Blockchain analysis keeps getting better. Expect more seizures to come:
Cryptocurrency analytics firm Chainalysis said on Thursday that it helped the US government seize $30 million worth of digital coins that North Korean-backed hackers stole earlier this year from the developer of the non-fungible token-based game Axie Infinite.
When accounting for the more than 50 percent fall in cryptocurrency prices since the theft occurred in March, the seizure represents only about 12 percent of the total funds stolen. The people who pulled off the heist transferred 173,600 ethereum worth about $594 million at the time and $25.5 million in USDC stablecoin, making it one of the biggest cryptocurrency thefts ever.
The seizures "demonstrate that it is becoming more difficult for bad actors to successfully cash out their ill-gotten crypto gains," Erin Plante, senior director of investigations at Chainalysis, wrote. "We have proven that with the right blockchain analysis tools, world-class investigators and compliance professionals can collaborate to stop even the most sophisticated hackers and launderers."
The FBI attributed the theft to Lazarus, the name used to track a hacking group backed by and working on behalf of the North Korean government. According to Axie Infinity developer Sky Mavis, the hackers pulled off the transfers after gaining access to five of nine private keys held by transaction validators for the Ronin Networks cross-bridge, a dedicated blockchain for the game.
The hackers then initiated an elaborate laundering process that involved transferring funds to more than 12,000 different currency addresses in an attempt to obfuscate the stolen coins' movement.
[...] Last month, the US Treasury Department sanctioned the virtual currency mixer Tornado Cash after finding it has been used to launder more than $7 billion worth of virtual currency since its creation in 2019. $455 million of that sum was connected to the heist against Axie Infinity.
[...] On Twitter, Ronin Networks said, "It will take some time for these funds to be returned to the Treasury." Plante said that much of the stolen funds remains in wallets under the hackers' control. "We look forward to continuing to work with the cryptocurrency ecosystem to prevent them and other illicit actors from cashing out their funds."
(Score: 2) by darkfeline on Sunday September 11 2022, @07:57AM (4 children)
They recovered 12% of the stolen funds. That may be a failing grade, but at least they "have proven that with the right blockchain analysis tools, world-class investigators and compliance professionals can collaborate to stop even the most sophisticated hackers and launderers."
Join the SDF Public Access UNIX System today!
(Score: 3, Insightful) by JoeMerchant on Sunday September 11 2022, @12:50PM (3 children)
They have demonstrated that they are not 100% impotent, that the ransomware actors are not untouchable even (perhaps especially) when operating from states like North Korea.
Yeah, it's a failing grade, and even if they improve dramatically and the bad guys only get to keep 2% of the loot they are still going to be running their ransomware attacks, but it's infinitely better than their previously demonstrated capability of nothing.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 2) by darkfeline on Monday September 12 2022, @09:17AM (2 children)
Silk Roads already happened. If anything, this event demonstrates that people have gotten better at hiding their tracks in crypto.
Join the SDF Public Access UNIX System today!
(Score: 2) by JoeMerchant on Monday September 12 2022, @10:05AM (1 child)
Silk Road was a domestic drug bust, they didn't need to follow the money at all to find the kingpin.
I think the major point of this operation was the forcible seizure of crypto assets without physical seizure of hardware, if that's what really happened....
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 0) by Anonymous Coward on Monday September 12 2022, @11:40AM
Of course they haven't seized much of the stolen money, but they've identified what wallets they are sitting in. This isn't different than any other asset seizure, whether it be a yacht or whatever, and the nature of crypto is that it exists outside of hardware means that it is seize-able.
(Score: 4, Interesting) by rigrig on Sunday September 11 2022, @12:50PM (3 children)
So it isn't spelled out in any of the Chainalysis reports[1], but to me it looks like
[1] Truly untraceable transactions obviously don't look good for a company in the business of tracing transactions
[2] Basically you transfer coins into Tornado Cash in return for a deposit note, and use some clever math to withdraw the coins without revealing the original note/transaction.
No one remembers the singer.
(Score: 0) by Anonymous Coward on Sunday September 11 2022, @01:11PM (2 children)
Isn't it always going to be traceable after the fact because blockchain operates on a public ledger?
(Score: 1) by khallow on Sunday September 11 2022, @02:07PM (1 child)
(Score: 3, Touché) by mcgrew on Sunday September 11 2022, @06:00PM
"Who pulled who is money out." Dew knot truss yore spill checker!
Carbon, The only element in the known universe to ever gain sentience
(Score: 3, Informative) by bradley13 on Sunday September 11 2022, @02:41PM (3 children)
And that is the elephant in the room, for cryptocurrencies. Most of them are not only not anonymous, they lay out the details of every transaction for everyone to see. The "anonymity" lies in people hiding their wallet addresses, which is to say, it depends on the security awareness of the end user.
While I am not a fan of crime, I am a fan of privacy. If enabling a certain amount of crime is the price for privacy, then so be it. I want end-to-end encryption. I want banking secrecy.
And I wish crypto currencies really were anonymous. The ones that kind of are (like Montero) governments are successfully suppressing.
Everyone is somebody else's weirdo.
(Score: 2) by maxwell demon on Sunday September 11 2022, @04:11PM
I wonder what Lightning does to anonymity. From what I understand, if the payment path crosses several channels, the bitcoins the receiver gets out is not those the sender gets in (good for anonymity), but IIUC you have to explicitly build a channel to the network to do transactions (which I guess is bad for anonymity).
The Tao of math: The numbers you can count are not the real numbers.
(Score: 4, Insightful) by mcgrew on Sunday September 11 2022, @06:06PM
I want end-to-end encryption. I want banking secrecy.
I want the ultra-rich to actually have to pay the damned relatively small amounts of tax they owe instead of hiding their riches. The only way to have total privacy is stay in a building and never leave and never spend money. As soon as other people are involved you give up an amount of privacy.
Build a house in the middle of nowhere and grow your own food and weave your own clothing if you want total privacy, which is otherwise completely unattainable..
Carbon, The only element in the known universe to ever gain sentience
(Score: 2) by legont on Sunday September 11 2022, @11:06PM
The real elephant is that you never know if your coins were not previously stolen and as such could be confiscated by authorities.
Furthermore, if you spent those coins or exchanged them, you are still liable and your property could be confiscated to cover other people loses.
All the tech is there and just waiting for the will of the authorities.
"Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
(Score: 2) by Username on Monday September 12 2022, @09:58AM
What is the point in crypto if the government can seize it at will?