While it's possible this it he FBI flexing some muscle that they have a backdoor into bitcoin's hashing algorithm, what seems much more likely (to me) is:
There is a more sophisticated hacking group which created this particular ransomware package. They sell this ransomware package to less sophisticated criminals.
(https://www.theverge.com/2021/5/10/22428996/colonial-pipelin...)
Is it so hard to imagine a scenario where the more advanced creators of this ransomware kit gave instructions to their purchasers on things like private keys, and the end user simply ignored them?
Somebody ignoring a warning when installing a software, and that allowing the FBI to subpeona access to the server where it was running, and grab this private key, seems FAR more likely to me than the FBI having a backdoor into BTC, or this all being a cover spy novel plot, or anything like that.
Thread below indicates what happened is they were incredibly naive and eventually used a US exchange wallet. Just script kiddies really.
https://twitter.com/intangiblecoins/status/14020730011899125...
It wasn't darkside planting the ransomware afaik, but it was someone wanting to get paid through their affiliate program.
It's like if some dumbass was beating the crap out of people to steal their money and everyone in the boxing community was suprised that he's not a world class boxer.
Preimage attacks tend to be much more rare than collision attacks. MD5 for example still has no publicly known practical preimage attacks.
What would you do if you were a foreign intelligence service? Participate in attacks yourself?
No! You would drop hints and supply tools sideways to sloppy groups of idiots enabling them to be destructive, maybe acquiring some funds, and keeping your hands as clean as possible. Then when it comes out that "elite russian hackers" were incompetent idiots, it makes people think the claims of your connection to the crimes are even less likely.
Tricks and disinformation are the name of the game.
If you actually were elite, you would hide and practice and save your actual actions for critical moments and not show your hand for a few million dollars. Or you'd go into security consulting which is a far safer, more profitable, and overall smarter thing to do.
exactly. Look at stuxnet - nobody knew it was an attack until it was over!
If there are millions of people trying to ransomware businesses and hundreds of important businesses with really bad security, depending on how talented the best hackers are - the odds could be quite high you get hacked by a not-so-talented hacker.
this is a true criminal SaaS, partly because its low risk, high reward for the developers and partly because its a russian funded op that needs to cover its ass in the nature of its attacks on democracy and corporatism.
Why not. Remember Elite Russian GRU hackers identified because they all registered their cars with the DMV at the same address? https://www.bellingcat.com/news/uk-and-europe/2020/10/22/rus...
Smart people do dumb things.
They just happen to be in an untouchable legal jurisdiction.
The responsible vulnerability was in Java applets, which I had disabled for security reasons. But Java secretly re-enabled itself after updating. I kept Java uninstalled for a long time after that.
If you imagine the extremely unlikely scenario where the DOJ put out a statement that anyone in the US who happened to extract money out of persons or companies in Russia would not be prosecuted or hindered by US law enforcement, what sort of people would jump in to try their hand at that. It seems to me it would certainly be an attractive idea for script kiddies to jump on to if they felt it was low/no risk.
What is it that's so implausible? That's just one possible interpretation. I see many possibilities here. Below are some, where "The FBI" loosely refers to the bureau, collaborating agencies and their partners and contractors:
* The FBI has (through active exploitation of hosts/services) gained access to a large number of BTC private keys, which they can utilize if and when they become a point of interest
* The FBI has some channel to index and get access to cryptocurrency wallets/private keys from hosts running on cooperating service providers such as GCP, AWS and Azure.
* The FBI continuously monitors for BTC addresses/public keys and opportunistically bruteforces them looking for weak keys, keeping a catalogue of broken ones and waiting until they become a point of interest
* These coins were sent through some anonymization network/protocol/service and the wallet in question actually has no relationship to the hack at all but just belonged to some clueless user.
I have already been assuming all of the above to be going on and this particular instance could be a result of either.
There is also the more boring explanation that these 64 something BTC was supposedly "tumbled" but not enough, transferred to a centralized exchange and subsequently frozen. It's also important to remember that it's not a single group/entity responsible for the whole chain here. Darkside provides the software and affiliate program, and maybe some servers. The attacks themselves are performed by "partners" (who just pay for access and could be anyone anywhere). Most likely the wallet here was not under control of Darkside ("The Russan elite hacker group") themselves but some affiliate who could be anything from a "lucky" clueless script kiddie and an actual professional who made one stupid mistake along the way.
True crime stories abound with comical errors (as do plenty of true not-crime stories). As it turns out, real people fuck up in comical ways all the time.
> I'm supposed to believe some elite Russian hacking group keeps their crypto wallets running on a US host where the FBI just logs right in and snatches the private key?
No, you aren't supposed to believe either (a) that DarkSide are an elite group, or (b) any particular narrative about how the FBI got the private key. AFAICT, no one is selling the first claim, and the only people selling narratives about how the FBI got the private key are doing conspiracy-theory-level creative interpretation of documents.
At the same time, the obvious tin foil hat answer of it was the feds who concocked the entire scheme also doesn't add up. If the NSA/CIA was behind it, they would be smart enough to not use a US based server / wallet. That makes the story inconsistent, and brings up the questions I am asking here. Instead, they would just use a clean wallet (preferably out of Russia). I.E. the misdirection and misinformation does not add up if it was an "inside job" by the US government.
If SHA256 and asymmetric crypto are compromised to this extent, we have a far bigger problem to worry about.
EDIT: as "koheripbal" says below, maybe their tumbler is a boob (paraphrased).
As long as the ignorance stays high, they get government contracts
Think about it for a second.
If they wanted to discourage copycat criminals, the easiest way to do it would be to claim they seized the crypto, right?
But what proof do we have that the feds actually seized anything? Is the bitcoin transaction publicly listed anywhere where we can audit what happened? And even if you see the coins were moved, how do we know it was actually the feds that moved them and not the actual criminals?
I'm sure the feds will sell the bitcoin in the fullness of time, like this:
If the feds falsely claimed to have done it, the criminals could embarrass them by moving the coins again.
Um, what? Did you do a survey of all people who are good at computer security?
Furthermore, maybe the attackers _are_ working a legitimate job. Do we know attacker's life details?
They host their hacking tools and other software close to the victim because if you see your network infrastructure logs linking back to an IP address in Russia or China for example it would immediately rise alarm and suspicion.
“Russian hackers” once again, eh?
It’s not a conspiracy. You just have the cause and effect backwards.
Maybe the US struck a deal with whoever did this to safe face or something.
Anyone competent enough to extort a foreign company out of millions is not going to attempt to cash out through an exchange.
https://www.blockchain.com/btc/address/bc1qq2euq8pw950klpjca...
Which got funds from
https://www.blockchain.com/btc/address/3EYkxQSUv2KcuRTnHQA8t...
This is the wallet explorer used for clustering the wallet
https://www.walletexplorer.com/wallet/123085fff68ee703/addre...
I have no idea why they censored out parts of the bitcoin addresses as googling the uncensored part and transaction quantities lets you find them on countless sites.
What's up with the disparity?
https://www.justice.gov/opa/press-release/file/1402056/downl...
*edited
or by "in possession of the private key" they mean "Coinbase generated the private key earlier and just gave it to the FBI"
the amateur hour doesn't stop there though
Especially together with 'FBI Director Compares Ransomware to 9/11' articles like https://www.foxbusiness.com/technology/fbi-chris-wray-ransom...
And yeah... if the crackers sent the funds to an exchange they were comically dumb.
It seem more likely that the FBI/NSA had and gained some access to the gang's infrastructure and seized the money.
Transmitting ransom money to an exchange without any type of tumbler or atomic swapping, that it's not a realistic scenario.
Maybe they tried to use an ineffective tumbler?
https://www.blockchain.com/btc/address/bc1qq2euq8pw950klpjca...
Theres so many other lower hanging fruit posibilities...
1: they served the server provider with a warrant they provided physical access. 2: their server infra was running vulnerable code for another service. 3. weak passwords / weak security in general 4. they cut a deal with the upstream ransomware providers and were provided with the private key used.
A very odd conclusion because that's not the crypto you need to break to steal some coins.
They kept following transactions on the blockchain, but it's not clear how the private key became in the posession of the FBI.
The FBI specifically has had expanded Congressional authority for like 10 years to operate extraterritorially on cyber matters
FBI agents will show up physically in any country and request cooperation from local municipal police (maybe) to seize electronic property as well as affect arrests in a way compliant with both jurisdictions. Given that private key crypto seizure is consequence free and irrevocable, if the FBI had access to the memory at a foreign data center they could have just taken it without worrying about local procedural nuances.
Using crypto the proper way already shield against this, because you have to assume that you can't trust your own security or the data center operators, let alone the state. The server should only have the Master Public Key[1] for giving a one-time use address and rotating down the index in one of the address trees immediately after any input is received (rotate to a new account upon receipt of funds, new accounts are from an infinite tree of arrays at each node). The mnemonic for the master public key would have been generated offline and never on any device. Moving the funds, whenever one feels like it, can be signed offline and physically handed to a node that will append the signed transaction to the blockchain.
[1]Bitcoin Improvement Protocols - BIP 44 (2014), BIP 39 (2013), BIP 32 (2012)
but anyway I'm leaning towards it being a private key on Coinbase that they got a warrant to check for, and it was correct, and they seized those assets
Since they created the internet, they have field advantage. It's almost impossible not to use a US based provider, it goes as deep as ipv4 distribution.
Forgive me if this is a dumb question; I have not used a blockchain explorer for anything consequential. Isn't that wallet just the last place it ended up? So, you have chain of custody but does that prove that the owner of that wallet is the "target"?
In a way it's similar to getting stuck with counterfeit money. You didn't do anything wrong, but no one is going to just hand you the replacement real money you "deserve" - you just got unlucky.
Can anyone here (hn) add anything?
It seems like steps in the investigation, or process to identifying the bad guys were left out.
Or they installed malware on the hacker's computers and were able to log the private key as it was generated.
Or the hackers foolishly stored the key pairs on a server
Bitcoin is falling and this news does not help because it shows that some aspect is less secure than previously thought.
Could it be that bech32 is less secure than thought?
faulty key pairs being generated is a well known issue with poorly developed wallets, not with Bitcoin itself. None of the popular wallets have this issue so it doesn't undermine Bitcoin.
If the victim pays someone we know which account it goes to, right? Then we know that account is criminal.
If bitcoins move from that account to other accounts we know that accounts that receive them are essentially "hiding stolen goods". So they are criminal accounts as well.
Then at some point they want to get dollars, and FBI can catch them by following where the dollars were sent. No?
Clearly, it's not. This is a pervasive misconception. Bitcoin is not, and is not even meant to be, private. Even with obfuscation attempts, nearly every ransomware gang has their bitcoin payments fully tracked, as this one did. There is a robust industry of blockchain analytics that pulls in many many millions each year surveilling the bitcoin blockchain. Virtually all exchanges (fiat on and off ramps) collaborate with those analytics companies and require full KYC/AML of their customers, and can thus apply their KYC label data to blockchain metadata.
Bitcoin is not account based: it is based on unspent transaction output sets. UTXOs can be combined with many other UTXOs, combined into one, or split into many. This leaves a large amount of potential for obfuscation strategies such as CoinJoin[^1]. Nearly all of these gangs attempt to use CoinJoin or similar but make small mistakes such as being representative of a large amount of the volume, leaking information through timing, combining their outputs into one, or countless other potential errors, and often a simple "FIFO" strategy can trace flows. Obfuscation is not a robust anonymity strategy, and pseudonymity is not anonymity. To quote Vitalik Buterin, "If your privacy model has a medium anonymity set, it really has a small anonymity set. If your privacy model has a small anonymity set, it has an anonymity set of 1. Only global anonymity sets (eg. as done with ZK-SNARKs) are truly robustly secure."[^2]
[^1]: https://en.bitcoin.it/wiki/CoinJoin [^2]: https://twitter.com/vitalikbuterin/status/119646811199575654...
Just like if you put money into my bank-account you will need to know the account-number (i.e. "address") of my bank-account?
I think you are correct about getting dollars out being the risky part, but this way the criminals will at least have a head start in their race against the FBI.
FBI recovers $2.3M in BTC today. Current BTC/USD around $34K today.
34 / 58 = .58
4.4 * .58 = 2.552
Looks like they recovered more or less all of it?
I’m curious what the wallet provider was.
Hah, of course the DoJ office doing bitcoin investigations is in San Francisco.
Also interesting that they were able to recover only $2.3M out of the $4.4M paid. I wonder if Colonial Pipeline will ever see this money.
tl;dr: The hackers used the same full node wallet more than once, and the FBI was able to narrow in on an IP address because the first relay of the transactions was the same across multiple transactions. This server was in California, which allowed the FBI to seize it.
How secure is 256 bit security? : https://www.youtube.com/watch?v=S9JGmA5_unY
does it mean that "tainted" BTC can be seized any time, even if the current holder may have no relation to the original crime?
https://blog.wolfram.com/2021/05/25/sleuthing-darkside-crypt...
Russian hackers have been captured in Israel, Spain, Belarius... Sometimes, after the FBI identifies them, they just watch and wait.
Is it returned to the company, or does the DoJ keep it as an asset forfeiture?
https://twitter.com/thisisbullish/status/1402056137340604418...
How amateur is that…
This is one of several pieces I’ve seen claiming things about Coinbase and embedding documents or other evidence that doesn’t seem to come close to supporting the conclusion.
I’m not saying Coinbase wasn’t used and that that didn't have something to do with the seizure, but its being repeatedly claimed with the same kind of evidence presentation that tends to accompany conspiracy theories.
I doubt Russia is too crazy about the idea of pipelines=targets. Especially one that doesn't even compete with them. 2x especially the billing! 64% of Russian exports are gas and oil.
https://commons.wikimedia.org/wiki/File:Russia_Export_Treema...
SHUTC - Should have used Tornado.cash
SHURENVM+TC - Should have used RenVM and Tornado.cash
It's possible they underestimated how serious things would get and got cold feet.
Or they asked Google to hack the hackers' Android phones!
