As the general understanding of how digital assets work, along with the popularization of cryptography, has become more subtle, the “anonymity language” of bitcoin (BTC) is slowly becoming a thing of the past. High-level law enforcement operations, such as the one that recently resulted in the U.S. government seizing $3.6 billion in cryptocurrencies, are particularly useful in resurrecting the idea that assets whose transaction history is recorded in a public distributed ledger are better described as “pseudo – names.” And that such a design is not particularly suitable for those who want to get away with stolen money.
No matter how hard criminals try to hide the movement of illegally obtained digital money, it is likely that at some point in the transaction chain they will refer to addresses to which personal data is linked. This is how it happened in the case of Bitfinex, according to documents released by the US government.
Very convenient very early
A gripping statement from an Internal Revenue Service Criminal Investigation Service (IRS-CI) specialist describes an operation in which U.S. federal agents rounded up a couple suspected of laundering stolen money in the 2016 Bitfinex hack.
The document describes a large-scale process of masking the traces of stolen bitcoins, which involved thousands of transactions passing through several transmission centers, such as dark web marketplaces, offline wallets and centralized cryptocurrency exchanges.
In the first stage, the suspects used the stolen cryptocurrency in a Bitfinex heist through the AlphaBay dark market. From there, part of the funds went to six accounts on various cryptocurrency exchanges, which investigators later found were registered using email accounts with the same provider in India. The emails had similar naming patterns while the accounts showed similar trading behaviors.
Related: Understanding Bitfinex Bitcoin Billions
The chain continued, and the BTC pursued by law enforcement was transferred to a large number of self-employed wallets and other exchange accounts, some of which were registered under the real name of one of the suspects. After telling the detectives, the reader finally gets the impression that Elijah Lichtenstein and Heather Morgan at some point felt they had done enough to cover their tracks and that they could spend some money on themselves.
That’s it: gold bars and a Walmart gift card that were bought with funds that could be returned in a Bitfinex hack and delivered to Liechtenstein and Morgan’s home address. Everything was in the registry. The resulting report reads like a convincing description of the crime, constructed in reverse, using an immutable record of transactions.
Follow the money
Perhaps the scale of the investigation was more frightening than the scale of the money laundering operation. Despite years of attempts by the suspects to hide the movement of funds, government agents gradually managed to find traces of most of the stolen BTC and eventually confiscate them. This shows that the ability of the US government to track funds on the blockchain is at least on par with the tactics used by the people behind some of the major cryptocurrency heists to avoid the law.
Speaking about the investigation, Marina Khostova, CEO of Crystal Blockchain Analytics, noted that the Bitfinex case is particularly complex due to the huge amount of stolen money and the criminals’ intense efforts to cover up their operations. She commented to Cointelegraph:
“Any case of this magnitude that has been going on for years will undoubtedly take a significant amount of time for financial investigators to study and understand the data they have before using it as evidence.”
The US government agents were well resourced and had access to the latest blockchain analysis software while handling the case. It is no secret that some of the top players in the blockchain intelligence industry are providing law enforcement agencies in many countries, including the US, with digital asset tracking software solutions.
One possible explanation for why Liechtenstein and Morgan eventually fell is the sheer indifference with which they fled and began spending the money supposedly laundered in their name. Are they simply not smart enough, or because law enforcement has gone much deeper into the transaction chain than the suspects reasonably expect?
Khostova believes there was “some negligence” in the methods used, when the suspects allowed investigators to obtain one of the key documents that allowed them to link email addresses to exchanges, KYC records and personal accounts, from cloud storage.