vitalik (ethereum founder) used an interesting system. He
| split the key in 2. Wrote both on paper. Gave 1 paper to
| family and kept the other. Even if the police raid him
| (hypothetically), they cannot raid the houses of his family
| and friends _at the same time_
|
| This way the police or anybody else cannot get your private
| key.
| throwhauser wrote:
| The police wouldn't have to raid the family members, they'd
| likely give up what they know immediately, to avoid become
| accessories to whatever crime the police were alleging.
| diego wrote:
| No, but if you don't have your half memorized and they take
| it from you, the other half is useless. This is more useful
| if you want to leave your crypto to your family if you die,
| provided that you make it easy for them to find your half
| if you're not around.
| AlexanderTheGr8 wrote:
| Excellent point! I never considered this.
| chrisfosterelli wrote:
| > Even if the police raid him (hypothetically), they cannot
| raid the houses of his family and friends at the same time
|
| ...why not? Police coordinate raids all the time.
| AlexanderTheGr8 wrote:
| How many raids? 1 on him, 5 on family, 20 on friends?
|
| Isn't that impractical? Also how were the police supposed
| to know that he used this system?
| giaour wrote:
| I mean, he announced it publicly. The police would know
| from his popular blog.
| grumple wrote:
| You really think the government would have trouble doing
| a handful of raids at once? They have enough officers to
| do a thousand raids at once. The FBI and Interpol did
| just that recently, coordinated across more than a dozen
| countries:
|
| https://www.europol.europa.eu/media-
| press/newsroom/news/800-...
| baybal2 wrote:
| The probability of Russian police coordinating a raid
| with the NYC police is 0.00%
| [deleted]
| paulpauper wrote:
| or you end up with a useless half key or your trusted
| accomplice helps in the investigation
| AlexanderTheGr8 wrote:
| The police don't know that you split the key. But I get
| what you mean. I am sure there are better ways to hide
| private keys.
|
| Encrypting it with a good password that you remember and
| then printing the encrypted keys comes to mind.
| hungryforcodes wrote:
| Wait but didn't Vitalik announce he split it on his blog
| or Twitter?
| BobbyJo wrote:
| When a few billion is at stake, you think they'd make the
| effort to memorize the keys. Or at least encrypt them.
| tsimionescu wrote:
| When a few billion is at stake, I would definitely not
| trust my memory for a chance to lose access.
| nerdwaller wrote:
| The file the feds found had 2,000 addresses - so there's a
| non-trivial amount of 12 word phrases to remember.
| akomtu wrote:
| You only need to remember a big random number (can be a
| long phrase from a book you like), and a rule that
| generates keys, e.g. (keyid, seed) -> hash(keyid + seed).
| Needless to say, you never write the seed phrase down. At
| most you keep a vague pointer to the author of that book.
| paulpauper wrote:
| you would only need to memorize one seed to spawn
| infinite key pairs
| AlexanderTheGr8 wrote:
| can you elaborate? I find this very interesting. We can't
| choose which private key we get.
|
| So is it possible for 1 seed to generate all of them?
| Doesn't that break information theory (Shannon's
| compression limit)?
| Bootvis wrote:
| First you create the seed, then you create the keys. Not
| the other way around.
| rogers18445 wrote:
| You use a 2048 word dictionary (a random choice in that
| wordlist represents [log 2048 =] 11 bits of entropy) then
| you generate a random string of 132 bits to be your
| cryptographic seed which is a sequence of 12 words from
| the wordlist which you memorize.
|
| From that seed you can generate for all practical
| purposes an infinite number of private keys for any and
| all purposes in existence. Using cryptographic one way
| functions such as a hash or PRNG.
|
| Example: truncate_as_needed ( sha512 (seed | 2022 |
| wallet_title | priv #123) ) = private key #123
| lordnacho wrote:
| Have a google for BIP-32, about Hierchical Deterministic
| Wallets. A secret key is nothing but a number, so it's
| not too hard to generate more numbers from that seed. If
| you have the seed and the parameters for the child
| numbers, you have all the private keys you want.
| kodah wrote:
| Keys are conspicuously easy to hide. My PGP master key that
| I've been using for some time is hidden on two devices which
| would be difficult to identify much less locate and are
| encrypted as well.
| paulpauper wrote:
| strong passwords. aes256 with even just 7 word password
| chosen from a 1000-word dictionary cannot be cracked with
| existing tech
| akomtu wrote:
| TBH, with 4B at stake, I wouldnt blindly rely on AES. I'd
| use it as the 1st step, and then additionally encrypt its
| output with a custom AES-like algorithm (change tge
| s-box, change the number of rounds, maybe upgrade it to
| 512 bits). Even if my homebrew algo is weak, there's
| still standard AES behind it.
| boring_twenties wrote:
| Why mess with AES when you can just use another strong
| algorithm or two? e.g. AES+SERPENT+Twofish, with three
| separate unrelated keys of course.
| rogers18445 wrote:
| You are pushing it. 1000 words is 10 bits of entropy per
| randomly chosen word. 70 bits of entropy is probably
| crackable by a government agency.
|
| Edit: I checked and unless I mixed some zeroes somewhere
| it looks like the current bitcoin hash rate of 200
| million TH/s can crack 92 bits within a year. log
| (200,000,000,000,000,000,000*3600*24*365) / log 2 = 92.35
| pavel_lishin wrote:
| They're easy to hide as long as the federal government
| isn't trying to tie you to 4.5 billion worth of something.
| kodah wrote:
| Even with the fervor of the federal government they'd be
| easy to hide.
|
| A USB is tiny, and you can shrink it's footprint with
| USB-C. You can also buy USB keys with tamper-proof
| housings that will blow a fuse if opened to be physically
| compromised. Coupled with strong post-quantum crypto,
| that key is relatively secure, even if physically
| discovered.
|
| That's just the technical bit. You can also split the key
| in half and transfer the other half somewhere, which
| creates legal protection. You could also create a housing
| for the key so it's not easily discoverable.
|
| If all that sounds a bit extra, circle back to that the
| perpetrator has 4.5 Billion worth of something.
| [deleted]
| rootusrootus wrote:
| > If all that sounds a bit extra, circle back to that the
| perpetrator has 4.5 Billion worth of something.
|
| It does sound like a lot of work. I think I'd go with the
| $5 wrench option.
| modeless wrote:
| So what will happen to the coins? They'll probably be looking for
| any excuse to avoid giving billions back to Bitfinex. This will
| be fascinating.
| peter303 wrote:
| DOJ says they'll be returned to previous owners.
| modeless wrote:
| Sure, but what does that mean? Will they return it to
| Bitfinex to distribute? Will they try to distribute it
| themselves? How will the accounting for who owns it work
| given Bitfinex's complex (and probably illegal under US law)
| token scheme that they implemented to cover up the hack? Will
| they return amounts calculated based on the value stolen in
| 2016, or the value of the coins now, a 60x difference? Will
| they sell the coins and transfer dollars to claimants, or
| transfer the coins directly?
| caseysoftware wrote:
| I'm sitting here trying to understand their mindset.
|
| They had to know what kind of scrutiny would be on those coins
| forever.
|
| At the time of the theft, the coins are worth $100M+ and they
| can't touch them. Even worse, anything they do with them will be
| monitored, researched, dug into, and everything else from law
| enforcement, amateur detectives, and every major tech+crime
| group.
|
| Fast forward to now and the coins are worth 50x that.. and _now_
| they try to move them? And all the keys are in cloud storage? But
| it had to be frustrating to be sitting on something so valuable
| without any way to use it. They had to be stressed and anxious
| about it.
|
| A life of crime is stupid. A life of crime for something this
| high profile is far beyond stupid.
| duxup wrote:
| I was wondering about this. I would think the most obvious path
| would be to find some other criminals (now you've got new
| risks) who don't care about the provenance of the coins, will
| pay cash for some coins at a discount, and you somehow launder
| that cash....
|
| Could at least get a couple bucks from it, possibly.
| lyricx wrote:
| .
| duxup wrote:
| The thing about Craigslist is now you need to meet folks /
| exchange ... you're only going to make so many of those
| transactions.
| [deleted]
| caseysoftware wrote:
| Or weaponize the coins.
|
| Take 10 BTC and give them to 100 groups/people you don't
| like. Investigators make their lives miserable for a while.
|
| For normal people, that'd be ridiculously expensive but since
| they didn't pay for the coins and have 100k+ more they can't
| use, it's "free."
| duxup wrote:
| I feel like you'd just be making 100 enemies...
|
| They could easily point and say "dude I don't know who that
| was, here's those coins FBI".
| A4ET8a8uTh0 wrote:
| I am genuinely surprised it has not happened already ( or
| maybe it did, but it did not make news ). If NK hackers
| wanted to get someone in trouble, connecting someone to one
| of the wallets listed by OFAC would be relatively
| effortless.
| giaour wrote:
| Wouldn't investigators look at the provenance address for
| one of those 100 transactions? That seems like a dangerous
| prank.
| mtoner23 wrote:
| They already knew that address though, they were waiting
| for them to convert the BTC to USD to find the person
| tied to the address. Still dangerous because the person
| you sent them to might give the feds your name.
| vmception wrote:
| haha right! I would have bridged them to the Ethereum
| network and sent it to everyone with an ENS registered
| polynomial wrote:
| Sort of like a Random Robin Hood.
| 323 wrote:
| That wouldn't work, the same way it wouldn't work to park a
| stolen Ferrari or a bag of cash in front of your house to
| accuse you of something. The situation would be cleared up
| pretty quickly.
| tannhauser23 wrote:
| There are "local bitcoin trading" groups that do exactly this
| - convert bitcoin to cash at a discount. But obviously you
| can't do this for billions of dollars and you expose yourself
| to personal monitoring and capture.
| giaour wrote:
| I'd bet there's a non-zero chance your exchange
| counterparty at one of these groups is an undercover cop.
| hedora wrote:
| On the one hand, the mob would probably be happy to buy them
| for 10-30% face value. On the other hand, how do you contact
| a reputable mob boss?
| duxup wrote:
| Yeah I think the odds of "how about you give me cash and I
| not turn you in" are ... possible.
|
| Bitfinex was offering a reward....
| salawat wrote:
| ...If you have to ask...
| genericone wrote:
| More importantly, how do you stop them from contacting you
| after this transaction.
| [deleted]
| [deleted]
| majani wrote:
| One trip to Russia would have solved all their problems. Just
| saying
| Dma54rhs wrote:
| How or why is that? Why would it be easy to cash in or sale 4
| billion dollar worth of crypto in Russia? Russia probably
| doesn't extradite a person to Americans (not sure about non
| citizens) but there are plenty of sharks who would want to
| get their hands on these coins if that came to public anyway.
| manquer wrote:
| They have not extradited Snowden. If it is politically
| favorable they would grant residency. There are other few
| other countries who who do the same, but only one or two
| like Russia could withstand U.S. pressure if they harbor
| such a high profile figure.
|
| Of course Putin will take all the money anyway, so what is
| the point ? Getting the mob for support never ends well.
|
| Also to note one of them is a dual Russian citizen so it
| more complex than the hypothetical
| [deleted]
| jupblb wrote:
| And to think ~10 years ago it was subject of a joke to call
| police because of theft of fictional online goods [1].
|
| [1]: https://www.youtube.com/watch?v=jSyjcib_Fps
| JumpCrisscross wrote:
| What possesses someone who just stole billions to stay in New
| York while trying to launder their money? Staying and pretending
| it didn't happen, I get. Pulling a Marsalek, I get. But staying?
| While continuing to try and access that wealth?
|
| Is it arrogance? Stupidity? Misplaced faith in the anonymity of
| crypto?
| openhandcrimp wrote:
| It seems that Tornado Cash (https://tornado.cash/) could have
| been used to launder the funds. I wonder if:
|
| - Laundering happened before Tornado Cash existed, so Tornado
| Cash was not used
|
| - They used something like Tornado Cash, but the funds were still
| traceable
| AlexanderTheGr8 wrote:
| That was my first question as well. But for someone who stores
| private keys of coins worth billions of dollars on google
| drive, I don't think using a mixer was a big concern.
|
| They couldn't even bother to use strong encryption on the file
| of private keys. Crypto 101: never store private keys online.
| openhandcrimp wrote:
| Good point!
| gruez wrote:
| As other commenters have noted, they stored the public/private
| keys on a cloud drive. A coin mixer isn't going to save you
| from that.
| runeks wrote:
| Are you using Tornado Cash to launder money?
| AlexanderTheGr8 wrote:
| Talking about someone laundering money doesn't mean that they
| are. You are assuming guilt without any cause.
|
| Talking about mixers (such as tornado_cash) is a worthy
| discussion on a post about laundering cryptocurrencies.
| gruez wrote:
| Yeah wtf, I'm not sure why he's randomly namedropping it.
| openhandcrimp wrote:
| I don't understand why you are being so aggressive. This is
| a post about news on laundering crypto. I am aware of a
| technology that seems to cater to that use case.
| openhandcrimp wrote:
| I am personally not, but don't you think that use case is
| obvious?
| yokem55 wrote:
| So, tornado only takes Eth.
|
| They could have used something like wbtc, to bridge the bitcoin
| to Ethereum and then swap to eth to run it through tornado. But
| wbtc is a custodial wrapping service that would require kyc.
| There are other wrapping services that don't, but they have
| nowhere near that much liquidity on Ethereum to execute the
| trade to eth needed to run it through tornado.
|
| The other problem is that tornado has limited liquidity itself.
| At the moment there is about $500M USD worth of eth in tornado.
| You would do yourself no good to dump a large multiple of that
| into the pool all at once.
| openhandcrimp wrote:
| Good points! Thorchain (a non-custodial service) claims 1.9B
| total swap volume. So, while not viable today for billions of
| dollars, the Bitcoin -> Thorchain -> Tornado Cash pathway
| seems to be viable for smaller amounts. Which doesn't
| necessarily bode well for recovering stolen bitcoin (and
| other crypto) in the future.
|
| A thief still has to figure out how to convert crypto to
| fiat. But I am assuming that there are jurisdictions where
| this is possible without KYC.
| AlexanderTheGr8 wrote:
| Once you have crypto in a clean account, what's the problem
| with providing KYC to convert it to fiat through any
| exchange?
| openhandcrimp wrote:
| I was thinking that there are probably thresholds that
| trigger alarms when large amounts of crypto are converted
| to fiat. If crypto is coming from a clean address, there
| is not evidence of illegal activity. But there is still
| the question of where those funds originated. So I am not
| sure if government entities can seize those assets...
| knownjorbist wrote:
| Another possibility is Ironfish(https://ironfish.network/), but
| I don't know how much liquidity there exists in either of
| these. I don't think you could launder/hide $4bn through either
| of these. Perhaps slowly over a long period of time.
| vmception wrote:
| Ironfish is just a testnet so there is zero liquidity there
| because it isn't even launched.
|
| Tornado cash has about $700mm right now deposited in it, with
| the vast majority of that being in the 100 ETH deposit pool.
|
| They absolutely could have done it over time. They could have
| bridged the Bitcoin using the RenVM protocol to receive
| renBTC, done a combination of selling the renBTC and let
| arbitrageurs provide the liquidity as the couple would have
| had to sell a little below market. They could then deposit
| the ETH in Tornado.cash. Simultaneously to speed things up,
| they could have deposited the renBTC into an onchain staking
| protocol to borrow against it, using the borrowed proceeds as
| their liquidity, and possibly even just forgetting about the
| collateral and letting the protocol take it eventually.
|
| Even though they would be a large part of the Tornado.cash
| pool, it would actually only be "for now" because there are
| several other heists of large seizes that are turned away
| from Tornado.cash because it is too small. So liquidity
| begets liquidity. I would content that even if they had
| become 60% of the pool, boosting its size to $1.5bn, that it
| would have attracted many more deposits, I could see
| Tornado.cash being a $3bn pool by now, given the size of
| heists that I know of.
|
| Tornado.cash of course is not good enough to reintegrate back
| into the economy, under your name. So _then_ they could have
| employed the reintegration.
|
| With clean money they earned from salary, they could have
| created a random token on the Ethereum network, lets call it
| SHIBA INU (SHIB), made sure to keep a bunch of the tokens for
| themselves, and then withdrawn tornado cash notes to 100,000
| addresses which programmatically bought SHIB, and pumped the
| token 52885982.4% and just been a lucky trader that cashes
| out with long term capital gains they pay. They would have
| had many more billions doing that.
|
| Its too bad that people could try to throw a "conspiracy to
| commit" charge at me too, the moment I use Tornado Cash or
| launch an erc20 token now, but its more important to me that
| my speech isn't chilled so that you all can have a better
| discussion about it.
| AlexanderTheGr8 wrote:
| Excellent post!
|
| I have a question: is it possible to write scripts to do
| the above automatically? Or does it have to be a manual
| process?
|
| Few people understand the ecosystem thoroughly (I admit
| that I do not), so few people can implement the manual
| process properly. One mistake equals 0 privacy.
|
| Also, would they be allowed to use renVM since everyone
| knew that these accounts contained _bad_ bitcoin?
| vmception wrote:
| It is possible to write scripts to do this automatically,
| and randomized activity.
|
| There is a push for more and more permissionless bridges.
| All the bridge builders and their communities shy away
| from that obvious discussion because they do host and
| earn basis points from any crypto that passes over the
| bridge, even if it is obviously from a heist. It would
| put a bridge, especially that bridge, in a tough spot if
| these hackers did too much too soon, the hackers would
| have needed to be watching bridge technology and from
| this indictment it just looks like they werent.
| madars wrote:
| What about network level privacy? i.e. they'd also want to
| minimize the linkage between broadcast patterns and
| characteristics of those 100k addresses
| vmception wrote:
| Run their own nodes on the respective cryptocurrency
| networks they use.
| openhandcrimp wrote:
| An excellent overview of how the crypto ecosystem glues
| together. Also a shame that understanding and explaining
| how these technologies can be (and probably are!) used
| together leads to accusations of criminal past or
| intentions.
| FDSGSG wrote:
| So uh, does this money get returned to Bitfinex now? Is this a
| huge windfall for them? They've fully redeemed their BFX tokens
| for whatever that's worth.
| mikeyouse wrote:
| > _The Justice Department announced Tuesday it had seized more
| than $3.6 billion in bitcoin allegedly stolen as part of a 2016
| hack of Bitfinex, saying authorities have also arrested and
| charged a husband and wife in New York for allegedly trying to
| launder the cryptocurrency fortune._
|
| > _Officials said Ilya Lichtenstein, 34, and his wife, Heather
| Morgan, 31, were arrested on charges of conspiring to launder
| money. They are accused of trying to launder 119,754 bitcoin that
| were stolen after a hacker breached Bitfinex, a cryptocurrency
| exchange, and initiated more than 2,000 unauthorized
| transactions. Prosecutors said the bitcoin was sent to a digital
| wallet controlled by Lichtenstein._
|
| From the actual charging statement
| (https://www.justice.gov/opa/press-
| release/file/1470186/downl...), the Feds have more details and
| fascinating traces through the various methods which the accused
| laundered the funds. Raises the question of whether they would've
| attracted so much attention if it were "only" a $70M hack instead
| of the multibillion dollar one due to BTC appreciation.
|
| > _In or around August 2016, a hacker breached Victim VCE's
| security systems and infiltrated its infrastructure. While inside
| Victim VCE's network, the hacker was able to initiate over 2,000
| unauthorized BTC transactions, in which approximately 119,754 BTC
| was transferred from Victim VCE's wallets to an outside wallet.
| At the time of the breach, 119,754 BTC was valued at
| approximately $71 million. Due to the increase in the value6 of
| BTC since the breach, the stolen funds are valued at over $4.5
| billion as of February 2022._
| 300bps wrote:
| The hack occurred 5.5 years ago. The Federal statute of
| limitations on Grand Theft/Larceny is 5 years. Is this why they
| are charged with Conspiracy to Commit Money Laundring and not
| charged with the actual theft?
|
| _Lichtenstein and Morgan are charged with conspiracy to commit
| money laundering_
|
| If so, this means that (outside tax obligations) they may have
| gotten away with it essentially by sitting on the money doing
| nothing for 5 years and then openly transferred it to themselves.
| Since they took actions that were meant to launder the money,
| they opened themselves up to the money laundering charges on
| their own.
|
| https://www.law.cornell.edu/uscode/text/18/3282
|
| This is similar to many financial regulations where you can have
| completely legally obtained money but if you deposit $9,000
| followed by depositing $1,000 thereby avoiding a CTR notification
| to the government required for a $10,000 deposit, you're guilty
| of "structuring" your deposits.
|
| https://www.fincen.gov/sites/default/files/shared/CTRPamphle...
| peter303 wrote:
| Structured transactions dont have an amount threshold. Former
| Speaker of the House Hastert got jail for sub-threshold
| transactions.
| mikeyouse wrote:
| It's definitely not that easy... They would be sued in Civil
| Court for the entire amount, the Feds have a variety of options
| for 10-year statutes that could be implicated when they
| transfer the funds to a bank (wire fraud, mail fraud, bank
| fraud) and they would have to pay taxes on the funds lest they
| are implicated in tax fraud. It's hard work being a criminal.
| [deleted]
| [deleted]
| subpixel wrote:
| "When she's not reverse-engineering black markets to think of
| better ways to combat fraud and cybercrime, she enjoys rapping
| and designing streetwear fashion."
|
| My online bio need some levelling-up.
|
| https://www.forbes.com/sites/heathermorgan/?sh=6e246df87f7d
| latchkey wrote:
| https://www.youtube.com/watch?v=f5s4taHrEWA
| [deleted]
| TacticalCoder wrote:
| So Bitfinex is worth at least $3.6bn or is it all customers BTCs?
|
| Were people made whole back then? Is it some MtGox thing where
| people who lost money back then will now have it? In BTC? Or in
| USD at the worth of BTC back then? Or in USD at today's BTC
| valuation?
| nodesocket wrote:
| Does this mean users who lost everything on bitfinex will be
| contacted and could possibly recover their coins? Can you imagine
| waking up to realize you are rich because the feds seized the
| coins and are returning to you.
| chaoz_ wrote:
| Fascinating way to HODL to the token indeed.
| [deleted]
| paulpauper wrote:
| It means the BTC will re-enter market eventually , so not good
| for longs.
| counternotions wrote:
| Wow can't wait for this book.
| peter303 wrote:
| Or the movie. Who should play Lichtenstein?
| gzer0 wrote:
| Here's how the fed caught them:
|
| "The DOJ said it was able to seize the funds after an FBI search
| warrant of one of Lichtenstein's cloud storage accounts found a
| file containing cryptocurrency addresses and their corresponding
| private key that granted access to funds stored within."
| csomar wrote:
| This is really surprising, given that the Bitfinex hack was
| quite complex (unless they had inside knowledge). There are
| several ways to hold crypto for an amount as large (hardware
| wallet, brain wallet, pre-signed transactions, etc...)
| newbie789 wrote:
| kart23 wrote:
| what the...
|
| no way they just kept an unencrypted private key on the cloud.
| manquer wrote:
| This should all be taken with a big grain of salt. The
| official story be just parallel construction to give cover to
| say zero day hacks or other covert espionage etc.
| johnmarcus wrote:
| the file was encrypted, but the fbi hacked it after already
| having gained access to the account (via warrent).
|
| Which is to say, this isn't how they actually got cought,
| it's just how the nail will go in the coffin (and thankfully
| for those impacted, some funds recovered).
|
| FWIW, if you ever find yourself in this position of owning a
| large amount of stolen crypto, I believe the best way to wash
| it would be to "robin hood it out" to a bunch of random
| wallets. You just happen to own 10-20% of the wallets, but
| the feds now have to try and track thousands of different
| people over years to try and identify the true thief, and
| there will always be plausible deniability.
| joshbaptiste wrote:
| Why would a Russian national with so much BTC to launder, who
| hasn't touched it in 6 years suddenly perform the action from New
| York City of all places from within the USA.
| miohtama wrote:
| It is explained in the court documents. Please read the PDF.
| polynomial wrote:
| Ilya is a Russian national? (Sorry, I hadn't sees that
| mentioned yet.)
| mikeyouse wrote:
| Yep - dual citizen. Though via his LinkedIn, he went to at
| least High School and College in the US.
| pavel_lishin wrote:
| I don't know why people assume that Russia is a lawless land
| where you can just cash out billions of dollars worth of stolen
| cryptocurrency.
|
| Even if that _were_ the case, maybe they rationally decided
| that the risk of pissing off United States federal authorities
| was better than pissing off Russian authorities and organized
| crime.
| danso wrote:
| The statement of facts is linked to from the press release, and
| describes generally how the Feds were able to trace the stolen
| funds (they found a file listing private keys, after gaining
| access to the suspect's cloud storage)
| https://www.justice.gov/opa/press-release/file/1470186/downl...
|
| > _The 2017 transfers notwithstanding, the majority of the stolen
| funds remained in Wallet 1CGA4s from August 2016 until January
| 31, 2022. On January 31, 2022, law enforcement gained access to
| Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN's cloud
| storage account, which had been obtained pursuant to a search
| warrant. The file contained a list of 2,000 virtual currency
| addresses, along with corresponding private keys._
|
| > ... _The connection among the VCE 1 accounts was further
| confirmed upon reviewing a spreadsheet saved to LICHTENSTEIN's
| cloud storage account. The spreadsheet included the log-in
| information for accounts at various virtual currency exchanges
| and a notation regarding the status of the accounts_
|
| > ... _Lichtenstein Email 2 was held at a U.S.-based provider
| that offered email as well as cloud storage services, among other
| products. In 2021, agents obtained a copy of the contents of the
| cloud storage account pursuant to a search warrant. Upon
| reviewing the contents of the account, agents confirmed that the
| account was used by LICHTENSTEIN. However, a significant portion
| of the files were encrypted_
| sschueller wrote:
| A little thin on details. I wonder if they tracked down IP
| addresses at the exchanges.
| duxup wrote:
| There was a reward offered by Bitfinex. It's possible someone
| simply dropped a dime on these guys and after that everything
| fell into place.
| colinmhayes wrote:
| $4 billion has got to buy an awful lot of compute time, but
| still, how did they decrypt the file?
| avrionov wrote:
| Here is the most likely approach: https://xkcd.com/538/
| fisherjeff wrote:
| One route would probably be to start with a warrant to search
| their house in hopes of finding some passwords written down
| somewhere
| pbhjpbhj wrote:
| Under what premise are they getting the warrant?
|
| This absolutely sounds like parallel construction.
| raverbashing wrote:
| A fancy (or even basic) dictionary attack has a very high
| chance of working.
| paulpauper wrote:
| It doesn't unless you chose something stupid like "correct
| horse battery staple" or "word + word + number". 7 words
| chosen from 1000 word dictionary password encrypted AES 256
| cannot be cracked with existing technology, 8 words
| impossible with future tech.
| shadowgovt wrote:
| Yeah, but at the end of the day these keys have to be
| used by human beings so the passwords were likely
| something practically sized and easy to use.
|
| Especially since in general the likeliest failure mode
| would be the user forgetting the password to their
| millions of dollars worth of Bitcoin keys, followed by
| someone attacking the password.
| everybodyknows wrote:
| Is there any "standard" 1000-word dictionary?
| mrkramer wrote:
| There is for example this
| https://www.kaggle.com/wjburns/common-password-list-
| rockyout...
|
| But you can refer to https://hashcat.net/hashcat/
| ncmncm wrote:
| You wouldn't want to use that one.
| plankers wrote:
| bitcoin developers have taken a crack at it: https://gith
| ub.com/bitcoin/bips/blob/master/bip-0039/bip-003...
| foxyv wrote:
| This depends on the key derivation function used. PBKDF2
| or BCrypt with strong enough difficulty factor makes even
| fairly short passwords difficult to crack. On the other
| hand, a straight SHA-256 hash method can be broken
| insanely quick with fairly long passwords.
| lupire wrote:
| $4B should buy a very, very fancy dictionary.
| antihero wrote:
| Should be able to get rainbow table with fucking octarine
| for that money...
| 14 wrote:
| Random example but my passwords look something like
| chOf$Tyl83fhn@54R. I keep them written down because they
| are hard to remember. My threat model is no one. Seems so
| amateur to use a simple password that could be brute
| forced. Especially with so much on the line.
| shadowgovt wrote:
| > I keep them written down because they are hard to
| remember.
|
| With the Feds involved, that would be sufficient to crack
| the data.
| gruez wrote:
| >Seems so amateur to use a simple password that could be
| brute forced. Especially with so much on the line.
|
| There's selection bias going on because only dumb
| criminals get caught, so you only hear about the dumb
| opsec practices of those criminals. Conversely, you'll
| never hear about the opsec practices of that professional
| crew with perfect opsec that hacked an exchange/difi
| contract and disappeared into thin air.
| not2b wrote:
| Until the least bright member of the crew makes a
| mistake, gets caught, and turns in the rest. Being
| perfect is difficult to maintain forever, though it's
| possible in principle. It might require the thief to live
| like a grad student even though he has billions of
| dollars/euros worth of stolen wealth; being flashy
| attracts attention and if nothing else, the tax
| authorities.
| openknot wrote:
| If a person is that financially rich but still has to
| live like a grad student, it seems like the only point of
| that wealth is to rebel against the legal system. Even if
| one isn't caught, there's still a loss of freedom to
| avoid getting caught.
|
| I haven't studied criminology, but I alternatively
| suppose someone who does that just doesn't think that far
| ahead. This likely also explains why the vast majority of
| people with these capabilities choose to live a life in
| accordance to their country's laws.
| not2b wrote:
| There's money laundering; have a front business and
| gradually mix in a bit of the illegal money and pretend
| it came from the business. That's how mobsters do it.
| openknot wrote:
| That's right; your comment brings to mind this scene
| where the character Saul Goodman explains money
| laundering in Breaking Bad (this clip is supposedly shown
| as part of university lectures):
| https://www.youtube.com/watch?v=RhsUHDJ0BFM
| pbhjpbhj wrote:
| _Minor conspiracy theory:_
|
| Or, the TLA involved have some sort of crack or
| acceleration procedure; the TLA say "the criminals were
| dumb" because the people involved can't combat that
| without admitting guilt, and who'd believe them. The real
| reason is the TLA used illegal access and tools that we
| wouldn't be happy they're using against the civilian
| population? Oh, and the people using the tools are guilty
| by association so they're inhibited from whistleblowing.
| Gasp0de wrote:
| https://www.useapassphrase.com/
| squarefoot wrote:
| "Lorem ipsum dolor sit amet"
|
| "Approximate Crack Time: 61,103,576,810,655,170
| centuries"
|
| Yeah, sure:)
| tevon wrote:
| Is it me or should he have literally just gotten a hardware
| wallet, transferred everything to that account, then burned
| the old key?
|
| Of course that txn would show up on-chain, but if you don't
| have possession of the private key for the first account, and
| no digital device has ever "seen" the hardware account then
| he would've been fine.
|
| This is assuming the key piece of evidence was his private
| key, and he wouldn't have been prosecuted without it.
|
| Additionally, putting your key in cloud storage sounds like
| the dumbest thing ever... Just memorize your seed phrase and
| write it down. Its 4bn for christ sake.
| pshc wrote:
| Yeah, a hardware wallet is good, although for a billion
| dollars, 100 hardware wallets would be better. Could even
| go so far as to split a private key into seven horcruxes
| using Shamir's Secret Sharing and bury them in locations
| around the world.
|
| Memorizing a seed phrase leaves you vulnerable to a $5
| wrench attack, I wouldn't recommend it.
| hnburnsy wrote:
| The famous Bitcoin family reportedly spread their
| hardware wallets across the globe.
|
| https://www.cnbc.com/2021/08/11/bitcoin-family-hides-
| bitcoin...
| rlt wrote:
| The article suggests each location contains 100% of the
| key, not using Shamir's Secret Sharing.
|
| > Taihuttu is trying to put a crypto cold wallet on every
| continent so it's easier to access his holdings.
|
| I hope it's at least encrypted with an additional
| passphrase, otherwise it's only as strong as the weakest
| bank's security.
| pshc wrote:
| Wow.
|
| _> Taihuttu has two hiding spots in Europe, another two
| in Asia, one in South America, and a sixth in Australia._
|
| _> We aren't talking buried treasure - none of the sites
| are below ground or on a remote island - but the family
| told CNBC the crypto stashes are hidden in different ways
| and in a variety of locations, ranging from rental
| apartments and friends' homes to self-storage sites._
|
| I hope this is all a decoy or else it's the worst opsec
| I've seen since about five hours ago.
| GekkePrutser wrote:
| > Memorizing a seed phrase leaves you vulnerable to a $5
| wrench attack, I wouldn't recommend it.
|
| Of course the problem is the attacker may not know what
| method you used and resort to the $5 wrench attack anyway
| :)
|
| Not stealing $3.6B might be an even safer bet.
| TedDoesntTalk wrote:
| > Just memorize your seed phrase and write it down.
|
| The article mentions he had many wallets.
| trhway wrote:
| >how did they decrypt the file?
|
| keyloggers for example.
| GekkePrutser wrote:
| Wow. Such hacking prowess. Such bad opsec. Weird.
|
| Ps not condoning the theft but I just find it strange that
| people with the skills to steal this much get caught using bog
| standard cloud storage. You'd think they could afford something
| better ;) Something along the lines of "you don't take notes on
| a criminal f** conspiracy" :)
| DyslexicAtheist wrote:
| _> I just find it strange that people with the skills_
|
| people in Tech will yak-shave choosing the "correct" cypher.
| Then get pwned by an implementation detail like a bug in
| enigmail.
|
| 1) Hacking, 2) opsec and 3) tradecraft are totally different
| skills. The most dangerous people (to themselves) are the
| ones who cover only one of 3. The more advanced among them
| _know_ they lack in the other areas, but think they can
| compensate going even deeper on whatever they already know.
| digianarchist wrote:
| Honestly don't know why people don't AES/GPG encrypt the keys
| and send a message to alt.anonymous.messages.
|
| That's 30+ years of storage for free.
| SirYandi wrote:
| The article mentioned they were not thought to have conducted
| the hack itself.
| GekkePrutser wrote:
| Ah ok sorry I checked the comments only. Should have read
| TFA sorry :)
| ctvo wrote:
| > ...Lichtenstein Email 2 was held at a U.S.-based provider
| that offered email as well as cloud storage services, among
| other products.
|
| Reads suspiciously like Gmail. Oh no. You stored your keys
| weakly encrypted on Google Drive?!
| [deleted]
| GrantZvolsky wrote:
| It wasn't necessarily weakly encrypted. The key may have been
| compromised, which I find more likely.
| YarickR2 wrote:
| Thermorectal cryptanalysis, for sure (relevant xkcd
| mentions pipe wrench, though)
| hobo_mark wrote:
| Or Microsoft, but yes, indeed...
| tyrfing wrote:
| > they found a file listing private keys, after gaining access
| to the suspect's cloud storage
|
| That's backwards. It's how they wrapped it all up. The real
| trail is pretty clearly AlphaBay 2016/2017 transactions (under
| gov control around that timeframe), to KYC-flagged accounts at
| an exchange, with a web of accounts with real info linked
| together past there.
| cobookman wrote:
| If he instead started to draw NFTs, and sell it from his KYC
| account to his dirty wallet, could he still be convicted?
| What if only one out of every 100 NFTs his dirty wallet
| purchased was from his KYC account?
|
| Or what if he decided to create his own crypto-currency and
| it just so happened that his dirty wallet was an early
| investor of ETH to his fund.
|
| Seems like he could have done more to distance himself.
| arcticbull wrote:
| > Seems like he could have done more to distance himself.
|
| Bitcoin's public ledger makes transactions into prosecution
| futures.
|
| This is why it's such a poor choice for revolutionaries and
| funding the marginalized. You leave a permanent indelible
| public record in posterity that will in the course of time
| be de-anonymized, automatically, and traced back to you.
| cobookman wrote:
| Is it illegal to sell your artwork at an auction, and a
| criminal happens to be the one to buy it? I honestly
| don't know.
|
| is the onus on an artist or on an "auction house" to vet
| buyers. If post sale it turns out the money was
| fraudulent, does the artist need to pay it back?
|
| In crypto terms. You the artist simply put a NFT up for
| auction at OpenSea. You the scammer happened to purchase
| the artwork on OpenSea. However KYC is not well enforced,
| enabling for money laundering between the two wallets.
| tablespoon wrote:
| > If post sale it turns out the money was fraudulent,
| does the artist need to pay it back?
|
| Maybe? IIRC, if you unknowingly buy stolen property, and
| they trace it to you, I think you have to surrender it to
| its rightful owner (without compensation from the
| police).
| fallingknife wrote:
| I don't think that works with money, though. I can't
| imagine someone who sold a house to Bernie Madoff would
| have to give up the proceeds of the sale years later when
| he is found out to have been running a Ponzi scheme.
| arcticbull wrote:
| They actually did claw back a bunch of the disbursements
| from Madoff towards the end.
|
| https://www.wilsonelser.com/files/repository/PHLY_Article
| _Cl...
| PeterisP wrote:
| It's not illegal if it's a coincidence, however, that may
| reasonably be probable cause for investigation, and if
| the investigation finds out that it's not that the
| criminal "just happened" to buy it but that you colluded
| to do that, that's a felony.
| eftychis wrote:
| I mean art and other not easily evaluated assets _are_
| used for drug trafficking and money laundering.
|
| Auction houses are known to be on the trick -- that is
| passively mainly/ they don't care and work to "pump" the
| prices of artwork. But of course law enforcement agencies
| know about it too.
|
| It shouldn't be illegal: people should be free to buy
| what they want. But let's not hide behind our noses.
| ineedasername wrote:
| It may depend on the particular country, and
| jurisdictions on the internet are gray areas... That
| said, in the US if you are paid with stolen money and
| then informed of that fact then you are knowingly in
| possession of stolen money and would have to return it.
| If you no longer had the money (used it to pay bills,
| live your life, etc) then it probably gets more
| complicated.
| twox2 wrote:
| There wasn't a big NFT market until very recently.
| toomuchtodo wrote:
| > Seems like he could have done more to distance himself.
|
| On a value system with an inherently public ledger that
| eventually has to hit a fiat off ramp with KYC/AML
| requirements? Nah. Everyone has quality opsec until they
| don't, and the record of your criminal activity is
| immutable and highly durable.
| voldacar wrote:
| You can just sell the bitcoin for monero, then sell the
| monero for btc.
|
| also, as time goes on, the proportion of btc that are
| "dirty" approaches 1, so these chainalysis strategies
| become less effective, assuming you aren't stupid enough
| to do some criminal act then cash out at a kyc exchange
| the next day from the same wallet
| judge2020 wrote:
| But are there any exchanges that swap btc for monero or
| eth that don't have KYC requirements? Seems like it'd
| need to be off-chain somewhat, unlike uniswap.
| jacquesm wrote:
| That will only add a charge of 'money laundering' to the
| list.
| benreesman wrote:
| I mean, for a recent example of how this works in practice:
| Polygon got whacked for like 650MM last August, but all the
| fiat and even stablecoin exchanges blacklisted the addresses
| and the guy got like 5MM "bug bounty" or whatever.
|
| There might be prestige in some circles for taking down some
| dumbass Solidity coder, and some people seem to be getting
| some money out still (e.g. Wormhole).
|
| But overall I'm short Trail of Bits consulting rate.
| easrng wrote:
| Yeah, if you hack a contract you need to get the funds into
| Tornado.Cash immediately.
| m3kw9 wrote:
| What happens to the seized bitcoins?
| onemoresoop wrote:
| Will this make bitcoin plummet? I figure that all these stolen
| stashes of BTC lowered the supply on the market and with these
| new available coins it will plummet somewhat.
| fxtentacle wrote:
| Shouldn't all true crypto believers hate this news?
|
| It's the government trying to enforce their opinion of who should
| own those Bitcoins, thereby taking power away from the owner that
| the network has decided on, which would be "whoever has the
| cryptographic keys".
| toss1 wrote:
| >>which would be "whoever has the cryptographic keys".
|
| So, crypto believers should be just fine with this.
|
| They used to have the keys. Now the US Govt has the keys. The
| one who has the keys has the power. All is good
| kelseyfrog wrote:
| As a crypto unbeliever I hate this too. Legal enforcement
| legitimizes crypto as property. It expands the definition of
| property by institutionally conferring the status of "owned" to
| a functional configuration of bits distributed over thousands
| of computers. Do we have this concept for other things? yes.
| But I'd rather like to contract the space of property rather
| than expand it.
| JumpCrisscross wrote:
| > _Legal enforcement legitimizes crypto as property_
|
| People standing ready to buy legitimizes crypto as property.
| I don't love crypto. But prohibition has never worked as
| intended.
| PragmaticPulp wrote:
| > It expands the definition of property by institutionally
| conferring the status of "owned" to a functional
| configuration of bits distributed over thousands of
| computers. Do we have this concept for other things?
|
| Intellectual property has been a thing for a long, long time.
| You don't literally need to have a physical thing somewhere
| for laws to apply.
| woah wrote:
| 6000 years ago, one could have ownership over the right to
| buy a still unborn goat at a certain price in the future.
| It's amusing to see these modern philosophies of trying to go
| back to a noble savage past that never was.
| TTPrograms wrote:
| Obvious no-true-scotsman. Believing that the goal of crypto is
| to circumvent laws regarding possession and theft is at most a
| fringe belief. The fact that this is at the top of HN
| demonstrates how devoid of merit crypto discussion here is.
| tootie wrote:
| Not OP but I think the true Scotsman isn't that laws don't
| apply, it's that the ledger is infallible and authoritative.
| Miner49er wrote:
| It's where bitcoin gets most of its actual utility though. It
| doesn't have much use otherwise.
| [deleted]
| Waterluvian wrote:
| There isn't a worthy discussion left to be had about crypto
| that isn't discussing its role in fraud.
| capableweb wrote:
| That's such a sad view, especially to hold in a generally
| curious place like HN. Another example is narcotics, yes we
| know that most narcotics usage is bad, but does that mean
| all usage of narcotics is bad? Obviously not, and we take
| those articles as they come, and discuss the angles each
| article has independently, in most cases at least. But
| somehow cryptocurrencies are so emotional for most people,
| that they hold such a black/white view of it.
|
| We can, and should discuss subjects without "tainting" them
| with general, over-discussed points when we can, especially
| if we want to keep HN curious and not turn into a echo-
| chamber.
| [deleted]
| SantalBlush wrote:
| Circumventing property law has absolutely been a selling
| point of crypto, front and center, since its inception. The
| real no-true-Scotsman is saying, "Those who want an extra-
| governmental system of property aren't the _real_ crypto
| fans. " Yes, they are.
|
| In reality, crypto's _true_ purpose is a moving target, so it
| can never be criticized because that 's not what crypto is
| _really_ about.
| repomies69 wrote:
| > In reality, crypto's true purpose is a moving target, so
| it can never be criticized because that's not what crypto
| is really about.
|
| Bitcoin is a tool. Like hammer or a shotgun. You can use it
| whatever way you want. There is no centrally defined
| "purpose".
| pavlov wrote:
| This is the Adolf Eichmann defense. Trains are just
| tools, and he was making them run on time.
|
| Any infrastructure has a purpose. It's fair to ask why
| Bitcoin exists and whose project it is.
| lowkey wrote:
| And it's official, Godwin's Law [0] has reached crypto.
| The purpose of Bitcoin is of course to support the Nazi
| cause. What other purpose could it possibly have? /s
|
| Hint: Millions of people use Bitcoin as a:
|
| - store of value to protect purchasing power over time
|
| - inflation hedge to protect savings from the ravages of
| inflation
|
| - a hedge to protect against corrupt governments
| manipulating currency
|
| - protection from negative real interest rates
|
| - censorship-resistant payments
|
| - anonymous payments with instant finality (Lightning)
|
| Money is a tool like any other. Cash, gold, NFTs,
| Bitcoin, and credit cards can be used for good or evil,
| lawful or unlawful purposes. The technology isn't
| inherently moral or immoral. It is just a tool.
|
| The "it's really for nazis" argument is particularly
| weak. The critics must be getting desperate.
|
| [0] https://en.wikipedia.org/wiki/Godwin%27s_law
| pavlov wrote:
| This is the first time you hear "Bitcoin is for nazis"?
| You're lucky, I guess. It's a pretty common accusation
| because many Bitcoin advocates are also far-right and/or
| extreme libertarian.
|
| Anyway, I'm not saying that. Eichmann is simply a
| reductio ad absurdum example of the problems with the
| "it's just a tool / technology has no moral" position.
| cft wrote:
| Crypto is also a white supremacy tool:
| https://www.economist.com/united-states/2022/02/05/the-
| charm...
| capableweb wrote:
| Lots of tools that are useful for marginalized groups are
| also useful for marginalized groups that want to spread
| hate. Same goes for the internet. It was hard in the
| beginning on internet mainstream (late 90s/early 00s) to
| find any community that didn't have a bunch of racists
| and fascists in it as well.
| PragmaticPulp wrote:
| > It's the government trying to enforce their opinion of who
| should own those Bitcoins, thereby taking power away from the
| owner that the network has decided on, which would be "whoever
| has the cryptographic keys".
|
| I really don't understand these arguments.
|
| The law still applies whether or not you use cryptocurrency.
| Using cryptocurrency doesn't free someone from the consequences
| of their actions.
|
| Illegal acts are still illegal acts.
| initplus wrote:
| If we have the government to weigh in on which transactions
| are legitimate or not, why do we need a distributed ledger?
| Cryptocurrencies are trustless, but if we can trust the
| government to rule on ownership fairly why do we need a
| trustless system?
| Barrin92 wrote:
| >why do we need a distributed ledger?
|
| well the most obvious answer to that question is, we don't.
| systemsignal wrote:
| What makes hacking illegal?
|
| What if they acquired the Bitcoin without using illegal means
|
| Probably not possible in this case, but in DeFi where
| everything is ruled by smart contracts, what would make
| executing behavior allowed by those contracts illegal.
| 323 wrote:
| Whatever a judge decides is illegal is illegal.
| sincerely wrote:
| > What makes hacking illegal?
|
| https://www.law.cornell.edu/uscode/text/18/1030
| mtoner23 wrote:
| US Law makes hacking illegal
| PeterisP wrote:
| Laws of USA and pretty much every other country reject the
| notion that "everything is ruled by smart contracts" and
| assert that legally, as far as their jurisdiction reaches,
| their law is the deciding factor. Contracts have their
| basis in contract law. You certainly can write a paper
| contract which "allows" some illegal behavior, and
| executing such a contract would be illegal, no matter what
| the contract says. The same applies for a "smart" contract.
| xiphias2 wrote:
| Bitcoin is about separating money and state, but having a
| government is still very important.
|
| I'm much more worried about non crypto believers hating crypto
| believers for getting rich while their life is getting harder
| because of the inflation central banks are imposing on most
| people.
| vmception wrote:
| True crypto believers look at the court case to see what parts
| of the system need to be made more resilient, if any.
|
| Here its poor OPSEC, no improvement is necessary.
| notch656a wrote:
| Bitcoin never claimed it was going to put a magical fence
| around your house stopping armed agents.
| 8note wrote:
| properly it claimed to put a fence around you after armed
| agents have stolen from you to make sure you have no recourse
| peter303 wrote:
| Plus the first money line on the IRS 1040 this year asks if you
| made any crypto transaction. IRS found a golden goose.
| conductr wrote:
| "True crypto believers" seems like a loaded phrase these days
| because I feel like most crypto believers are riding it's wave
| to legitimacy. And things like this push it further towards
| that goal.
|
| I don't see how anyone could really still believe in the
| original ideals behind Bitcoin. They made something but not
| what they wanted.
| make_it_sure wrote:
| Most crypto believers, believe in crypto because they have
| money invested on it and want to get rich. If you remove that
| variable of getting rich, very very few remain.
| tradertef wrote:
| I mostly agree. But those very very few are the ones who
| made Bitcoin what it is and they are very influential.
| graderjs wrote:
| Not really. BTC has never been anonymous. Monero is better for
| privacy
| throw8383833jj wrote:
| no. this is quite bullish for bitcoin. they're showing that
| bitcoin can't be used for criminal activity, whatever the
| government decides that should be (usually in favor of the
| general public). this helps to legitimize bitcoin. Protecting
| consumers of bitcoin is bullish for bitcoin. helping to prevent
| fraud in bitcoin is also bullish for bitcoin. All these things
| increase confidence in bitcoin as a legitimate way of storing
| wealth.
| boc wrote:
| It sounds like all the good things for bitcoin here are
| coming from the power of the central authority to provide
| confidence, legitimacy, protection, and legal recourse.
|
| So why on earth is that a good thing for an asset which is
| all about the power of decentralized systems?
| make_it_sure wrote:
| You nailed it!
| im3w1l wrote:
| I have the somewhat contradictory wishes, that good people
| should be able to hide from crooked cops, but crooked people
| should not be able to hide from good cops. Making it somewhat
| difficult, but not impossible to catch criminals seems to
| strike a balance.
| bobbylarrybobby wrote:
| I'm confused. The government got the money back with perfectly
| legitimate transaction(s) which they signed with those very
| private keys. If the rule is "whoever has the private keys is
| the owner", the the government was playing by the rules.
|
| What crypto believers should really hate is the fact that with
| a warrant, the government can potentially get at your private
| keys. That'd be an interesting problem for crypto to try to
| solve
| nathias wrote:
| how has anything changed in this sense? The owners of bitcoins
| are always whoever has the crypto keys, that isn't an
| imperative it's just a fact, now the fed has the keys.
| algorade wrote:
| The cryptographic keys were stored on a cloud storage device.
| Law enforcement agencies gained access to these keys while
| executing a search warrant and used them move the funds. So by
| this logic, the government is now the rightful owner of these
| funds.
| brewdad wrote:
| Correct. This is why crypto, at least in its current form,
| must fail. In the crypto world possession is 10/10ths of the
| law.
| tenuousemphasis wrote:
| Is the same not true for physical cash, gold, or bearer
| bonds?
| [deleted]
| gruez wrote:
| Seems like a win to me. The government had to physically go to
| their house and arrest them to get to their funds, whereas
| normally all they had to do was call up their bank and had
| their money frozen. Not to mention, this threat could have been
| easily mitigated by keeping your funds in a multsig wallet,
| with the keys distributed in multiple redundant locations.
| mschuster91 wrote:
| > Not to mention, this threat could have been easily
| mitigated by keeping your funds in a multsig wallet, with the
| keys distributed in multiple redundant locations.
|
| And if you're released from prison and recover your Bitcoin,
| you will be arrested again for contempt of court or a similar
| charge.
| notch656a wrote:
| Why anyone would use BTC and not some privacy coin for this
| kind of scenario escapes me.
| robbedpeter wrote:
| Because they stole bitcoin. Good luck finding a non
| institutional buyer for tainted bitcoins when you're
| dealing in billions usd. Everyone shuffling bits at that
| level is going to play by the rules and cover their ass.
| Even large criminal exchanges will avoid stolen bitcoin
| in any sort of volume because it means instant scrutiny.
| polynomial wrote:
| Even large criminal exchanges outside of US jurisdiction?
| (ie, Russia, China, etc.)
| xtracto wrote:
| If you read the original DOJ filing, they actually did
| that. They used :
|
| > anonymity-enhanced virtual currency (AEC), in a
| practice known as "chain hopping"; and using U.S.-based
| business accounts to legitimize their banking activity.
|
| Their problem was that they "closed" the money circle by
| sending it to real bank accounts. That's how they caught
| their trace. It seems that laundering billions of dollars
| is not as easy as they thought haha.
| [deleted]
| Firmwarrior wrote:
| Someone was saying they could have moved to South America
| and laundered $1000 at a time, but you'd think that the
| US government could've easily tracked that down as well..
| "Hmm, it appears someone is living off this stolen 3
| billion dollars in South America"
| notch656a wrote:
| How would you trace $1000 to a larger source after it
| passes through a privacy coin? The only way to do that is
| either with some side channel information, or by
| monitoring the person selling the funds. In a cash
| economy in the third world the odds of that look pretty
| poor. I think what happened is large deposit in bank
| account caused some to start asking questions.
| bastawhiz wrote:
| Is it practical to convert literal billions of dollars
| between currencies? And even if you did, wouldn't
| liquidating it so you can actually spend it on things in
| the real world prove to be almost impossible? Billions of
| dollars worth of currency is more than I'd expect most
| privacy coins to deal with over the course of months.
| [deleted]
| PKop wrote:
| But in this case, accessing the billions in BTC was
| impossible too, so for all intents and purposes, that
| number wasn't real, since it wasn't usable.
|
| The question is perhaps what is the most one can use and
| how to do it. Privacy coins probably play a part in this
| equation.
|
| You maybe could slowly, and methodically convert it out
| of the privacy coin into a spendable form when needed.
| robbedpeter wrote:
| Laundering within the constraints of a public ledger
| isn't feasible for long periods of time or large amounts
| of money - the only way to win that game is to be so
| small nobody cares.
|
| They could have possibly gotten cash from cartels at a
| steep discount, but that story would probably have ended
| with a richer cartel and two dead nerds.
| notch656a wrote:
| I always wonder how many people won this long con by
| being so small nobody cares. The DoJ document states they
| already succeeded in taking the funds cross chain and
| through some privacy enhancing alternative assets. For
| every idiot dumping millions in a bank account there's
| got to be someone else living a "modest" but luxurious
| life looking like a small guy nobody cares about, cashing
| out a few hundred to a thousand at a time somewhere where
| that kind of money is big enough to get a nice day to day
| living but small enough to not be worth organized crime
| taking much notice.
| sschueller wrote:
| Also crypto people have a problem with central banks
| manipulating currency by printing more etc.
|
| Having stolen coins recovered seems like an OK thing.
| axiosgunnar wrote:
| > The government had to physically go to their house and
| arrest them to get to their funds
|
| Would be the same with cash
| panarky wrote:
| It's similar to privacy and surveillance.
|
| To secretly monitor a single individual's communications, law
| enforcement should have to get probable cause, present their
| case to a judge and obtain a court order.
|
| Dragnet surveillance of all communications all the time is a
| Very Bad Thing.
|
| Financial surveillance and seizure is currently at the Very
| Bad Thing stage and bitcoin helps move us back toward a
| better balance between the rights of the individual and the
| interests of the state.
| robgibbons wrote:
| Technically they were charged with conspiring to launder money,
| completely unrelated to any mention of theft or hacking.
|
| From TFA: "Court papers filed against the couple did not accuse
| them of the hack itself; officials declined to say if the pair
| are suspected of stealing the money."
| PeterisP wrote:
| All it says is that they don't yet have strong evidence to
| expect a conviction on hacking charges. And it's quite likely
| that some other people were involved in the hack itself -
| perhaps after this arrest, they will get some new information
| that will allow them to charge someone for the hack itself,
| for example, out of a plea deal when one of the gang turns
| against the others.
| codespin wrote:
| Interesting point, but if the government considered whoever
| had control of the coins the rightful owner and not stolen,
| would it be laundering then? It doesn't sound like a problem
| of taxes.
| austincheney wrote:
| Laundering is any process to legitimize illicit income. It
| does not matter who owns the coins or other assets in
| question. What matters is if the coins represent any
| vehicle of fund transfer that originate from any form of
| criminal enterprise or other unreported financial activity.
| vmception wrote:
| which is why they weren't charged with actual money
| laundering. they only got them with conspiracy which is a
| super weak charge.
|
| a money laundering charge requires an illicit origin,
| which means it can only be a tacked on charge after
| charging or proving someone was involved in the illegal
| activity.
|
| the government just doesn't know, they just find
| everything this couple did to be super suspicious. they
| clearly had control of an excessive amount of
| cryptocurrency that they were reintegrating into the
| economy. the government doesn't seem to know if they were
| actually involved in the heist, or how, or to what
| extent.
|
| simply obfuscating money isn't illegal. obfuscating an
| illicit origin is. lets see if the government can get to
| the bottom of this "conspiracy to obfuscate money of an
| illicit origin".
| acchow wrote:
| So they could have reported the stolen coins it as
| income, paid taxes, and they'd be in the clear?
| dvt wrote:
| How are you arriving to this conclusion? Paying taxes on
| illicit income does not make the income non-illicit. It
| just makes you easier to catch.
| acchow wrote:
| I was replying under some comment thread about the the
| government "not legitimizing" bitcoin, and thus not
| considering "bitcoin theft" to be actual theft.
|
| And thus the only crime here being tax evasion.
| [deleted]
| lhorie wrote:
| What is a "true crypto believer" anyways? As a matter of
| practicality, everyone that interacts with financial assets of
| any sort are bound to laws imposed by _some_ government.
| Equating "whoever has the keys" to ownership feels more or
| less equivalent to saying "finders keepers" is a valid
| justification for taking possession of a physical leather
| wallet. Or "We broke up, but I fed the dog, so it's mine". Or
| whatever.
|
| A person can believe whatever they want, but when push comes to
| shove, it's a country's court of law that ultimately determines
| who legally owns what.
| akersten wrote:
| > A person can believe whatever they want, but when push
| comes to shove, it's a country's court of law that ultimately
| determines who legally owns what.
|
| I think you've answered your own question - a true crypto
| believer does not agree with that. If the smart contract says
| the Ethereum is mine because you wrote it poorly and I called
| the transfer money function in the right way ("exploited
| it"), a true believer would say "yep, it's yours."
| throwawayboise wrote:
| But that's not the way real contracts work. Contracts are
| an _agreement_ between parties. If there is later a
| disagreement about what was agreed to, a judge sorts it
| out.
| akersten wrote:
| I think Ethereum is silly too. But you have to realize
| that their argument is "we'll make our own contracts, and
| what the computer says is the absolute truth - no judges
| or kings."
|
| In that world, there is no such thing as stealing. If the
| crypto transfered, it was _allowed to transfer_ by the
| contract.
|
| The part that "true believers" are meant to hate is that
| now, someone on one side of the contract is grasping back
| to Money 1.0 concepts of conceptual ownership and
| meeting-of-the-minds type contracts. This enforcement
| action shows that the government thinks of Ethereum et al
| in this way too. And therefore the crypto paradise dream
| is dead.
| buran77 wrote:
| > If there is later a disagreement about what was agreed
| to, a judge sorts it out.
|
| Only because human language leaves a lot of room for
| interpretation. Computer output doesn't, or at the very
| least not nearly to the same extent. If your smart
| contract is itself legal (you are legally allowed to
| formalize those terms), and produced an output as a
| function of it's actual internal operation (and not a
| random, accidental bit flip) then it should stand even in
| front of a judge.
| throwawayboise wrote:
| I don't know what a smart contract is, but seems to me
| that if you can convicingly argue that the function
| output is inconsistent with what the parties agreed to,
| it would not stand.
|
| There are contract disputes all the time over what a word
| or phrase means, and what a judge will look at is which
| interpretation best aligns with the broad strokes of what
| the parties were agreeing to. Nobody agrees to a contract
| that contains "I get to void the entire agreement at my
| discretion, keep the proceeds, and leave you with
| nothing"
| lhorie wrote:
| > Only because human language leaves a lot of room for
| interpretation
|
| Technically no. Many things have intrinsic physical value
| that cannot be tracked via digital contracts. If I go to
| amazon and buy a book, but they ship the wrong book due
| to clerical error, then there's a clear cut violation of
| expectations with no room for conflicting
| interpretations.
|
| In the crypto world, NFTs are frequently criticized for
| this very issue, and it doesn't even leave the digital
| boundaries: you can prove to have ownership of a token
| through the blockchain, but whether that token is
| actually tied to legal ownership of an asset is anyone's
| guess (case in point, there are various cases of people
| selling fraudulent NFTs for art they do not own).
| vmception wrote:
| > charged with conspiracy to commit money laundering, and
| conspiracy to defraud the United States
|
| Do you think there are more charges to come?
|
| If they think they _actually_ laundered money through businesses,
| why didn 't they charge them with multiple counts of money
| laundering and multiple counts of wire fraud and a violation of
| the CFAA?
| vmception wrote:
| I'm actually wondering if there are serious doubts here.
| Especially due to the weaker charges levied, and watching the
| cringy @realrazzlekhan tiktok page where everyone also has
| their doubts about these people's competence.
|
| Darknet markets sell IDs, the DOJ also says the hackers used
| fake IDs to reintegrate the money. This fairly welloff couple
| (lives in Manhattan condo, owns bengal cat and jewelry) could
| easily just be one of the IDs. Both the husband and wife are
| early crypto proponents but that might just be circumstantial
| to both the DOJ and the hacker who got their IDs.
|
| Watching this one. Its like they got just enough of data for a
| charge to get the subpoenas and warrants, but not enough to go
| for the bigger more damning charges.
| dannylandau wrote:
| So, who did the hack? And why did original hacker transfer funds
| to Lichtenstein?
| facorreia wrote:
| "This is largely symbolic, but it does send a clear message.
|
| Like it or hate it, there is a sea change happening in how
| governments treat cryptocurrency."
|
| https://news.ycombinator.com/item?id=29111446#29111572
| drubio wrote:
| Talk about famous last words, 3 month ago before this hammer
| came down, wow! Wonder if it crossed his mind if this also
| applied to his own crypto deals
| albroland wrote:
| fwiw, it appears one of the named here is a YC Alum:
| https://news.ycombinator.com/user?id=il
| https://www.linkedin.com/in/unrealdutch/
| sokoloff wrote:
| I love how the LinkedIn profile says "Interested in blockchain
| technology". Ya don't say...
| [deleted]
| rednerrus wrote:
| Andreessen roasting this guy all morning is making my day:
| https://twitter.com/pmarca/status/1491150099518398466
| toomuchtodo wrote:
| Replies to his tweet are just top notch.
|
| "your memes do have out-of-touch-dad-trying-to-be-cool energy
| tho"
| vmception wrote:
| > Also, angel investor in promising startups and crypto
| technologies.
|
| Should have just become a limited partner in one of the Silicon
| Valley PE funds, next to the Oligarchs
| sydthrowaway wrote:
| Thin red line between scamming and hustling.
| optimalsolver wrote:
| Well, yes. If you can socially engineer customer support
| staff, you can do the same to venture capitalists.
| sydthrowaway wrote:
| Then it seems pure luck that some conniving sociopath at
| the top can lead a company to produce useful goods.
| hattmall wrote:
| That's extremely subjective to your definition of useful.
| Investing in the best con artist isn't exactly a bad deal
| so long as you aren't the last mark.
| [deleted]
| champagnois wrote:
| If Reddit.com/r/worldnews can have Ghislaine Maxwell (of the
| epstein case) as a moderator (u/maxwellhill) -- then
| Ycombinator gets its own billionaire criminal.
| phs318u wrote:
| Did you mean to say Ghislaine?
| champagnois wrote:
| 100% that is what I meant to say. thanks.
| zozbot234 wrote:
| That's a nice username I guess.
| outside1234 wrote:
| Grifters go grift to grift
| xapata wrote:
| Interesting that the hack occurred in 2016, and in the same
| year he left MixRank.
| rococode wrote:
| Makes you wonder if he left because he realized he could hack
| $70m in Bitcoin, or he hacked $70m in Bitcoin because he had
| left and had nothing else to do (the hack happened in August
| and he left in May).
| paulpauper wrote:
| This is just unreal. this guy was living a double life of being
| the greatest criminal ever. So among our community was a $4
| billion hacker, just nonchalantly posting.
|
| I don't think he will be commenting anytime soon again if this
| really is him
|
| https://news.ycombinator.com/threads?id=il
|
| like your neighbor being a serial killer or something
| jacquesm wrote:
| That last comment is pretty prophetic:
|
| "Like it or hate it, there is a sea change happening in how
| governments treat cryptocurrency. "
|
| Wonder how he feels about that sea change now.
| anonporridge wrote:
| Meh. Governments have long arrested cryptocurrency
| criminals. This is hardly a sea change.
| smt88 wrote:
| I'm really amused that he is currently listed as a mentor for
| 500 Startups. I wonder how good his advice has been?
| scotty79 wrote:
| Don't get caught.
| anonporridge wrote:
| Fake it until you're too big to shut down and then pay
| the fine?
| zozbot234 wrote:
| He was just a million-dollar hacker, but the power of HODL
| boosted his illicit fortune to the billion-dollar range.
| trhway wrote:
| reading a bit about him and the hack (which at some point
| was for example blamed on those Israeli brothers with
| connections to IDF hacking unit) i kind of not sure that he
| is the hacker ( and note that he is charged with laundering
| not hacking) - he in my view better fits the profile of the
| "investor"/"fencer" whose involvement would be to launder.
|
| Sidenote: one of the reasons i don't touch crypto is
| possible laundering charge/suspicion if the tokens happens
| to had passed through unsavory hands/situation (which may
| be even unknown at the time) or God forbid 2-3 transactions
| after me the tokens get involved in terrorism/etc. -
| imagine as a minimum for example the "FBI background check"
| hell your GC/etc. will be stuck forever ...
| CrazyStat wrote:
| > Sidenote: one of the reasons i don't touch crypto is
| possible laundering charge/suspicion if the tokens
| happens to had passed through unsavory hands/situation
|
| A page recently posted here ([1], citing [2]) claimed
| that there's a market for freshly mined Bitcoin (i.e.
| with no history), with people paying as much as 20%
| markup for it to avoid such risks.
|
| I didn't make any attempt to verify this claim.
|
| [1] https://sethforprivacy.com/posts/fungibility-
| graveyard/
|
| [2] https://news.bitcoin.com/industry-execs-freshly-
| minted-virgi...
| trhway wrote:
| It still doesn't protect from possible future tainting of
| those tokens and thus suspicion of your participation. It
| may be even more suspicious as you would be the one who
| bought clean coins supposedly in order to minimize
| attention to whatever future crime the tokens may be
| involved.
| wavefunction wrote:
| or actually it is money launderers looking for tokens
| with no previous history they can use to evade some % of
| future scrutiny
| [deleted]
| mistrial9 wrote:
| omg - murder really?
| dcist wrote:
| I noticed both on twitter and his HN posts, there's a big gap
| between 2015 and 2019.
| 0xFreebie wrote:
| il on May 15, 2013
|
| >As the anarchists and idealists on HN will soon learn, the
| decentralized nature of Bitcoin won't make a difference if
| anyone transmitting it is in violation of federal law.
|
| https://news.ycombinator.com/item?id=5714963
|
| Did he change his mind?
| wonnage wrote:
| Sounds like he knew this all along but didn't care
| notahacker wrote:
| There's some irony his most recent post on this timeline
| being "there is a sea change happening in how governments
| treat cryptocurrency" too. That's certainly true for him.
| Scoundreller wrote:
| Always keep posting to avoid suspicion.
| bostonsre wrote:
| I don't understand why he wouldn't move to somewhere that
| doesn't have an extradition policy with the US. If you go
| down that path, it seems like you should probably be willing
| to abandon your life. It's the same with Ross Ulbricht, seems
| like it would be terrifying living with that sword of
| damocles hanging over your head absolutely constantly.
| djanogo wrote:
| If he goes somewhere which doesn't have extradition, FED's
| will just call him and tell him they will go public that he
| has $4B bitcoin and ALL criminals will be hunting them
| after that.
| gjs278 wrote:
| alasdair_ wrote:
| $4Bn can buy some pretty good fake identities.
| Server6 wrote:
| You pay them off?
| cgriswald wrote:
| I'm not certain I understand. There are billionaires in
| the world already. How do they protect themselves from
| criminals?
|
| Granted, their billions aren't in cash. However, once he
| fled the country he could immediately start converting
| his position to other assets that aren't so easily
| stolen. He'd also be able to afford to hide himself, pay
| taxes and bribes, and pay for some security.
| mh- wrote:
| Most billionaires aren't in the countries that lack
| extradition treaties. The few that are can be assumed to
| be paying steeply for protection, in both senses of the
| word.
| fhood wrote:
| That requires that you did something that you are very sure
| the country you end up in won't just prosecute you for
| themselves. If your crime is massively embarrassing to the
| US govt you go to Russia, or heinous sexual assault of a
| 13yo, France. But I think most of the usual culprits in
| this case would just prosecute you.
| 35fbe7d3d5b9 wrote:
| Humans notoriously overestimate their competence and
| underestimate dangers they face. Combine that with a
| federal investigation that's going to be slow because 1)
| it's complex and 2) the feds will happily investigate you
| for _years_ if it increases their chance of a conviction,
| and you 've got a recipe for people who think they got away
| with it right up until the moment of arrest.
| dillondoyle wrote:
| and underestimate the competence of governments/law
| enforcement.
| 300bps wrote:
| I think it's more underestimating the attention span of
| governments/law enforcement.
|
| When someone steals your bike, the cops could spend weeks
| investigating, interviewing witnesses, searching
| Craiglist, Facebook Marketplace, staking out the
| neighborhood for anyone riding the stolen bike, etc.
|
| But they don't, because it's a bike. But steal $3.6
| billion, you'll hold their attention for a bit!
| brightball wrote:
| Yea, listening to enough stories on Darknet Diaries about
| how people get caught it's pretty crazy. Honestly makes
| working in the groups that catch people like this sound
| very interesting.
| yupper32 wrote:
| I imagine it's very very very boring for a while, with
| relatively brief moments of satisfaction.
| baq wrote:
| Sounds like the usual $DAYJOB for basically everybody
| here
| csmajorfive wrote:
| I find it especially baffling considering he has Russian
| citizenship.
| aeturnum wrote:
| The work of preparing to leave the country is necessarily
| public in a way that doing crypto stuff might not be. I
| suspect they were worried that preparing to leave the
| country would tip their hand - and they could have been
| caught earlier if they tried it. It just turns out they
| were caught anyway.
| thebean11 wrote:
| Hmm what work is that? Getting a visa? With that much
| cash I'd leave first (on a tourist visa) and figure the
| rest out later..
| bostonsre wrote:
| Yea, maybe bring your cat or dog but literally pack like
| you're going on vacation. If they arrest you before
| leaving the country then you were screwed already.
| markdown wrote:
| Americans don't need to apply for a Visa to visit most of
| the world. They just get one automatically on arrival.
|
| They could have just bought a Vanuatu passport with
| bitcoin (~$150k), then travelled there for a holiday.
| Leave the US with the US passport and arrive in Van with
| the Van passport. CHange their name in Vanuatu, then move
| to a 3rd country to settle permanently with a new name.
| Maybe change it one more time and gain citizenship in
| that third country, and that'd be enough to disappear for
| regular people.
|
| The spooks will still find you, but without extradition
| powers...
| johntb86 wrote:
| Once the spooks find you you'd need to be very careful to
| avoid flights in or near the airspace of countries
| friendly to the US.
| jessaustin wrote:
| ...they'll wait until you get drunk (i.e. roofied) at a
| bar, then kidnap and torture you until you give them all
| your money. The "red" budget is even more fun than the
| black budget. Choosing to defy the state is choosing to
| defend oneself forever against the creepy-crawlies the
| state pays to notice such defiance.
| Mizza wrote:
| I wish people would stop saying 'non extradition country'
| like that's a real thing.
|
| Brokep moved to Cambodia for that reason. They still got
| him anyway. If the powers want you, they can find away to
| get you. The only options I can imagine are publicly
| embarrassing the US government to the delight of Vladimir
| Putin or making a very large donation to the Cuban
| government.
| ttyp3 wrote:
| "Founder of Endpass - a blockchain startup solving problems in
| decentralized identity and authentication"
| spyder wrote:
| Heh... He has some comments on "Feds reveal the search warrant
| used to seize Mt. Gox account " in 2013:
|
| _As the anarchists and idealists on HN will soon learn, the
| decentralized nature of Bitcoin won 't make a difference if
| anyone transmitting it is in violation of federal law._
|
| * This was inevitable. People can wax rhapsodic about the
| decentralized nature of Bitcoin, but once the feds freeze a few
| million dollars of a major exchange's assets, as they have done
| with every single anonymous digital currency since the
| beginning of time (e-gold,1mdc,Liberty Dollar) and launch a
| criminal investigation, the currency will be severely
| destabilized. Within the next year I expect to see a cottage
| industry emerge where the true believers cash out frozen
| bitcoin accounts for pennies on the dollar.*
|
| and a few other:
|
| https://news.ycombinator.com/threads?id=il&next=5714990
| tiffanyh wrote:
| Let's be fair to these individuals and not presume guilt.
|
| In the US, it's "innocent until proven guilty".
|
| Media is so quick to assume the person is guilty just because
| of an allegation.
| evdubs wrote:
| Heather Morgan admitted to the hack on TikTok
|
| https://twitter.com/BillSPACman/status/1491131214014869505
|
| Edit: whoops. That video is fake. It's from
|
| https://www.tiktok.com/@realrazzlekhan/video/690851478968159.
| ..
| grumple wrote:
| The federal government has a ridiculously high conviction
| rate: 99.96% [1]. They basically only bring the case if they
| have everything they need to convict.
|
| 1. https://www.bhlawfirm.com/blog/2021/05/the-federal-
| convictio....
| tnorthcutt wrote:
| What portion of those convictions are plea bargains?
|
| This article says 97%:
| https://www.nbcnews.com/think/opinion/prisons-are-packed-
| bec...
|
| _Why are people so eager to confess their guilt instead of
| challenging the government to prove their guilt beyond a
| reasonable doubt to the satisfaction of a unanimous jury?_
|
| _The answer is simple and stark: They're being coerced._
| tptacek wrote:
| This is a pretty silly argument. I'm not opining on
| whether or not prosecutions are coercive; I'm certain
| they are. But a lower conviction rate would be a _bad_
| thing: it would mean the DOJ was bringing more cases they
| weren 't certain they would win, and even exoneration
| comes with immense costs to the accused.
| tnorthcutt wrote:
| I wasn't replying to a claim that a high conviction rate
| is a good thing (or better than a lower one).
|
| I was replying to a claim that a high conviction rate
| somehow suggests we should dispense with the idea that,
| as a society, we should not presume guilt.
|
| grumple, who I replied to, seemed to me to be suggesting
| that because the federal government has a high conviction
| rate, we should assume the accused are guilty.
|
| I'm suggesting that because there is compelling evidence
| that many guilty verdicts are obtained through coercion,
| we should not make that assumption.
| tptacek wrote:
| Nobody is suggesting we presume guilt. The suggestion is
| that we're not required to defer opinions about guilt
| until after a jury trial, which is sensible.
| sdenton4 wrote:
| The argument around plea bargains is pretty simple. You
| have someone over a barrel: "Take the deal and go to
| prison for two or five years, or take a risk on a trial
| where you'll be put away for life. And btw, our
| conviction rate is 99.96%."
|
| You'd be crazy not to take the deal, even if you're
| innocent. Thus, the conviction rate doesn't actually tell
| us much about how strong the federal cases actually are.
| tptacek wrote:
| That's not the structure of most plea bargains ("2 years
| vs. life") but more importantly, you don't have enough
| information in that hypothetical to determine how fair
| the system is, because you're not accounting for how
| liberally federal prosecutors bring cases. If they tend
| only to bring cases when they have overwhelming evidence
| --- which is the rap on federal prosecutors (not so much
| state) --- then you get the same outcome simply by dint
| of most people in plea negotiations being guilty. A good
| reason not to take a case to trial is your knowledge that
| you'll be destroyed at trial.
| nobody9999 wrote:
| >A good reason not to take a case to trial is your
| knowledge that you'll be destroyed at trial.
|
| Another good reason not to take a case to trial is
| potentially spending _years_ in pre-trial detention,
| destroying your life -- losing your house, your kids,
| your job and anything else that requires your presence
| outside of a detention facility.
|
| Which is why so many cases end up as plea bargains -- get
| sentenced to "time served" for a lesser offense and then
| try to pick up the pieces of your shattered life, or
| fight (assuming you have the money/resources to do so)
| and potentially never get the chance to pick up those
| pieces.
|
| So yes, the system is quite coercive.
|
| Let's say for the sake of argument that the DoJ (or state
| prosecutors) determine (by whatever means) that tptacek
| has committed criminal acts.
|
| You are arrested, arraigned and bail is either denied or
| set high enough that you can't afford to pay.
|
| How long could you sit in jail before you lose your job,
| your house, possibly your spouse and your kids and
| anything else important to you?
|
| It could be _years_ before a trial. And given that most
| folks can 't afford an unexpected $500 expense, sitting
| in jail waiting to be tried isn't all that unusual.
|
| Given those circumstances, how long could _you_ sit in
| jail awaiting trial before your life is a complete
| shambles? Given the make up of folks here on HN, I 'd
| expect that you may well be able to last longer than
| most.
|
| High bail and pre-trial detention are absolutely used as
| cudgels that attempt to force even the innocent to accept
| plea agreements. Especially when indictments tend to
| include a lot of overcharging -- another cudgel to force
| a plea agreement.
|
| Which is why I don't believe that plea agreements should
| be used _at all_. But that 's a much larger discussion
| and beyond the scope of this comment.
| yucky wrote:
| Even your local circuit court probably has a 95%+
| conviction rate. If you're innocent of a charge that
| carries 20 years and your attorney says you have 50/50 shot
| at trial of winning, or you can plea guilty and take
| probation what do you do?
|
| Most people take it, and now they have a record. Any future
| fuck ups (guilty or not) and you're looking at real jail
| time.
| dcist wrote:
| check out the affidavit accompanying the criminal complaint:
| https://www.justice.gov/opa/press-
| release/file/1470186/downl...
|
| yes, they're legally presumed innocent but they have a LOT of
| 'splaining to do.
| paulpauper wrote:
| feds seldom lose, 98+% conviction rate
| parineum wrote:
| For non-high profile investigations (investigations that were
| not in the media before charges), announcing charges
| typically has a large body of evidence and a lot of
| confidence in the accusation.
|
| Of course innocent until proven guilty applies but the
| justice department knows that and still brought charges. At
| the very least, they believe they've proven beyond a
| reasonable doubt his guilt.
|
| High profile cases with public pressure change the equation a
| bit and can cause charges to be brought on people who
| normally would not. I suspect this is a way to pass the buck
| to the courts when the person eventually gets off due to lack
| of evidence.
| nobody9999 wrote:
| >Of course innocent until proven guilty applies but the
| justice department knows that and still brought charges. At
| the very least, they believe they've proven beyond a
| reasonable doubt his guilt.
|
| It's a bit of a nitpick, but the Justice Department (DoJ)
| hasn't _proven_ anything.
|
| The defendants in question have been charged (and
| arrested?), but no trial (or plea bargain) has been held.
| As such, presumably the DoJ has what they believe is
| sufficient evidence to convict the defendants on the
| charges brought against them.
|
| However, until a trial (or a plea agreement) is concluded,
| the DoJ hasn't "proven" anything. Rather, they brought
| charges against some folks. That's not "proven beyond a
| reasonable doubt," that's making accusations and bringing
| the case into the court system.
|
| What the DoJ _believes_ (and /or believes it can _prove_ )
| is not proof in and of itself.
| parineum wrote:
| I mean that they have proven it to themselves, I don't
| mean it in a legal sense.
| nobody9999 wrote:
| > I mean that they have proven it to themselves, I don't
| mean it in a legal sense.
|
| A fair point. And it's likely you're correct.
|
| Although using the term 'prove' has specific _legal_
| meaning that many (myself included) folks would associate
| with the use of that term.
|
| As I said, there's what you _believe_ and what you can
| _prove_. Believing you can prove something may be well
| founded, but at least in the US _nothing_ is actually
| "proven" until it has been adjudicated -- and even then
| contrary decisions (e.g., in an appeal) can "un-prove"
| stuff.
| parineum wrote:
| The whole quote from me was, "...they believe they've
| proven".
|
| Perhaps a better phrasing would be "believe they can
| prove".
| dragonwriter wrote:
| > Of course innocent until proven guilty applies but the
| justice department knows that and still brought charges. At
| the very least, they believe they've proven beyond a
| reasonable doubt his guilt.
|
| No, if following general DoJ policy, they believe that the
| evidence is sufficient that they _will be able to prove_
| the charges beyond a reasonable doubt, but that 's not the
| same as them already having proven that.
|
| > High profile cases with public pressure change the
| equation a bit and can cause charges to be brought on
| people who normally would not.
|
| Usually, I think the opposite is the case: generally, the
| DoJ is more careful in high-profile cases, not more
| cavalier.
| parineum wrote:
| > Usually, I think the opposite is the case: generally,
| the DoJ is more careful in high-profile cases, not more
| cavalier.
|
| I'm not sure Rittenhouse would have been charged at all
| and, based on how the trial went and how weak the
| evidence was, he should have, at best, been charged with
| something much more minor. But that's just one example.
|
| I somewhat agree with you, they are more careful but I
| think they are more careful in their own process. To make
| sure their ducks are all in a row. But, when it comes to
| actually pressing charges or agreeing to plea deals, I
| think they are much more likely to overcharge or not
| negotiate so that the case is no longer on their desk and
| they can say "I did my part".
|
| To use the Rittenhouse example, I think the public
| expectations of charges impacted the charges because the
| ones bringing charges are often elected officials (or
| appointed by them) so there's an incentive to not look at
| what can be proven with the evidence and instead charge
| with what the public thinks is "right". The incentive for
| an elected official is to appease the public with
| charges, convictions be damned because that's someone
| else's problem. That's how Rittenhouse's case played out
| too. Outside of conservative media, there was a lot of
| attention paid to the judge and the lawyers not being
| able to prove their case rather than floating the idea
| that maybe a lesser charge and a conviction was the right
| thing to do.
|
| On the other hand, I think you saw the same course of
| events with the George Floyd case but with a different
| result. The investigation was drawn out and meticulous
| and charges were brought. That resulted in a conviction
| but the implication I'm making is that those charges
| would have been brought regardless of evidence because of
| the public nature of the case.
| wonnage wrote:
| People are still free to have opinions on the case. The
| purpose of this legal principle is to put the burden of proof
| on the prosecution, i.e the government can't simply blame you
| for a crime and force you to dig up evidence of innocence.
|
| People can disagree even if you're found innocent at trial...
| just look at OJ's case. The government isn't going to
| prosecute him again, but "OJ did it" is gonna dog him for the
| rest of his life.
| d23 wrote:
| That's the standard for our criminal justice system, not for
| us as individuals. It sounds from the release that the
| justice department has a boatload of compelling evidence
| against them.
| tiffanyh wrote:
| > "It sounds from the release that the justice department
| has a boatload of compelling evidence against them."
|
| You'd hope that before someone is arrested, the prosecutor
| has ample evidence to prove guilt.
|
| I don't understand your point.
|
| These individuals have not been proven guilty yet. Why are
| you editorializing their _presumed_ guilt in this matter.
|
| Note: I have no affiliation with these individuals nor
| case.
| lordnacho wrote:
| He's saying that _the law_ presumes innocence until
| proven guilty. They don 't throw you in jail or take your
| money until the legal process reaches a judgement, and
| this is pretty normal and uncontroversial.
|
| But you don't have to keep going for drinks with a person
| who's just been arrested and let out on bail, you can
| make up your own opinion as you feel. You can say bad
| things about him before the judge does, you can deny them
| business opportunities, your kids don't have to play with
| his kids.
| nobrains wrote:
| Disagree. You can make your opinion and you can take your
| precautions. But unless you were not directly harmed you
| should not "say bad things about them", as you put it,
| just because they are a suspect in a case.
| nobody9999 wrote:
| >Disagree. You can make your opinion and you can take
| your precautions. But unless you were not directly harmed
| you should not "say bad things about them", as you put
| it, just because they are a suspect in a case.
|
| I'm not sure I understand what you mean. Regardless of
| whether you "were not directly harmed" I don't see why
| someone should or shouldn't "say bad things about them."
|
| Why shouldn't I express my opinion? Or are we in "If you
| don't have anything nice to say, don't say anything at
| all" territory?
|
| I may be misunderstanding your point. If so, please do
| correct me. If not, I don't see why I (or anyone else)
| shouldn't express their opinion WRT _anything_.
|
| What value that opinion may have can certainly be
| debated, but why should someone _not_ express their
| opinion?
| mardifoufs wrote:
| But you are not going by any other evidence than what the
| prosecution is showing here. Unless you have an insider
| perspective or were close enough to those involved, you
| don't really have anything to go by in judging their
| guilt than what the prosecution wants to show (and they
| will obviously be extremely biaised, that's the point!).
| So by de facto believing the prosecution, you aren't
| really doing anything else than assuming guilt.
|
| You can obviously do that, but it makes little sense to
| do so when the system has been built around _not taking
| what the prosecution says at face value or as a source of
| truth_. The job of the prosecution is not to show the
| facts, it 's to prosecute. Yes you don't have to go by
| the standards of the judicial system & presume innocence
| here, but why then use the prosecution's case when it
| only makes sense in the context of how our judicial
| system works?
| lordnacho wrote:
| > But you are not going by any other evidence than what
| the prosecution is showing here.
|
| I haven't mentioned either the prosecution or the
| defense.
|
| The defense makes noises too, and you are welcome to make
| your own mix of whatever you like.
|
| But to repeat the point, you are under no obligation, it
| is the official system that is.
| melenaboija wrote:
| > You can say bad things about him before the judge does
|
| Yup, I don't understand how people is not used yet to
| public trials at social networks
| RHSeeger wrote:
| And plenty of innocent people have had their lives ruined
| because of exactly this behavior.
| giarc wrote:
| I think the commentor is stating that you and I have no
| reason to presume innocence until proven guilty. We can
| make up our own opinion. However, the judicial system has
| to assume innocence so the defendant can get a fair
| trial.
| dhsysusbsjsi wrote:
| But not so much that they let them go. Quite often there
| is a very fast hearing within 1-2 weeks where a Judge
| decides to lock them up for 2 years without parole
| awaiting trial, because it's pretty damn clear they're
| probably guilty - enough initial evidence not to let them
| back out into society at least.
| hellomyguys wrote:
| It's pretty normal for people to look at the evidence and
| be able to decide if someone was guilty or not.
|
| If someone is on video shooting someone, it is a bit
| silly to say "Why are you editorializing their presumed
| guilt in this matter."
| dazilcher wrote:
| Kyle Rittenhouse would like a word with you.
| [deleted]
| 2OEH8eoCRo0 wrote:
| My experience was that people did not look at the
| evidence- they jumped to a conclusion.
| ryan_lane wrote:
| Yeah, because if you happen to look at the evidence, the
| fact is that he took a gun across state lines, to
| "protect people's property" at a protest, and he ended up
| killing people, it would be pretty easy to come to the
| conclusion that he's guilty of at least manslaughter. Of
| course, he was charged with murder, and that's harder to
| prove. The fact that he was found not guilty doesn't mean
| he's innocent. It means he's not guilty of the crime they
| were prosecuting him for.
|
| He's not someone I'd hire for anything, he's not someone
| I'd want my friends and family around. He's not someone
| I'd want attending any protest I was attending. He's not
| a good person, and he's a clear and present danger to
| society. These are the decisions that I, as an
| individual, am free to make because I'm not the
| government, and I don't have to abide by "innocent until
| proven guilty" for how I personally judge people.
| ahallock wrote:
| You just proved the parent's point.
| kingcharles wrote:
| Grand juries indict in >99% of cases. It's just a rubber-
| stamp. The grand jury only hears the prosecutor's side.
| They can say pretty much anything. Please find me a case
| where a prosecutor or LEO was charged with perjury for
| lying to a grand jury.
|
| I've been indicted twice and both times the grand jury
| transcripts were just lies.
|
| In fact, I got someone released after 16 months in jail
| on a burglary charge because their grand jury was lies.
| The story the cop told was a complete fabrication.
| mardifoufs wrote:
| There's a _reason_ why the criminal justice system operates
| like that though. The system has been designed like that
| because it turned that it is a very good idea not to go on
| witch hunts or to assume guilt if you want a functional
| society. I 'm not defending the person involved here, but
| it's important to remember that the presumption of
| innocence isn't just an abstract legal concept instead of a
| very important part of the social contract.
| NationalPark wrote:
| Surely the important distinction here is that the state
| has the power to imprison or execute people. In our day
| to day lives, we frequently make decisions based on
| things not proved to that standard, such as in job
| interviews or on dates. Presumption of innocence is very
| much an abstract legal contrivance, though it's
| insightful to see in what cases people suddenly decide it
| needs to be applied outside that realm.
| ska wrote:
| > he presumption of innocence isn't just an abstract
| legal concept instead of a very important part of the
| social contract.
|
| I don't think this is in practice true, as a matter of
| fact rather than an ideal. People don't, in general,
| behave the same with other people who are currently being
| prosecuted for a crime.
|
| This certainly doesn't mean (most) people support
| vigilantism or witch hunts, or even that you assume
| guilt. However it seems clear the vast majority of people
| are fine with the idea that you might be "careful" with
| someone who is suspected of a crime, especially one being
| actively prosecuted. To the degree that many will claim
| they have a _right_ to know this is happening, i.e. they
| will argue that news should be carried on this (although
| perhaps no editorializing). This absolutely is not the
| same as presumption of innocence.
|
| Sometimes this is very unfair, obviously. But "the social
| contract" as it is practised seems to be pretty ok with
| that.
| yupper32 wrote:
| I could literally watch someone pick up a gun and shoot
| someone. Technically they're still innocent until a court
| of law says they're guilty. But as an individual I don't
| need to wait to think they're guilty.
|
| The question is where do you draw the line as an
| individual.
| smnrchrds wrote:
| Do you think it is wrong for a person to believe OJ was
| guilty of the murder he was accused of? If a person
| decides to keep their distance from their new neighbour
| OJ and not treat them with neighbourly kindness and open
| arms because of that murder, would you admonish them for
| treating OJ differently for something he was never found
| guilty of in the court of law?
| aeturnum wrote:
| It's not wrong for _a person_ to believe anything and act
| accordingly. It 's not even wrong to argue that we should
| not describe the accused as innocent (as long as you
| acknowledge what the official approach suggests before
| ignoring it). We are all morally free to treat OJ however
| we like (and everyone else is morally able to judge us
| for it).
|
| What is wrong is for media organizations (which can be as
| small as independent reporters) to break expected
| traditions w/o acknowledging it. It suggests that this
| case is different (and again, it _might be different_ )
| implicitly, which isn't ethical. You should either work
| within the prevailing assumptions of the system, or
| explicitly defy them in a principled maner.
| mardifoufs wrote:
| No, because in the case of OJ we have more than just what
| the prosecution (in this case, the DoJ) accused him of
| doing. My point isn't that you can't make your own
| judgment or that only court decisions are valid source
| sources of truth. What I'm saying here is that any
| opinion/analysis we can make at this stage are basically
| entirely based on the prosecution, since we don't have
| any other facts to go by.
|
| Unless you already knew the people involved or we have
| some third party sources, we are basically just believing
| the side that only has 1 goal; showing how guilty the
| people they prosecute are. How could that mean anything
| else but assuming guilt?
|
| (And honestly I think that personal feelings towards a
| person are very often good enough to make a personal
| judgment on guilt, but we don't even have that here! I'd
| bet most of us never heard of them before today)
| a_e_k wrote:
| This is why I like the Scottish "not proven" acquittal
| verdict as an intermediate third option between "not
| guilty" and "guilty."
|
| https://en.wikipedia.org/wiki/Not_proven
| mannykannot wrote:
| There is what appears to be a rather amusing side-effect of
| this principle:
|
| "The arrests today show that we will take a firm stand
| against those who _allegedly_ try to use virtual currencies
| for criminal purposes." - Assistant Attorney General Kenneth
| A. Polite Jr. [My emphasis.]
|
| There's no reason for the Justice Dept. not to take a firm
| stand against those who try to use virtual currencies for
| criminal purposes, or say that they are doing so - and, in
| fact, that would be rather better than taking a firm stand
| against those who have merely been accused of doing so. I
| guess that 'allegedly' was inserted here in order to
| forestall a claim that this statement deprived the defendants
| in this case of due process, if or when it comes to trial.
| nobody9999 wrote:
| >I guess that 'allegedly' was inserted here in order to
| forestall a claim that this statement deprived the
| defendants in this case of due process, if or when it comes
| to trial.
|
| Actually, the 'allegedly' bit was inserted because the
| defendants in this case are _alleged_ to have committed
| some criminal act(s). They have not been _proven_ (whether
| via a trial or a plea agreement) to have done so.
|
| The defendants may well be "guilty," or they may not.
| That's what the legal process (as flawed as it may be) is
| constituted to determine.
|
| Forming an opinion at to whether or not _anyone_ has
| committed an illegal act(s) is perfectly normal and
| reasonable. However, unless you 're a member of a jury in a
| trial, your opinion generally won't affect the outcome.
|
| All that said, defendants are "alleged" to have committed
| criminal act(s) until the case has been adjudicated,
| whether that be by trial or plea agreement.
|
| N.B.: IANAL.
| mannykannot wrote:
| I think you are missing the point here - the quoted
| statement is not referring to these defendants in
| particular, it is referring to those who try to use
| virtual currencies for criminal purposes in general - yet
| the language appropriate for referring to specific
| defendants creeps in here, presumably out of concern that
| some people cannot tell the difference.
|
| When a crime has been committed, it was not _allegedly_
| done by a person or persons unknown, it was _actually_
| done by whoever they were. One of the jobs of the justice
| department is to catch criminals, not _alleged_
| criminals.
| cgriswald wrote:
| The person you are responding to does not seem to have taken
| a position on the guilt or innocence of these individuals and
| has only noted an affiliation.
| stjohnswarts wrote:
| It's the feds not some southern yokel state attorney. We're
| just going with the odds. No one here is saying throw them in
| prison without a trial.
| paulpauper wrote:
| Not a a lone Russian hacker, but American citizens..a husband and
| wife couple. crazy.
| dcist wrote:
| the husband is Russian-American
| nathias wrote:
| should have used monero
| emerged wrote:
| This is the type of hack you need to be both smart enough and
| dumb enough to commit.
| dracodoc wrote:
| Page 15 of statement_of_facts The only other significant deposit
| to the account was an approximately $11,000 U.S. Small Business
| Administration Paycheck Protection Program (PPP) loan advance
| provided in response to the COVID-19 crisis.
|
| So they also applied for PPP.
| rasz wrote:
| "Today Ilya Lichtenstein is the co-founder of the Y Combinator
| backed Mix Rank,"
|
| One of the first Google results for the names returns 'Get your
| first $1 million in enterprise sales with zero marketing spend'
| https://www.youtube.com/watch?v=DuIr5IFQ9Xg
|
| Heather R Morgan
|
| Serial entrepreneur SaaS Investor Razzlekhan = Surrealist Artist,
| Rapper & Fashion Designer with synesthesia Also Forbes writer
|
| https://www.inc.com/heather-r-morgan/dont-hire-a-salesperson...
|
| "As I build a sales team for my latest software startup, Endpass"
|
| Endpass "Bringing you the delightful and secure Ethereum wallet
| that's easy enough for grandma to use."
|
| Wait, so did Feds nab them for running Ethereum wallet startup
| and claim $3B in client wallets as theirs? Or did the pair start
| Ethereum wallet company to wash stolen coints?
| duxup wrote:
| Did Mix Rank take bitcon?
| gk1 wrote:
| I met Heather many years ago. It's a weird feeling to see a
| name you recognize in an announcement like this. We've lost
| touch long since so I have no comment.
| capableweb wrote:
| > We've lost touch long since so I have no comment
|
| But felt it was important enough to state that you know her?
| I'm not sure what your comment is supposed to be.
| zkldi wrote:
| jeez man, not every comment has to be a profound statement.
| I thought it was pretty interesting.
| frontman1988 wrote:
| It's good to add some value with your comment though. You
| can talk about how she was as a person or some other
| interesting anecdote
| [deleted]
| ordinaryradical wrote:
| Were they married at the time of this interview?
| dorlevi wrote:
| "How to Social Engineer Your Way Into Anything -- Heather R.
| Morgan | NYC Salon 101 " : https://youtu.be/JmahJCWJ8iM?t=1572
|
| Heather Morgan explaining how you can social engineer yourself
| out of a bad situation, can't make this shit up.
| d--b wrote:
| That's 3 times bigger than El Chapo's fortune. And it's still
| missing 900 millions!
| shiado wrote:
| It never ceases to amaze me how incompetent some high profile
| criminals are. Encrypting a file is simply too difficult
| apparently. The entire purpose of crypto is that the exclusive
| holder of a private key cannot have funds seized. A 15 year old
| kid probably has better opsec with their crypto wallets than
| these people. Astonishing really.
| vmception wrote:
| yeah I've never seen a crypto investigation that made me
| impressed with the government's abilities, nothing that
| surprised me about the utility of OPSEC best practices, only
| people with weak links and dumb behaviors that are incompatible
| with doing something criminal.
| from wrote:
| You're not serious, right? You clearly haven't seen some of
| the latest unlicensed money transmitter prosecutions. The
| resourceful agents over at HSI have come up with an
| incredibly effective method of stopping crime in the Bitcoin
| network. It looks something like:
|
| CS1: "I would like to exchange these dollars which I
| represent to be the proceeds of the sale of controlled
| substances in violation of the Controlled Substances Act for
| Bitcoin." Localbitcoins trader: "OK."
| pdog wrote:
| Ilya Lichtenstein (YC S11) is the co-founder of YC-backed
| MixRank. Heather Morgan, his wife, is apparently a serial
| entrepreneur, investor, and "contributor" to Forbes.
| cam0 wrote:
| Her Forbes bio:
|
| Heather R. Morgan is an international economist, serial
| entrepreneur, and investor in B2B software companies. She is an
| expert in persuasion, social engineering, and game theory.
| robbedpeter wrote:
| "The infamous Crocodile of Wall Street" lol.
|
| They certainly thought an awful lot of themselves - it's
| fascinating to dig into their public facing digital trail. If
| they played by the rules they'd have been living large as
| part of the .001% of the world.
|
| They bought themselves a giant lead brick and chained
| themselves to it. It'd be sad if it weren't so
| stereotypically comical.
| rasz wrote:
| she also ran Endpass "Bringing you the delightful and secure
| Ethereum wallet that's easy enough for grandma to use."
| localhost wrote:
| She's also a rapper, and not a very good one:
| https://www.youtube.com/watch?v=_DIuPPmY9mw
| stjohnswarts wrote:
| That is truly awful, I couldn't take more than 20 seconds of
| it. I couldn't say I would do better but I have no delusions
| about being a rapper either.
| dom96 wrote:
| Better than most to be honest
| 323 wrote:
| Doesn't matter, she's going viral now
| beebmam wrote:
| This is absolutely incredible. Wow.
| syndacks wrote:
| >everyone worries too much about what's proper / but not Razz
| -- no shame -- that don't stop her!
| mritchie712 wrote:
| Her delivery reminds me of a CEO being forced by their HR
| department to "do a rap" in the 2000's to "relate" to their
| employees.
| raydev wrote:
| I got strong "Just 2 Guyz" vibes from it (which was
| intentionally funny):
| https://www.youtube.com/watch?v=Nt2OVAgkHBc
| vmception wrote:
| How about the 2010s! A VC firm had a tradition of making
| all their portfolio companies participate in an annual rap
| and dance. I think I had to participate in an Gangnam style
| rendition. Probably not that hard to find, with that
| information.
| astrange wrote:
| Record companies are just VC firms who make their whole
| portfolio sing and dance.
| mateus1 wrote:
| Strong Leslie Knopes in Parks & Rec's vibes!
| outside1234 wrote:
| "0FCKs given"
|
| This whole crypto space is just a giant show of "Punk't"
| isn't it. This can't be real - it is just parodies the whole
| way down.
| vmception wrote:
| > Y Combinator did not respond to BuzzFeed News' request for
| comment.
|
| https://www.buzzfeednews.com/article/sarahemerson/crypto-lau...
| elkos wrote:
| For those unfamiliar with Forbes as a platform, forms allows
| for independent unpaind (by Forbes) writers to submit content
| on their platform. If you see a scummy crowdfunding campaign or
| shady start up claiming "as featured in Forbes,etc etc" that's
| how they do it.
| [deleted]
| lbriner wrote:
| Serious question though, we live in a time when a mere mortal is
| able to carry out an enormous financial crime, whose knock-on
| effects _could be_ enormous to millions of people directly and
| indirectly. How do you put a relevant sentence on that? Even
| whole-life in prison doesn 't really make up for the number of
| people who might be affected by it.
|
| note, I didn't read the article, it was just the headline that
| made me ask the question so possibly slightly off-topic.
| tdhz77 wrote:
| ilya@mixrank.com
| neonate wrote:
| http://web.archive.org/web/20220208165810/https://www.washin...
|
| https://archive.is/IcdPK
| maboo wrote:
| Ilya is a good guy, I don't think he's guilty. there's gotta be a
| misunderstanding
|
| everyone thinks this story is about me
| kisamoto wrote:
| In a hypothetical, if the two did not breach Bitfinex servers
| (unauthorized access to others systems) but instead managed to
| "guess" the private key to the Bitfinex wallet and transfer the
| funds, would this also be a crime?
|
| Would this be treated the same way?
| seibelj wrote:
| If a bank accidentally leaves a sack of cash on the sidewalk
| and you take it, it is not yours. Plus they didn't declare any
| of the money and instead laundered it through a bunch of sham
| companies and fraudulent users on crypto exchanges.
| toomuchtodo wrote:
| Even if the bank accidentally put the money in your bank
| account and it's reasonable to believe that it's not yours,
| you can be held liable if you spend it or withhold it from
| the bank.
| knorker wrote:
| If bitcoin has legal ownership, then the means by which you
| stole it doesn't seem relevant.
|
| Are you essentially asking if bitcoin has ownership?
|
| I would assume that using someone else's credentials (wallet
| private key) without permission to make changes to a system
| (the bitcoin blockchain) is in itself illegal, yes.
|
| IANAL.
| shemnon42 wrote:
| I can't see how they can get away from it not being theft. No
| durable argument could be made in court they thought it was
| there to take, there is no way they didn't know it was someone
| else's property.
| nverno wrote:
| Regardless, I don't think ignorance would be a valid legal
| defense, despite whether someone recognizes random sequences
| of bits as personal property or not.
| oh_sigh wrote:
| Yes. If you guess my house key shape, that doesn't give you a
| right to enter my house, even if you can now unlock the front
| door.
| ngokevin wrote:
| From the article, they aren't necessarily being charged with
| the hack itself
| sschueller wrote:
| So they where hired to launder the money? Wouldn't the FBI
| try to make a deal to catch the people who executed the hack?
| ngokevin wrote:
| Just saying in the article that's what they're being
| legally charged for, and that already comes with hefty
| maximum sentences.
|
| They are clearly associated with the hack, but that can be
| tacked on after further investigation and cross-
| examination. The money laundering is an easier opening
| target.
| runeks wrote:
| Wouldn't it still be laundering?
| pc86 wrote:
| Knowing the key doesn't immediately mean that your access is
| authorized. This isn't equivalent to finding a $20 bill on the
| ground so there's not really any corollary to stumbling across
| it.
| manquer wrote:
| It is theft whether your door was unlocked or I break your
| window and then steal your stuff.
| realce wrote:
| Computer Fraud and Abuse Act covers any unauthorized access
| regardless of how the credentials were obtained or... magically
| guessed.
| lupire wrote:
| Also, grand larceny applies if you guess the code to unlock a
| car.
| bpodgursky wrote:
| It applies even if the car isn't locked... it applies any
| time you take something you know isn't yours.
| nybble41 wrote:
| In the scenario outlined there would be no unauthorized
| access to any systems, whether owned by Bitfinex or anyone
| else, so I really don't see how the CFAA could possibly apply
| here. As for the cryptocurrency network itself, the protocol
| is that anyone who has the private key is authorized to spend
| the corresponding funds--how the key was obtained is
| irrelevant.
|
| Of course, correctly guessing a 256-bit random private key is
| _exceedingly_ unlikely, though if they key is based on a
| lower-entropy password (a "brain wallet") then the odds of a
| correct guess improve dramatically.
| [deleted]
| thereddaikon wrote:
| CFA would likely consider a bitcoin wallet a "system". You
| weren't authorized to access funds in that wallet.
|
| And even if it weren't that's no different than guessing
| someone's bank account number and paying for purchases that
| way. Its still someone else's money and its still stealing.
| nybble41 wrote:
| > CFA would likely consider a bitcoin wallet a "system".
| You weren't authorized to access funds in that wallet.
|
| We don't have to guess. The CFAA refers to unauthorized
| access to _computers_ , not "systems". The Bitcoin
| network is not a computer, and someone posting a
| transaction signed with some key, however that key was
| obtained, is using the network _as intended_ and not
| accessing either the Bitcoin network as a whole or the
| individual computers comprising the Bitcoin network in an
| unauthorized manner.
|
| > And even if it weren't that's no different than
| guessing someone's bank account number and paying for
| purchases that way.
|
| It is different, because in that scenario you're claiming
| to be the designated account owner, a specific legal
| person authorized by contract to direct the bank to pay
| money from that account--not just someone who knows the
| account number. You generally have to sign a statement to
| that effect in addition to providing the account details.
| If you aren't the account holder then you're committing
| fraud. (Though practically speaking it's really a bit
| ridiculous that merely knowing the account number--
| something printed on every check and hardly a closely-
| held secret--is considered sufficient to set up a direct
| debit.)
|
| By design, Bitcoin doesn't care about your real-world
| identity; it only cares about whether you know the
| private key.
|
| > Its still someone else's money and its still stealing.
|
| Wrong on both counts. Bitcoins are an abstract concept,
| much like points in a game. They are governed by
| voluntary consensus among Bitcoin users according to a
| particular specialized system of rules, and _not_ your
| private property. In short, they 're "yours" only as long
| as the network says they're "yours". If other Bitcoin
| users stop recognizing those bitcoins as "yours" for
| whatever reason--a blockchain fork, a change in the
| consensus rules, someone else guessing your private key
| and spending them--you have no legal recourse. There are
| no physical goods involved which you could sue to have
| returned to you, and no legally-binding contracts between
| you and any other participants in the Bitcoin network
| which you could claim were breached by the change.
| ada1981 wrote:
| I'm so confused how this holds up in a distributed system
| like Bitcoin.
|
| There is this ownerless software running.
|
| I don't see it as theft.
| deepsun wrote:
| Should I expect price drop once feds start to sell it? Or they'll
| just destroy the keys (keeping the money invested forever).
| lern_too_spel wrote:
| It will probably be returned to Bitfinex if they can access the
| wallet.
| bastawhiz wrote:
| That's assuming the feds don't have unfinished business with
| Bitfinex. They're not exactly on great terms.
| lern_too_spel wrote:
| That's just nitpicking. If Bitfinex is acting as a
| custodian, the property will be returned to the owners.
| Whether that return happens via Bitfinex or via the feds
| looking at Bitfinex's books doesn't really change much. The
| point is that the feds can't destroy property just because
| they don't like who it was stolen from.
| almost_usual wrote:
| According to the article it's up to a judge on how the funds
| are dispersed. It seems to lean towards the bitcoin being
| returned to their rightful owners.
|
| It worked out well for the owners assuming it is returned.
| TigeriusKirk wrote:
| Previously seized coins have been sold in off-chain auctions,
| same mechanism as other seized goods.
|
| Since these have a known rightful owner, though, they may just
| be returned.
| peter303 wrote:
| Those were dark money used in crime. These havent been used
| in crime, yet.
| Lev1a wrote:
| I'd actually really like if they used this opportunity to drive
| the Bitcoin price straight into the ground, thereby ruining
| that market for all those speculative investors.
|
| Maybe that'd allow for something of a reboot of the ecosystem
| having eliminated the scum that usually starts to invade any
| remotely financially exploitable system after a while.
| mrkramer wrote:
| >Hackers Move $3.55B Worth of Bitcoin from 2016 Bitfinex Hack
|
| https://news.ycombinator.com/item?id=30162085
|
| So government was moving bitcoins not hackers. Like I said in
| that thread it is easier to launder cash than bitcoins because
| bitcoins are on chain forever and cold cash can be laundered in
| numerous ways.
| tradertef wrote:
| Thanks for sharing this. Hilarious comments :)
| duxup wrote:
| >According to court documents, Lichtenstein and Morgan allegedly
| conspired to launder the proceeds of 119,754 bitcoin that were
| stolen from Bitfinex's platform after a hacker breached
| Bitfinex's systems and initiated more than 2,000 unauthorized
| transactions. Those unauthorized transactions sent the stolen
| bitcoin to a digital wallet under Lichtenstein's control. Over
| the last five years, approximately 25,000 of those stolen bitcoin
| were transferred out of Lichtenstein's wallet via a complicated
| money laundering process that ended with some of the stolen funds
| being deposited into financial accounts controlled by
| Lichtenstein and Morgan.
|
| Sounds like they were very much involved in the hack... or
| someone hacked Bitfinex and gifted them the coins?
| mikeyouse wrote:
| Yeah -- It reads like they didn't have the evidence to prove
| they hacked Bitfinex, but plenty of evidence they're the only
| ones that moved the hacked funds. Hence the lack of CFAA or
| other charges in favor of money laundering ConFraudUS.
| mmh0000 wrote:
| More people needs to learn about CoinJoins[0].
|
| "CoinJoin is a trustless method for combining multiple Bitcoin
| payments from multiple spenders into a single transaction to make
| it more difficult for outside parties to determine which spender
| paid which recipient or recipients. Unlike many other privacy
| solutions, coinjoin transactions do not require a modification to
| the bitcoin protocol."
|
| [0] https://en.bitcoin.it/wiki/CoinJoin
| jacquesm wrote:
| Great idea, now you are not only liable for your own
| activities, but also for lots of other activities possibly much
| worse than your own.
|
| This seems to be a pretty nerdy idea of 'how the world works'
| that could easily spectacularly backfire.
| ericmay wrote:
| Beautiful. Kudos to the FBI and the US Government for nailing
| these criminals.
| mittermayr wrote:
| Sometimes I wonder what the chances are that certain (highly
| privileged) staff at Google (or other similar data storage or
| e-mail companies) could run a query across Google Drive looking
| for a specific public key. Much like a malware scanner, just
| looking for "a key", just to see if there is an account matching.
| Unofficially, of course. A rogue employee perhaps. And, what if,
| in such a case, the employee (in the best of cases) reports the
| person anonymously, or in other cases, takes off with the private
| key if also found.
|
| Or does anyone know if the data is so encrypted that nobody at
| Google can override? I would highly doubt that, looking at US law
| enforcement pressure. And I am sure there's a million and one
| barriers and access requests blocking raw queries, but
| technically...
|
| Of course, a hefty hefty conspiracy-laden thought, but I just
| found myself curious if that would even remotely be an option.
| manquer wrote:
| The I/O cost would be more than any loot you find !.
|
| Jokes apart, it is not easy even for Google in-house teams such
| a query scanning all their drive folders would be very, very
| expensive computationally.
|
| Most files are stored as binary blobs, i.e. bin formats like
| PDF etc with some level of compression. Retrieval costs and
| file read costs for even most common formats can be expensive
| and slow
| sjg007 wrote:
| Google already scans drives for copyright infringement.
| rehitman wrote:
| I haven't work for google, but other cloud provider I worked
| has very strict production access policy. You cannot just
| access prod, or run script. Even in cases that you must access
| prod, it needs special temporary access. (Just in Time Tokens),
| which is audited, and linked to a case. Few people in
| management line have to approve the access, and it expires once
| used. I would say the chance that some random engineer does
| this is very very low. Unless Google actually does something
| like that as a product for law enforcment. I have heard few
| cases of these scripts for things like child abuse images. I
| have never seen one though in action.
| bagacrap wrote:
| I think the perp encrypted the file themselves before uploading
| to Google cloud (or wherever). The encryption was not provided
| by the platform.
| paulpauper wrote:
| this would be trivial to code and could search for one of the
| bip 39 dictionary words. github key thieves do this already.
| vmception wrote:
| Happened to many on dropbox too
|
| You would never know if it was somebody employed there or at
| the data center or at the government agency tapping the
| servers
| JoeAltmaier wrote:
| With so much money involved, I wonder if we can ever really know
| anything. Enough money, and you can make black == white. E.g.
| these two were fallguys
| d23 wrote:
| Thankfully we have a legal process intended to figure this
| exact thing out via a process of presenting and considering
| evidence.
| JoeAltmaier wrote:
| And we don't think money comes into that?
| loceng wrote:
| I ask this every so often during threads regarding stolen
| cryptocurrency:
|
| Is there any solution yet to preventing stolen cryptocurrency
| funds from being spent? Isn't the only solution to have a central
| database and require laws to require every transaction to be pre-
| checked to see if it's stolen funds or not?
|
| And not only that, the centralized system will have to be
| constantly keeping track of wallet mixing to see where funds are
| being redirected to, attempted to being washed to?
| throwaway22032 wrote:
| Most cryptocurrencies are designed such that the concept of
| "returning" stolen funds is not really meaningful.
|
| The best analogue is cash. If you want to return the cash you
| need to physically find it and move it back.
| lupire wrote:
| Sovereign law isn't so easily waved away, unless you are
| seasteading.
| throwaway22032 wrote:
| I'm not waving it away, this isn't a discussion about the
| legal system.
|
| If someone steals steal a fiver from your back pocket then
| there's no magical wand that the police can wave that
| teleports the cash back into your hand. They need to come
| and get it from the kitchen table or wherever the thief has
| put it assuming they haven't spent it.
|
| Most cryptocurrencies are explicitly designed to act as
| digital cash in this way. The system is structured such
| that a coin is fully under the control of the owner of the
| private key, there is no third party involved to effect
| some sort of return like a bank can.
|
| If the coins are sitting in an exchange or some other
| custodian i.e. not exclusively under the control of the
| owner of a private key then you can effect this change by
| leaning on the exchange (in a legal sense).
|
| The exchange is the bank, the coins are cash.
| knorker wrote:
| Cash is not a good comparison to cryptocurrency at all.
|
| Stealing $70M, or trying to launder $5B in cash, is
| absolutely not the same thing as doing the same with
| cryptocurrencies.
|
| $70M or $5B is a serious logistical problem to steal,
| hide, and launder.
|
| $70M is 700kg in $100s.
|
| > under the control of the owner of the private key,
|
| Not owner, no. Temporary viewer is enough. And that's a
| huge difference.
| throwaway22032 wrote:
| Possession is probably a better word than ownership,
| sure.
|
| In the same way that if someone takes your cash into
| their possession, they might not have legal ownership,
| but now they have to somehow be involved in its' future
| transfer (even if that's like, handcuffing them and
| forcing them to hand it over).
|
| In a cryptographic system you need the key in order to do
| things. Whether you think it's good or bad to apply that
| principle to the concept of money is orthogonal to the
| ground reality of how it actually works.
|
| The original Bitcoin whitepaper explicitly refers to
| itself as a peer to peer electronic cash system
| (https://bitcoin.org/bitcoin.pdf). It's the 7th word in.
| It's designed to operate in a cash-like manner as opposed
| to a referential (credit-like? not sure what the term is
| for this) as in a bank ledger or similar.
| knorker wrote:
| > Possession is probably a better word than ownership,
| sure.
|
| I want to stress that I don't consider this a minor
| difference.
|
| > In the same way that if someone takes your cash into
| their possession, they might not have legal ownership,
| but now they have to somehow be involved in its' future
| transfer
|
| Yes. Cash can be stolen by a pickpocket. But two things
| make this not a difference in degree, but in kind:
|
| 1. You can't pickpocket $70M 2. A pickpocket can quickly
| hand the $100 in your pocket to an accomplice, but not to
| an accomplice in Bolivia.
|
| If you want to move millions or billions in cash then you
| have to fill out paperwork exactly because that's how
| money laundering happens. Cash isn't actually easy to
| move, nor anonymous, at scale.
|
| $70M is 700kg in $100s. And any legit business you show
| up with $1M in cash will report it, because they have to
| and/or because they don't want to be tried as an
| accomplice to money laundering.
|
| I've had friends receive huge sums in cash, and they have
| reported it exactly for this reason. Enforcement against
| financial crime is actually built in.
|
| I think the comparison to cash therefore is completely
| inappropriate, to the point where I question if it's even
| said in good faith.
|
| > In a cryptographic system you need the key in order to
| do things. Whether you think it's good or bad to apply
| that principle to the concept of money is orthogonal to
| the ground reality of how it actually works.
|
| In my opinion it's not "money" that's being replaced with
| math, but "intentions". It's not about replacing fiscal
| policy with math so much as replacing laws against theft
| and money laundering.
|
| The definition for the features of cryptocurrencies tend
| to be the exact description of money laundering and tax
| evasion.
|
| So if the goal is "I want to commit all the financial
| crimes" then yes, for those purposes cryptocurrencies
| have found their use cases.
| throwaway22032 wrote:
| You seem to have descended into some sort of monologue.
|
| I hope that it's cathartic for you; I just wanted to
| discuss how possession works in cryptocurrencies.
|
| My apologies for using the word ownership instead of
| possession, lazy language on my part.
| loceng wrote:
| So we pretend to treat it like cash and ignore that we can
| track and know exactly what digital currency is stolen?
| That's your proposed solution?
| throwaway22032 wrote:
| No, you're using words that I don't think are meaningful in
| the context of what a cryptocurrency is.
|
| Assuming you can't physically track down a thief and seize
| control, the technical best case you can achieve with
| Bitcoin is to blacklist specific transaction outputs e.g.
| you can choose not to accept them. You can't prevent others
| from accepting them, but you could for example as a
| governmental body add them to a global blacklist of sorts
| and legally forbid exchanges from accepting transactions
| which have at some historical point interacted with those
| blacklisted transaction outputs.
|
| With the use of Lightning or coinjoin or various other
| privacy preserving protocols you're going to end up in a
| situation in which you have to taint the entire coinbase
| (e.g. all coins) eventually; the ultimate endgame of doing
| that would be to "ban Bitcoin" on exchanges.
|
| With something like Monero or ZCash there's no serial
| number to track in the first place so you have no ability
| to blacklist anything; your only option is to refuse to
| accept those currencies at all.
|
| These are possible legal avenues you can go down. But
| returning the funds is mathematically impossible without
| somehow gaining access to the private keys that control
| them.
|
| The fact that there is no "solution" here is an explicit
| goal of most of the cryptocurrencies that I'm aware of.
| It's certainly the reason that I'm interested in the space;
| it's non-custodial, as cash is.
| knorker wrote:
| > Most cryptocurrencies are designed such that the concept of
| "returning" stolen funds is not really meaningful.
|
| Which is why these things are not features, but bugs, in
| cryptocurrencies. The core design principles of
| cryptocurrencies are actually bugs, if you think about it.
| throwaway22032 wrote:
| It's not a bug, it's an explicit design decision with
| trade-offs.
|
| Is it a bug that my fork can't cut like a knife? Different
| tools, different purposes.
| gruez wrote:
| >The core design principles of cryptocurrencies are
| actually bugs, if you think about it.
|
| It's a system designed around a different set of trade-
| offs. Calling a bug doesn't really make sense. For
| instance, using full disk encryption means that you lose
| all your data if you forget your keys. That's not an issue
| if you use icloud (which presumably has an account recovery
| process). Based on this, can you say that the "core design
| principles of full disk encryption are actually bugs"?
| knorker wrote:
| Good point.
|
| It's a bug to the vast majority of people, but that
| doesn't make it a bug to ultralibertarians.
|
| It's a bug if the goal is actually to have everyone adopt
| it.
| mdoms wrote:
| Some organisations already have such systems in place. Take for
| example this Redditor who lost hundreds of thousands of dollars
| because someone some time in the past pushed his coins through
| a mixer.
|
| https://www.reddit.com/r/blockfi/comments/skxiei/blockfi_hor...
| optimalsolver wrote:
| As I understand it, the Poly Network hacker found it impossible
| to transfer his stolen Tether due to those coins being frozen
| at Tether HQ.
| AlexanderTheGr8 wrote:
| Is there a need for an algorithm to efficiently check if a
| transaction is in a particular list?
|
| I have a fairly good idea on how to make a very efficient
| algorithm for this. If there is a need for it, I would love to
| help in any way I can.
| pcthrowaway wrote:
| With some things, such as the stablecoin USDC, the issuer can
| prevent specific addresses from transferring them
| runeks wrote:
| Which is only possible because it's centralized
| knownjorbist wrote:
| A DAO could just as easily decide to do the same, but it'd
| need to be built into the smart contracts.
| pcthrowaway wrote:
| This works with the smart contracts with USDC, it's just
| that there's an authority which has permission to update
| the state to deny transfers from a specific address.
|
| This is because USDC is a centralized stablecoin (as is
| USDT). There are decentralized stablecoins such as UST
| and MIM (and I believe DAI as well).
| knownjorbist wrote:
| Correct, though on second thought, given how slow many
| DAOs are to operate, the perpetrators would already be in
| some other uncontrollable currency by the time people
| voted to blacklist certain wallets.
| pcthrowaway wrote:
| A DAO _could_ have a privileged user (voted in by the DAO
| of course) who has the ability to blocklist specific
| addresses that aren 't explicitly on an allow-list. Then
| the DAO vote could add accounts to the allow-list.
|
| Doing so would mean the token could be transacted, except
| by users who are on the blocklist and _not_ on the allow-
| list. And this would prevent a privileged user from
| abusing the power to add accounts to the block-list.
| Getting unblocked at the speed of DAO is less of a
| concern, as long as blocked account-holders can still
| vote with their tokens.
| AlexanderTheGr8 wrote:
| what do you think about tornado.cash? It's apparently a very
| effective mixer. I wonder what law enforcement can do if
| someone ends up using tornado_cash.
|
| There is absolutely no way of knowing if the money is good or
| bad. If you consider every mixed_cash as bad, you would be
| forced to assume that the entire cryptocurrency is bad bec of
| how the money flows.
| MauranKilom wrote:
| > If you consider every mixed_cash as bad, you would be
| forced to assume that the entire cryptocurrency is bad bec of
| how the money flows.
|
| That's exactly what's happening, according to this page that
| was on the HN front page a few days ago:
| https://news.ycombinator.com/item?id=30224637
| AlexanderTheGr8 wrote:
| Thanks for the link.
|
| Millions of innocent people use cryptocurrencies. Even if
| you assume a currency is bad, its impractical to think that
| millions of people are bad.
| loceng wrote:
| I don't understand all technicalities of cryptocurrencies,
| however you make it illegal to mix with known stolen
| cryptocurrencies - and then it won't get mixed; else yes,
| it's a problem if your ethics make you okay with rewarding
| criminal behaviour by allowing stolen money to be spent.
| rlpb wrote:
| What does "stolen cryptocurrency" actually mean? For example,
| if one person says it was stolen from them, and the holder says
| they legitimately acquired it, then how is any solution
| supposed to decide who is correct?
|
| For fiat currency, there's usually a court system that can be
| used to determine ownership. Though often they explicitly
| exclude cash from that - if somebody legitimately acquires bank
| notes that were previously stolen, they can keep them and they
| are valid as legal tender.
|
| For cryptocurrency, which jursidiction's justice system is
| going to determine whether something has a "stolen" marker or
| not? What if that's not recognised by a different jurisdiction,
| or someone else comes to the opposite conclusion?
| jcranmer wrote:
| > For cryptocurrency, which jursidiction's justice system is
| going to determine whether something has a "stolen" marker or
| not?
|
| It's the _same_ decision process as the normal justice
| system. Broadly speaking, you can analyze it as follows (for
| civil complaints):
|
| 1. Is there a clause in the contract that says "disputes
| follow XYZ jurisdiction"? Then that's the jurisdiction. (And
| adding such a clause is Contracts 101 material).
|
| 2. If not, then you can usually get jurisdiction based on
| where the offense actually happened, or where the defendant
| lives. The analysis can get complicated, but it's not going
| to meaningfully change for cryptocurrency.
|
| 3. There's also a potential for extraterritorial jurisdiction
| in some cases.
|
| > What if that's not recognised by a different jurisdiction,
| or someone else comes to the opposite conclusion?
|
| Well, jurisdiction really comes down to a) can you get a
| court to agree that it has jurisdiction, and b) can you get
| other people to agree to the court's orders for relief.
| runeks wrote:
| There is no solution because you would end up punishing
| innocent people. E.g. if a thief buys a car with their proceeds
| then it's not fair to punish the car dealership by confiscating
| the originally-stolen coins. This was decided in Scotland in
| 1749, cf.
| https://en.wikipedia.org/wiki/Crawfurd_v_The_Royal_Bank
| loceng wrote:
| How exactly are you punishing innocent people? What's
| happening is you're rewarding thieves.
|
| Your example doesn't fit what I am saying either. With a
| digital currency you can do a pre-sale trick, so you'll see
| the funds were stolen - and you then don't sell them the car
| in the first place.
|
| We can't incentivize theft.
| swarsh wrote:
| That Scottish decision, while still the basis for bona fide
| acquisition of money in the UK and US, does not yet appear to
| apply for cryptocurrencies.
|
| Your Wikipedia link cites a 2019 paper published in the
| Georgetown Technical Law Review whose analysis
| (https://georgetownlawtechreview.org/wp-
| content/uploads/2019/...) on page 415-6 says that 2016 US v
| 50.44 Bitcoins (https://casetext.com/case/united-
| states-v-5044-bitcoins) determined "cryptocurrencies do not
| meet the UCC's definition of money" and thus bona fide
| acquisition is not sufficient to prevent the crypto from
| being legally seized from the possessor and returned to the
| original owner.
| [deleted]
| mgh2 wrote:
| Dupe: https://news.ycombinator.com/item?id=30260987
| jrav wrote:
| Probably stupid question: Why not just exchange it to zcash or
| monero or some other coin that hides transaction details? Then
| you can send it to a new wallet; theoretically 100% untraceably.
|
| Is this not a valid approach?
| Gasp0de wrote:
| They did that apparently, it is mentioned in the article. There
| are still ways to trace it. For example, if they do it in a
| short timeframe or in just two transactions you can match the
| amounts. Not many people send 100k$ in zCash around.
| 0des wrote:
| Amounts are not public with Monero outputs created within the
| last few years.
| AlexanderTheGr8 wrote:
| One possibility is that almost all exchanges require KYC today.
| uncomputation wrote:
| The transaction from BTC to Monero is traceable.
| cirowrc wrote:
| with atomic swaps that make use of taproot, that wouldn't be
| distinguishable from, say, opening a lightning channel, but
| still, there's not enough liquidity there (and this is very
| recent stuff anyway)
| miohtama wrote:
| If you read the court PDFs you see that they tried it.
| joecool1029 wrote:
| I was thinking, we know the feds have seized bitcoin and
| auctioned (laundered) them off later on. Cash often gets seized
| too.
|
| What happens if a criminal tries to burn cash and is mostly
| successful in doing so? Do the feds go to the BEP with a claim to
| get the money reprinted; or, like burned bitcoin, is it gone
| forever?
| ratg13 wrote:
| Does anyone know if Bitfinex will get this returned to them (and
| hopefully repay users) .. or what the next steps in this story
| might look like?
| spywaregorilla wrote:
| What users?
| ratg13 wrote:
| Bitfinex had to take a percentage of user's assets away due
| to the theft.
| evdubs wrote:
| After this hack, Bitfinex account holders took a haircut (30%
| or so) and were given tokens representing the remainder of
| their dollar-denominated account balances. Those tokens were
| paid in full in 2017ish.
|
| Later, the UK, Portugal, and Poland seized $1B or so of
| Bitfinex customer funds due to the funds being delivered by
| Crypto Capital Corp who was found to be engaged in money
| laundering. Bitfinex issued LEO tokens to make up for that
| asset seizure, and have a clause that if the 2016 stolen
| bitcoins were recovered, they'd be used to retire the LEO
| tokens. That's why LEO has greatly increased in value recently.
| https://cryptowat.ch/charts/BITFINEX:LEO-USD?period=1d
| johnmarcus wrote:
| It's so odd that the story breaks today but LEO started
| jumping 8 days ago. No insider trading there, I am certain!
| AlexanderTheGr8 wrote:
| > One overlooked detail in the Razzlekahn arrest. Almost all the
| money went through AlphaBay, using it as a mixer. The feds were
| able to see through this because they seized AlphaBay. Its
| amazing how, even years after, darknet market seizures pay
| dividends to the feds.
|
| Another fascinating detail.
|
| Source: https://twitter.com/ncweaver/status/1491118233973571585
| vmception wrote:
| Why do they call it Razzlekahn?
|
| I was just watching her tiktok account, pure cringe.
| sharken wrote:
| Razzle looks like a female version of the male rapper Rahzel,
| who is also from New York.
|
| https://en.m.wikipedia.org/wiki/Rahzel
|
| And Khan is from Genghis Khan, as mentioned here:
|
| https://www.lyrics.com/sub-artist/Razzlekhan/28366
|
| But this is all just a guess.
| Severian wrote:
| So, hypothetically, if these guys were to completely cash out
| these coins somehow, and then pay tax to the IRS, would they be
| immune from tax fraud and IRS involvement? I know similar things
| happen with stolen property and illegal drugs (Sullivan v. United
| States).
| vmception wrote:
| Yes if they successfully laundered it and paid taxes they would
| have no liability.
| Severian wrote:
| Probably liability to the Fed, but not local prosecutors for
| whatever locality Bitfinex was in then?
|
| Are bitcoins recognized as personal property, IP, none, or
| something of a blend in smaller jurisdictions? I have no
| idea.
| vmception wrote:
| they wouldn't know who to hold accountable either. The
| point is that nobody would.
|
| In my model the only liability would occur from the normal
| day to day business operation that you earn the
| successfully laundered proceeds from. like one of your
| actual clients sue you because you breached the SLA because
| you forgot you're actually running a legitimate business.
| trizuz wrote:
| amazd wrote:
| Here's a video of the couple, with the dude getting a hair cut
| from the rapper gf: https://www.youtube.com/watch?v=pDY1bC9eL-A
| tradertef wrote:
| She says she is Turkish and counts in Turkish. But her name and
| accent are not Turkish..
| mdoms wrote:
| > "Today, federal law enforcement demonstrates once again that we
| can follow money through the blockchain, and that we will not
| allow cryptocurrency to be a safe haven for money laundering or a
| zone of lawlessness within our financial system," said Assistant
| Attorney General Kenneth A. Polite Jr. of the Justice
| Department's Criminal Division.
|
| How is this not a total death blow for bitcoin? If the justice
| department can do it, anyone can. It's a public ledger. So you
| effectively must treat every transaction you ever make on the
| blockchain as totally public and tied directly to you.
| AlexanderTheGr8 wrote:
| It took them 6 years to catch these perps. And these perps were
| extremely sloppy (storing keys in cloud, weak encryption)
|
| Justice must give the perception that they are doing enough.
| They can't really say that it's really hard to catch people
| committing crimes in cryptocurrencies.
| vmception wrote:
| Because there is a weak link in the methods these guys used.
|
| The DOJ always pats itself on the back to pretend to the
| worldwide audience that there is "no" illicit money in the US
| financial system.
|
| They don't say "good thing they didn't use X method! that would
| have hampered our investigation irreparably!" at least not in
| press releases.
| binarynate wrote:
| "I deeply, deeply regret to inform you that this is the rap video
| of the woman who was just arrested as part of an alleged husband-
| wife scheme that laundered some $3.6 billion in crypto."
|
| https://twitter.com/kevincollier/status/1491107221857796097
| [deleted]
| sharkweek wrote:
| I have been writing an imaginary Coen brothers in my head over
| the last couple of years based on absurd current events. This
| is definitely being added.
|
| I'm thinking of tying them both in as friends of Lady Gaga,
| tasked with trying to pay the ransom to the people who
| kidnapped her dog in crypto. In the process, they accidentally
| stole too much.
| throwaway110535 wrote:
| 25 years max for stealing billions? God bless America.
|
| > Lichtenstein and Morgan are charged with conspiracy to commit
| money laundering, which carries a maximum sentence of 20 years in
| prison, and conspiracy to defraud the United States, which
| carries a maximum sentence of five years in prison. A federal
| district court judge will determine any sentence after
| considering the U.S. Sentencing Guidelines and other statutory
| factors.
| twox2 wrote:
| Are you suggesting that's a light punishment?
| throwaway110535 wrote:
| Given that folks have been given longer punishments for
| stealing less, yes. Granted, ianal and I acknowledge that
| things come into play like repeat offenses, etc.
| twox2 wrote:
| At the same time, though, folks get lighter sentences for
| rape and murder. IMO there's nothing 30,40,50+ years can do
| to a person that 25 can't.
| throwaway110535 wrote:
| touche
| gruez wrote:
| >25 years max for stealing billions?
|
| 1. The bitcoins were only worth ~$70 million at the time of
| theft. saying they stole "billions" is highly misleading
|
| 2. I don't get it, aren't we supposed to be getting less "tough
| on crime", especially for non-violent offenses?
| throwaway110535 wrote:
| 1. Just quoting the amount mentioned in the press release. I
| guess its highly misleading too?
|
| 2. Supposed to be, but we all know that folks are sitting in
| jail right now for longer periods of time for stealing less.
| gruez wrote:
| >2. Supposed to be, but we all know that folks are sitting
| in jail right now for longer periods of time for stealing
| less.
|
| Example?
|
| The US sentencing guidelines[1] considers multiple factors
| other than "value stolen"
|
| https://www.ussc.gov/guidelines/2021-guidelines-manual-
| annot...
| throwaway110535 wrote:
| can't say i've ever read the sentencing guidelines. you
| win.
| smartties wrote:
| Are they being charged for stealing? I thought the concept of
| crypto is to be you own bank, So as long as you have the
| private key, you are now technically the owner. What if two
| people generate the same private key. Who is the owner ?
| khuey wrote:
| They're charged with money laundering.
| CPLX wrote:
| I am just guessing here but it's likely that there are multiple
| counts of these charges.
| duxup wrote:
| It's not clear that this is the end of the charges.
| paulpauper wrote:
| maybe 25 after a plea deal
| dcist wrote:
| they haven't actually been charged with hacking, just the
| laundering. the complaint could be amended after investigation
| and the potential sentence would go up.
| ncmncm wrote:
| nojito wrote:
| Sure if ignore the findings from Mueller.
| teraflop wrote:
| Would you say the Senate Intelligence Committee report, which
| was released by a committee of 8 Republicans and 7 Democrats,
| and which found that:
|
| > Russian intelligence services' assault on the integrity of
| the 2016 U.S. electoral process[,] and Trump and his
| associates' participation in and enabling of this Russian
| activity, represents one of the single most grave
| counterintelligence threats to American national security in
| the modern era.
|
| was also entirely fabricated by the Clinton campaign?
| pyronite wrote:
| > _He snagged a Pulitzer for a story about something that never
| had any primary source, that was entirely fabricated by
| political operatives then working for Hillary Clinton 's
| campaign._
|
| There was a multi-year government report indicating that "the
| Russian government 'interfered in the 2016 presidential
| election in sweeping and systematic fashion' and 'violated U.S.
| criminal law'."
|
| Source and further reading if desired:
| https://en.wikipedia.org/wiki/Mueller_report#Russian_interfe...
|
| The Justice Department under former Attorney General Bill Barr
| tried to determine who had leaked to the reporter, Devlin
| Barrett, because the information he published was accurate and
| classified: https://www.washingtonpost.com/national-
| security/washington-...
| tomweingarten wrote:
| Do you have examples of false articles he published? I can't
| find any examples of work he's done that comes close to
| comparing to Roger Stone's crimes.
| [deleted]
| counternotions wrote:
| The wife could plead not guilty by reason of insanity:
|
| https://twitter.com/matthewesp/status/1491116443207094272?s=...
| johnmarcus wrote:
| have you seen her rap video? https://razzlekhan.com/ She should
| be arrested purely for subjecting people to its existence.
| johnmarcus wrote:
| What i love most about this is that if these clowns didn't
| stupidly store their keys in a decrypt-able file in cloud
| storage, then ~.01% of BTC could have been lost forever.
|
| We are just 10,000 hacks away from bitcoin being gone forever! A
| boy can dream.
| majani wrote:
| What's shocking to me is that the hack was actually real and not
| just an inside job by Bitfinex employees
| mrkramer wrote:
| For example Mt. Gox hack was also most probably hack not an
| inside job because that guy Mark Karpeles was so incompetent
| running the exchange no wonder it got hacked every now and
| then.
| vmception wrote:
| > While it is possible that SalesFolk received virtual currency,
| based on my experience, companies that do offer virtual currency
| as a payment method or in conjunction with another service often
| advertise it to attract more business.
|
| Disagree here. I know many institutional funds that accept crypto
| for investment, solely because the third party fund administrator
| allows it, who only updated to account for that because so many
| funds and limited partners wanted that.
|
| You would have no idea how much is happening behind the scenes,
| with the merchant services pushes being just a small tip of an
| iceberg with its own success or failures.
| soared wrote:
| I was going to disagree, but it turns out you're right. Home
| Depot and a few other companies do accept crypto and they are
| not trying to meme about it.
___________________________________________________________________
(page generated 2022-02-08 23:00 UTC)