Feds trace $4.5 billion cryptocurrency from 2016 hack of Bitfinex

Millard

Elite
Staff member
10+ Year Member
20+ Year Member
Department of Justice
Office of Public Affairs


FOR IMMEDIATE RELEASE
Tuesday, February 8, 2022

Two Arrested for Alleged Conspiracy to Launder $4.5 Billion in Stolen Cryptocurrency​


Government Seized $3.6 Billion in Stolen Cryptocurrency Directly Linked to 2016 Hack of Virtual Currency Exchange​

View Deputy Attorney General Monaco's Remarks here.


View: https://twitter.com/TheJusticeDept/status/1491107346923278342


Two individuals were arrested this morning in Manhattan for an alleged conspiracy to launder cryptocurrency that was stolen during the 2016 hack of Bitfinex, a virtual currency exchange, presently valued at approximately $4.5 billion. Thus far, law enforcement has seized over $3.6 billion in cryptocurrency linked to that hack.

“Today’s arrests, and the department’s largest financial seizure ever, show that cryptocurrency is not a safe haven for criminals,” said Deputy Attorney General Lisa O. Monaco. “In a futile effort to maintain digital anonymity, the defendants laundered stolen funds through a labyrinth of cryptocurrency transactions. Thanks to the meticulous work of law enforcement, the department once again showed how it can and will follow the money, no matter what form it takes.”

“Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “The arrests today show that we will take a firm stand against those who allegedly try to use virtual currencies for criminal purposes.”

Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, New York, are scheduled to make their initial appearances in federal court today at 3:00 p.m. in Manhattan.

According to court documents, Lichtenstein and Morgan allegedly conspired to launder the proceeds of 119,754 bitcoin that were stolen from Bitfinex’s platform after a hacker breached Bitfinex’s systems and initiated more than 2,000 unauthorized transactions. Those unauthorized transactions sent the stolen bitcoin to a digital wallet under Lichtenstein’s control. Over the last five years, approximately 25,000 of those stolen bitcoin were transferred out of Lichtenstein’s wallet via a complicated money laundering process that ended with some of the stolen funds being deposited into financial accounts controlled by Lichtenstein and Morgan. The remainder of the stolen funds, comprising more than 94,000 bitcoin, remained in the wallet used to receive and store the illegal proceeds from the hack. After the execution of court-authorized search warrants of online accounts controlled by Lichtenstein and Morgan, special agents obtained access to files within an online account controlled by Lichtenstein. Those files contained the private keys required to access the digital wallet that directly received the funds stolen from Bitfinex, and allowed special agents to lawfully seize and recover more than 94,000 bitcoin that had been stolen from Bitfinex. The recovered bitcoin was valued at over $3.6 billion at the time of seizure.

“Cryptocurrency and the virtual currency exchanges trading in it comprise an expanding part of the U.S. financial system, but digital currency heists executed through complex money laundering schemes could undermine confidence in cryptocurrency,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “The Department of Justice and our office stand ready to confront these threats by using 21st century investigative techniques to recover the stolen funds and to hold the perpetrators accountable.”

The criminal complaint alleges that Lichtenstein and Morgan employed numerous sophisticated laundering techniques, including using fictitious identities to set up online accounts; utilizing computer programs to automate transactions, a laundering technique that allows for many transactions to take place in a short period of time; depositing the stolen funds into accounts at a variety of virtual currency exchanges and darknet markets and then withdrawing the funds, which obfuscates the trail of the transaction history by breaking up the fund flow; converting bitcoin to other forms of virtual currency, including anonymity-enhanced virtual currency (AEC), in a practice known as “chain hopping”; and using U.S.-based business accounts to legitimize their banking activity.

“In a methodical and calculated scheme, the defendants allegedly laundered and disguised their vast fortune,” said Chief Jim Lee of IRS-Criminal Investigation (IRS-CI). “IRS-CI Cyber Crimes Unit special agents have once again unraveled a sophisticated laundering technique, enabling them to trace, access and seize the stolen funds, which has amounted to the largest cryptocurrency seizure to date, valued at more than $3.6 billion.”

“Criminals always leave tracks, and today’s case is a reminder that the FBI has the tools to follow the digital trail, wherever it may lead,” said FBI Deputy Director Paul M. Abbate. “Thanks to the persistent and dedicated work of our FBI Investigative teams and law enforcement partners, we're able to uncover the source of even the most sophisticated schemes and bring justice to those who try to exploit the security of our financial infrastructure.”

“Financial crime strikes at the core of our national and economic security. With a hack of this magnitude, public and private sector collaboration is crucial to ensure continued consumer confidence in our financial system,” said Acting Executive Associate Director Steve Francis of Homeland Security Investigations (HSI). “Ilya Lichtenstein and his wife Heather Morgan attempted to subvert legitimate commerce for their own nefarious purposes, operating with perceived anonymity. Today’s action demonstrates HSI’s commitment and ability to work with a collation of the willing to unravel these technical fraud schemes and identify the perpetrators, regardless of where they operate.”

Lichtenstein and Morgan are charged with conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison, and conspiracy to defraud the United States, which carries a maximum sentence of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The investigation was led by IRS-CI Washington, D.C. Field Office’s Cyber Crimes Unit, the FBI’s Chicago Field Office, and HSI-New York. The Ansbach Police Department in Germany provided assistance during this investigation.

The case is being prosecuted by Trial Attorneys Jessica Peck and C. Alden Pelker of the Justice Department’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Christopher B. Brown of the U.S. Attorney’s Office for the District of Columbia. Paralegal Specialists Angela De Falco and Brian Rickers and Legal Assistant Jessica McCormick provided valuable assistance. Significant assistance was also provided by Trial Attorney Christen Gallagher of the Office of International Affairs, the U.S. Attorneys’ Offices for the Eastern District of Pennsylvania and Southern District of New York, HSI-Philadelphia, and former Assistant U.S. Attorney Jessica C. Brooks.

A complaint is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
 

Attachments

"...the remarkable number of multi-layered technical measures that prosecutors say the couple did use to try to dead-end the trail for anyone following their money. Even more remarkable, perhaps, is that federal agents, led by IRS Criminal Investigations, managed to defeat those alleged attempts at financial anonymity on the way to recouping $3.6 billion of stolen cryptocurrency. In doing so, they demonstrated just how advanced cryptocurrency tracing has become—potentially even for coins once believed to be practically untraceable.

What was amazing about this case is the laundry list of obfuscation techniques [Lichtenstein and Morgan allegedly] used,” says Ari Redman, the head of legal and government affairs for TRM Labs, a cryptocurrency tracing and forensics firm. Redman points to the couple's alleged use of "chain-hopping"— transferring funds from one cryptocurrency to another to make them more difficult to follow—including exchanging bitcoins for "privacy coins" like monero and dash, both designed to foil blockchain analysis. Court documents say the couple also allegedly moved their money through the Alphabay dark web market—the biggest of its kind at the time—in an attempt to stymie detectives.

Yet investigators seem to have found paths through all of those obstacles. "It just shows that law enforcement is not going to give up on these cases, and they’ll investigate funds for four or five years until they can follow them to a destination they can get information on," Redman says.
"


View: https://twitter.com/a_greenberg/status/1491552582669676549


View: https://twitter.com/a_greenberg/status/1491553467932065807
 
I applaud the dude that pulled this off.

I just don't applaud him for screwing up by playing with his spoils. I would have cashed out as much as I could and disappeared off the face of the earth.

I'll never understand these people that are obviously extremely crafty hackers. They forget the computer made them rich, but it can also track you down.

Same thing with the Silk Road guy, if he would have cashed out and disappeared he wouldn't be rotting for 200 years behind bars.
 
Don't think you can out-think the Government. They have unlimited resources. And... if you do, they can still kill you and get away with it.
 
When they stole it was worth 71 million then that became 4.5 billion. Good luck hiding that.
His problem was that he was married to a dumbass that wanted to flaunt the lifestyle.

Not me, if I could do what this guy did and make off with 10 mil. I would have gone Rambo in a cave for a few years and then never touched another electronic device again. It's not as hard as most people think to disappear as long as you have lots of cash and never use any form of ID, don't contact anyone ever again.

His problem is he stole too much, $71 mil is a lot of coin and when the government wants to get their grubby hands on it you can bet they'll put a lot of time and energy into it just like they do the drug war.
 
When they stole it was worth 71 million then that became 4.5 billion. Good luck hiding that.
Not easy to hide that in any bank around the world as the US has a very long reach. If these people were smart they could have put all that coin onto a hardware wallet that's easily hidden and out of reach of investigators...

Criminals always slip up one way or another and the tenacity of the IRS and FBI really cracked the code so to speak and now crypto is no longer a place to hide ill gotten gains.
 
Wow shocking news, crypto is easier to trace than bank transactions. Oh wait anyone with basic knowledge of blockchain already knows this. Lol @ all these guys who will only buy juice with bitcoin “i need the anonymity” dude its publicly visible to everyone with a computer, wtf are you smoking and can i have some???

Interesting about Monero though, guys always bragging its untraceable, evidently not.
 
If these people were smart they could have put all that coin onto a hardware wallet that's easily hidden and out of reach of investigators
No hardware wallet. I don't get this. They stored the private keys in cloud storage.

The government obtained a search warrant to obtain the keys and decrypted them.

bitfinex-private-keys-hack.jpg

On January 31, 2022, law enforcement gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage account,8 which had been obtained pursuant to a search warrant. The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys.9 Blockchain analysis confirmed that almost all10 of those addresses were directly linked to the hack. Between January 31, 2022, and February 1, 2022, law enforcement obtained approval to execute a lawful seizure supported by probable cause under exigent circumstances and used the private keys from LICHTENSTEIN’s file to seize Wallet 1CGA4’s remaining balance of approximately 94,636 BTC, worth $3.629 billion. On February 2, 2022, the government requested, and on February 4, 2022, a court issued a seizure warrant authorizing the seizure of those funds. Those funds remain secured in the U.S. Government’s possession.

The tracing was challenging but obtaining/decrypting the private keys seemed relatively easy.

Even the Goldline guy was able to hide some cryptocurrency and thwart the feds.
 
Wow shocking news, crypto is easier to trace than bank transactions. Oh wait anyone with basic knowledge of blockchain already knows this. Lol @ all these guys who will only buy juice with bitcoin “i need the anonymity” dude its publicly visible to everyone with a computer, wtf are you smoking and can i have some???

Interesting about Monero though, guys always bragging its untraceable, evidently not.
I posted this almost 8 years ago in the crypto subforum. No one reads it:

 
I posted this almost 8 years ago in the crypto subforum. No one reads it:


Ya to be honest Millard crypto is not a threat for LE, itsin many ways a huge benefit because they can publicly view transactions without even needing a search warrant. They probably prefer criminals using crypto. Traditionally they would need warrants to see stuff like that back in the old days, which means convincing judges.

And as the case this threads about seems to suggest, practically no amount of obfuscation techniques can definitively hide the source either apparently. The crooks in this news utilized a wide range of tactics, all of which seemed to be thwarted.
 
These two clowns that did this, husband/wife team seemed to flaunt the whole thing as if it was a game.

You steal the coin and don't take more than you need. Ten million is more than enough for anyone. The dude dumps his wife because she's obviously a liability(this is what the mob does only they aren't so kind) and you disappear.

Probably have to get some inside help to cash out say $5 million and pay a $5 million transaction fee to someone willing to take the risk to get you your cash.

Retire to some place where you can blend, grow a beard and never touch another piece of ID again in your life. Become a drifter, no one knows who you are and cash will get you just about anything you want no questions asked.
 
No hardware wallet. I don't get this. They stored the private keys in cloud storage.
So close to pulling it off yet they always forget about something.
I feel like this was out of pure laziness/convenience and getting a little too relaxed too quick about the whole situation what made them not split onto few different hardware wallets and deposit them in random vaults around the world
 
They had to have help!! Google Razzlekhan and tell me if you think she has the brains to have actively participated in ANY of this...???
 
So close to pulling it off yet they always forget about something.
I feel like this was out of pure laziness/convenience and getting a little too relaxed too quick about the whole situation what made them not split onto few different hardware wallets and deposit them in random vaults around the world

How would hardware wallets help? Alls a wallet truly is-is a store of access, crypto is not stored on a hardware wallet anymore than it is stored on a soft wallet, crypto is always on the blockchain where its publicly viewable but not publicly accessible. Wallets simply store the access.

Best to view wallets for crypto not as something that holds the money like a typical wallet, but rather something that holds the keys that open the safe where the money is stored. Now imagine that safe is made out of transparent plexi glass. Everyone can see whats inside it, but only the key can open it, and the key is in the owners wallet.
 
Best to view wallets for crypto not as something that holds the money like a typical wallet, but rather something that holds the keys that open the safe where the money is stored. Now imagine that safe is made out of transparent plexi glass. Everyone can see whats inside it, but only the key can open it, and the key is in the owners wallet.
Good analogy. Where you store the key is very important too. Do you store it in the cloud? Your PC? Your mobile phone? Hardware wallet? In your brain?
 
Back
Top