The technical aspects of how law enforcement identified them and seized much of the loot have gained less coverage. Below the fold I look into this aspect of the case, using what information is public.
By far the most interesting source is the 20-page Statement of Facts filed by Christopher Janczewski, a Special Agent assigned to the Internal Revenue Service, Criminal Investigation (IRS-CI). It provides a detailed timeline of the important transactions, which in summary is:
- In August 2016 someone compromised Bitfinex, and made over 2000 unauthorized transfers totalling 119,754 BTC from Bitfinex wallets to a wallet the IRS names 1CGA4s.
- Starting in January 2017 a series of transfers that attempted to evade tracking moved some coins to at least 7 accounts at the darkweb marketplace AlphaBay.
- From January to April 2017 a series of similarly evasive transfers moved coins from AlphaBay accounts to 6 of 8 accounts at an exchange identified as VCE1 registered with addresses at an Indian e-mail service. Some or all of these transfers used "chain-hopping" via Monero.
- VCE1 was unable to verify the owners of these accounts, which were frozen in February and March 2017. The remaining contents were later seized by law enforcement.
- Then came the first key break in the case. No later than May 2017 law enforcement compromised AlphaBay, which had been breached twice before in April 2016 and January 2017. In July 2017 Candian police seized the servers, and Alexandre Cazes was arrested in Thailand. A few days later he was found dead in his cell. Presumably, law enforcement were able to connect the withdrawals from AlphaBay to the deposits from wallet 1CGA4s.
- Before they were frozen, these accounts transferred coins to an account at US-based VCE5 in Lichtenstein's name which had been created in January 2015, to a US-based VCE4 using an account with addresses at the Indian e-mail service, and to accounts at VCEs 6 through 10. Thus law enforcement were able to identify Lichtenstein as a probable launderer of Bitfinex loot by July 2017, and start tracking his activities.
- Between March 2017 and October 2021 Lichtenstein and Morgan converted about $2.1M worth of BTC from the VCE7 accounts and about $750K from the VCE8 accounts into USD at US banks.
- Between January 2019 and November 2020 transfers occurred between two VCE4 accounts using Russian e-mail IDs and accounts at VCEs 7 and 8 in the names of companies controlled by Lichtenstein and Morgan. The VCE4 accounts were funded only with Monero. Although the source for the Monero was unknown, the destination connected Lichtenstein to the two VCE4 accounts, and thus made it likely that the Monero was funded from 1CGA4s.
- VCE4 was unable to verify the owner of the two accounts and froze them, but not before the bulk of the funds had been converted to BTC and withdrawn.
- Between February 2019 and December 2020 about 117 BTC flowed through a cluster of wallets (Cluster 36B6mu) from the VCE4 accounts to accounts linked to Lichtenstein and Morgan. Some went to buy a $500 Walmart gift card which Morgan used for purchases delivered to Morgan's home address.
- In 2021 agents executed a search warrant for one of Lichtenstein's US e-mail accounts, and received a copy of the related cloud storage, which was encrypted.
- Then came the second key break in the case:
On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account. Most notably, the account contained a file listing all of the addresses within Wallet 1CGA4s and their corresponding private keys. Using this information, law enforcement seized the remaining contents of the wallet, totaling approximately 94,636 BTC, presently worth $3.629 billionThe Statement of Facts doesn't specify how the decryption was implemented. My guess would be that it was the result of a man-in-the-middle attack.
David Gerard covered the Bitfinex hack in Chapter 8 of Attack of the 50 Foot Blockchain. He reports the explanation proffered by Phil Potter, not the most reliable source:
In 2016, Bitfinex kept customers’ bitcoins segregated — each customer’s holding was in its own separate multi-signature blockchain address.Gerard speculates Could Morgan and Lichtenstein have done the 2016 Bitfinex hack?:
You needed two of the three keys to the address to move bitcoins out of it. One key was held by Bitfinex, one by BitGo, and one by the customer.
BitGo had built an API for Bitfinex to use. This was not a public interface — only the two companies knew about it.
Bitfinex would pass transactions to BitGo via the private API. BitGo checked the transaction against their policy for that address, and signed if it was OK.
The API allowed policy changes — but a bug in the API meant you could set global limits, that applied to all customer addresses, without it being flagged for human review.
The hacker somehow got into Bitfinex’s systems, got access to an account that could change global limits, set the limit very high … and drained 2000 customer addresses into a single address.
The hacker had information you’d need to be a Bitfinex or BitGo insider to know:It seems unlikely that Morgan and Lichtenstein were patsies. Lichtenstein had the key to the 1CGA4s wallet in the file law enforcement decrypted. A hacker looking for patsies would not give them the key to the whole stash.
Could you get that information and access — or get to somewhere you could get that information — by talking your way past someone?
- that the API existed;
- code for the API, to see the bug in it;
- access to Bitfinex systems to send valid requests to BitGo.
Morgan has bragged at length about her social engineering skills. [YouTube] How good she is, that’s questionable. But you don’t need to be very good at all to be better than crypto average.
Of course, the other reason I won’t say “they did it” is that if you were looking for patsies, Morgan and Lichtenstein fit the bill perfectly. Or the hacker was looking for a Reggie Fowler to turn the bitcoins into money in bank accounts.
If the Department of Justice won’t say Morgan and Lichtenstein are the hackers, I’m not going to declare they are. But I will say that they have the minimal skills needed to even try this. And definitely the bull-headed persistence.
Andy Greenberg writes $3.6 billion bitcoin seizure shows how hard it is to launder cryptocurrency:
“What was amazing about this case is the laundry list of obfuscation techniques [Lichtenstein and Morgan allegedly] used,” says Ari Redbord, the head of legal and government affairs for TRM Labs, a cryptocurrency tracing and forensics firm. Redbord points to the couple's alleged use of "chain-hopping"—transferring funds from one cryptocurrency to another to make them more difficult to follow—including exchanging bitcoins for "privacy coins" like monero and dash, both designed to foil blockchain analysis.Greenberg discusses the Monero-funded VCE4 accounts:
It's possible that the IRS investigators didn't actually trace monero to draw that link, points out Matt Green, a cryptographer at Johns Hopkins University and one of the cocreators of the privacy-focused cryptocurrency zcash. They may have found other evidence of the connection in one of the defendant's records, just as they found other incriminating files in Lichtenstein's cloud storage account, though no such evidence is mentioned in the IRS's statement of facts. Or they could simply be making an assumption unsupported by evidence—though that's not a common practice for federal agencies prosecuting a high-profile criminal case years in the making. "The third possibility, which I would definitely not rule out, is that they have some tracing capabilities that they're not disclosing in this complaint," says Green.
Tracing monero has long been suggested to be theoretically possible. A 2017 study by one group of researchera found that in many cases, they could use clues like the age of coins in a monero transaction to deduce who moved which coins, though Monero subsequently upgraded its privacy features to make that far harder to do.Molly White has two timely blog posts, Anonymous cryptocurrency wallets are not so simple and Cryptocurrency off-ramps, and the shift towards centralization. In the first she writes:
The cryptocurrency tracing firm Chainalysis, which counts the IRS as a customer, has privately touted its own secret methods to trace monero. Last year hackers leaked a presentation to Italian police in which Chainalysis claimed it could provide a “usable lead” in 65 percent of monero tracing cases. In another 20 percent of cases, it could determine a transaction's sender but not its recipient. “In many cases, the results can be proven far beyond reasonable doubt,” the leaked presentation read in Italian, though it cautioned that “the analysis is of a statistical nature and as such any result has a confidence level associated with it.”
The unspoken message to the Lichtensteins and Morgans of the world: even if your rap videos and sloppy cloud storage accounts don't get you caught, your clever laundering tricks may still not save you from the ever-evolving sophistication of law enforcement's crypto-tracers.
It is fairly trivial at the moment for a person to operate at that second layer of anonymity, where their identity is known to various companies (and thus to law enforcement if need be), but not publicly. But that third level, what might be described as true anonymity, is what cryptocurrencies have been promising from the earliest days: no interference from governments and the legal system, no one to tell you whether or not you can send or receive currency based on who you are, no ability to tie a transaction back to an individual. And that level is becoming increasingly unachievable.Morgan and Lichtenstein definitely ran into this problem. Once law enforcement had identified them as suspects, they were able to work back from deposits into accounts they controlled to, for example, identify the VCE4 accounts.
As I wrote previously, the true challenge with anonymity comes not from creating a fresh new wallet. It comes from funding that wallet without tying it back to an identifiable source.
White explains how difficult Bitcoin operational security is:
Let’s even generously assume that this person is able to maintain the surgical care that was required to create and fund an anonymous wallet, in perpetuity: They never confuse it with their other wallets and perform an ill-advised transaction that can be linked back to them, they never make enough transactions that can be compared to their known actions and used to infer a link, they never use the address with any of the many services that require KYC self-identification these days, and they are careful to always use a privacy-focused VPN when accessing web-based crypto services so their real IP isn’t logged.White delves into this barrier between the HODL-er and their Lamborghini in the second post:
But what we have begun to see with increasing frequency is users of wallets with anonymized funds encountering major difficulties when it comes to taking their cryptocurrencies and exchanging it back into traditional currency.
Because the actions that enable privacy and anonymity with crypto are the same as the ones that enable criminal behavior—using cash to buy crypto, mixing currency through tumblers, and using less-popular and less-centralized exchanges and platforms, for example—cryptocurrency exchanges and financial institutions appear to be increasingly unwilling to allow anyone who engaged in these behaviors to cash out, particularly as regulators begin to turn their eyes to the space. It seems that people who wish to engage with cryptocurrencies are more and more being pressured into using only the parts of the system that look a whole lot like traditional banking (but with fewer protections): a small number of highly-centralized platforms with strong KYC. If they don’t, they have to accept the risk that they may not be able to cash their money back out down the line: issues that people are increasingly beginning to encounter.White cites two recent examples. A woman whose bank refused to accept a cash-out transaction because, years before, she had deposited cash with the exchange to buy the Bitcoin. A HODL-er who tried to borrow cash from BlockFi, but was refused because the HODL-er from whom he purchased the Bitcoin had passed it through a mixer. In both cases the institutions were scared of being accused of violating KYC/AML rules.
Morgan and Lichtenstein definitely ran into this problem too. They lost significant amounts in accounts frozen because they failed KYC/AML verification.
What can we learn from this?
- Morgan and Lichtenstein were able to transact significant amounts using newly-created accounts at exchanges before KYC/AML verification. Exchanges should prevent withdrawals until KYC/AML checks are complete.
- Nevertheless, KYC/AML verification by exchanges was partly successful; Morgan and Lichtenstein lost significant funds in frozen accounts and were unable to convert most of the loot to fiat currency.
- The Statement of Facts doesn't have much information on the effect of KYC/AML at banks, but it does describe Morgan and Lichtenstein committing fraud by providing false information to US banks. Clearly, improving the rigor of these verification processes is important.
- Mixers and tumblers are high-value targets; compromising them should be a priority for law enforcement.
Twitter user Ethmuppet said they scored “a piece of crypto history” when they purchased two NFTs from Heather Morgan, the eccentric entrepreneur arrested alongside her husband on Tuesday for attempting to launder $4.5 billion in looted cryptocurrency. But hours later, the NFTs were gone. They had suddenly disappeared from OpenSea, the NFT marketplace where Ethmuppet paid roughly $600 to own images made by Morgan’s rap persona, Razzlekhan.Not to worry, Ethmuppet! The NFT you purchased is immutably stored on "the blockchain". In this decentralized world no-one can take it away from you (maybe). Whether the link in it resolves to the image you expect, or to anything at all is another matter, as is your ability to profit from your investment if it isn't visible on OpenSea. Isn't decentralization wonderful?
Ethmuppet told BuzzFeed News that OpenSea hasn’t refunded their money and said they feel “rugged” by the $13 billion company. They believe they could have sold the NFTs at an enormous profit — Razzlekhan’s brand has since ascended from failed criminal mastermind to unlikely antihero — and had even listed one of the images at $100,000 before it was taken down.