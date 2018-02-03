How Do You Hide Stolen Cryptocurrency?

by Tyler Durden
Sat, 02/03/2018 - 19:11

The anonymous nature of digital wallets continues to stymie investigators in last week's theft of 58 billion yen ($530 million) worth of NEM cryptocurrency from a Tokyo exchange, the biggest cryptocurrency heist in history.

Authorities know which user accounts were affected by the Jan. 26 hacking, and the accounts holding the pilfered funds can be immediately identified because the virtual coins are traceable. And, as the Nikkei writes, if the Coincheck exchange case were a regular bank robbery, identifying the bank accounts holding the stolen money would let law enforcement easily return the funds to victims.

But individuals who open a bank account must identify themselves, and no such requirement exists for opening a digital wallet. Anyone can obtain an anonymous digital wallet as easily as walking into a store and paying cash for an actual wallet.

That helps explain why Coincheck and the NEM Foundation, the international organization that manages and promotes the currency, are having trouble identifying the owners of the wallets and demanding the restoration of funds.

The foundation, which tags the NEM coins, could rewrite the blockchain virtual ledgers and forcibly return the stolen funds to Coincheck. But the NEM group has pledged never to rewrite blockchain records, so even those "transactions" resulting from a hack will remain valid.

The Tokyo Metropolitan Police Department had received communication logs maintained by Coincheck as of Thursday. The logs are being analyzed for any violation of Japanese anti-hacking laws, but the investigation is expected to encounter challenges similar to those in past cybercrime cases.

In 2015, servers belonging to the state-run Japan Pension Service sustained a cyberattack in which computer viruses were used to obtain names, identification numbers and other data belonging to some 1.25 million people. The next year, travel agency JTB suffered a data breach affecting 6.79 million customers. In both cases, the hackers may have infiltrated systems via offshore servers, but no suspects have been named to date.

When Mt. Gox went bankrupt in February 2014 after a massive amount of cryptocurrency went missing from its exchange, it took about a year and a half for authorities to arrest CEO Mark Karpeles, who was suspected of falsifying account data. Investigators went as far as crunching data in servers located in the U.S.

Meanwhile, on Saturday, the infamous Coincheck exchange said it was preparing to announce a timeframe when yen withdrawals can begin. All yen deposits registered to customer accounts are being stored in a customer-specific account in a major financial institution, the exchange said adding that cryptocurrencies registered to customer accounts have been transferred out of hot wallets and are being stored in cold wallets, etc. And Google translated in its entirety:

As we are announcing at the release on January 30, 2018, we are currently undergoing verification and verification of technical safety etc. accompanying Japanese yen withdrawal, and we are preparing for resumption We are. Based on the confirmation / verification that we are doing with the cooperation of outside experts, we will inform you of the timing of resumption of Japanese yen withdrawal.

The Japanese yen held by the customer in the account is preserved in the customer exclusive account of the financial institution. Also, with respect to the virtual currency (BTC / ETH / ETC / LSK / FCT / XMR / REP / XRP / ZEC / LTC / DASH / BCH) which the customer has in the account, evacuate from the hot wallet, We keep it.

We are sorry for the inconvenience for a while, thank you for your consideration.

Meanwhile, someone is half a billion richer following the Coincheck theft, and nobody has any clue who it is.

Tags
Business Finance
Search Engines

Comments

Vote up!
 7
Vote down!
 0
Conscious Reviver Sizzurp Feb 3, 2018 8:04 PM Permalink

Billions worth Mt. Gox bitcoins 'not lost': Someone doesn't want them found - RT source

“Autumn Radtke and her team and others, quietly found half the bitcoins that were supposedly stolen by Mt. Gox,” Mook told RT exclusively.

...

“We had hopes the balance of the 'lost' Mt. Gox coins could be recovered as well.”

According to him, Radtke was found dead shortly after a Japanese court was advised of the finding. “Her team and others associated with the effort disappeared. Websites closed down. This is a frightening development. That person and that team, me included, were frightened off.”

https://www.rt.com/business/415044-mt-gox-collapse-bitcoin/

Intel Management Core in action?

Vote up!
 0
Vote down!
 0
Klassenfeind Conscious Reviver Feb 4, 2018 4:58 AM Permalink

"The foundation, which tags the NEM coins, could rewrite the blockchain virtual ledgers and forcibly return the stolen funds to Coincheck. But the NEM group has pledged never to rewrite blockchain records, so even those "transactions" resulting from a hack will remain valid."

So basically the whole blockchain technology is so good that at the same time it's also the root cause of why it will never become mainstream?

Vote up!
 12
Vote down!
 0
Buckaroo Banzai Automatic Choke Feb 3, 2018 7:47 PM Permalink

The wallet with the stolen coins is being monitored, and if any transactions are made out of the wallet, they will immediately appear on the blockchain (I'm assuming NEM uses a public blockchain, I'm not familiar with that coin in particular, but AFAIK it's not a privacy coin). Coincheck already notified all the other exchanges not to accept any transactions from the wallet with the stolen coins, so the thieves will not be able to use exchanges to turn the stolen NEM into other coins, or fiat dollars. Furthermore, if the thieves try to transfer the coins to another NEM wallet, that wallet will now be tracked. As coins are transferred into other wallets (either legitimately or illegitimately) a network of wallets will develop that can by analyzed by a social network analysis tool like Palantir.

This is not like stealing cash out of a bank. The thieves will be leaving footprints all over the blockchain, and the more footprints they leave, the easier (relatively speaking) it will be to associate wallet addresses with meatspace human identities. The only hope they have to beat the social network analysis tools is to get their NEM exchanged for privacy coins like Monero, but with the exchanges now on alert, and P2P exchanges virtually nonexistent, the thieves are going to have their work cut out for them.

 

Vote up!
 1
Vote down!
 0
. . . _ _ _ . . . Buckaroo Banzai Feb 3, 2018 8:14 PM Permalink

How many minutes did it take to notify the exchanges?
The coins had already been traded by then.
Once it becomes fiat, it is easy to hide.

I often wonder how many dark crypto pools there are.
Stolen art is easily traded amongst immoral collectors and kept in private museums.
CIA could use them to buy weapons on the black market.
Stolen coins could easily be used as collateral for loans since they would not be checked.
There are lots of ways around this problem for the thieves.

Vote up!
 3
Vote down!
 0
Sabibaby . . . _ _ _ . . . Feb 3, 2018 8:26 PM Permalink

Most exchanges require you to verify to make trades and the more verification you do entitles you to more money you can transfer deposit/withdraw so if all the sudden 400 million dollars worth of XEM shows up in your account some red flags are going to go up. Once the XEM is in there and you convert it to BTC -> XMR(Monero) and withdraw, your verification (how much ID info you've given them for tax purposes) means you can only withdraw $10K worth of XMR (per day/week). If you kept it as BTC and you send it over to say GDAX to turn into fiat, your have to verify with them as well. So now you $10K turns to fiat and gets deposited into your bank which of course gets flagged by IRS. 

 

TLDR; Basically it would take a really long time to turn $400 Million worth of XEM into fiat (in the US at least) anonymously. 

Vote up!
 1
Vote down!
 0
Sabibaby . . . _ _ _ . . . Feb 3, 2018 8:36 PM Permalink

The only thing I disagree with is the "once it becomes fiat ..." because you're not going deposit $400 million dollars anywhere without getting some attention. I think it would have been better to take smaller amounts of XEM and convert those amounts to Monero slowly rather than taking it all at once. You could then go from Monero back to Bitcoin or whatever and withdraw to fiat or better yet just buy stuff with XMR and BTC like Lambos. Penthouses, and Yachts.

Vote up!
 1
Vote down!
 0
Sabibaby . . . _ _ _ . . . Feb 3, 2018 8:50 PM Permalink

There are crypto-launderers and there are bounties for stolen cryptocurrencies and LEO has shutdown exchanges and tracked people down who don't cover their tracks and use Monero so if you know a way cool but seems pretty difficult to me. Whoever has all the XEM clearly didn't think all this through.

 

In this article -> http://blocktribune.com/crypto-exchange-coincheck-hackers-start-moving-… it explains that the market can't even absorb that much XEM being dumped on it. 

That would be like needing 400million worth of BTC or 44,444 Bitcoins...

Vote up!
 1
Vote down!
 0
. . . _ _ _ . . . Sabibaby Feb 3, 2018 10:49 PM Permalink

The black market can and does.
$1M gold coins can be melted down and famous diamonds can be re-cut, but art cannot be altered.
That does not prevent paintings and sculptures from being stolen. Stolen paintings disappear for decades or more.
Crypto coins can disappear forever and still be used everyday.
Private blockchains (darkchains?) can easily be built. XEM is Java now but will be C++ open-source very soon.
Maybe that's why it was targeted. Dunno', but if I had just stolen something everybody in the world was looking for, I wouldn't be thinking about legitimate exchanges and markets, and I'd be willing to sell at a discount. Lotsa' shady buyers at 90% off.

I'm not saying that that's what happened, all I'm saying is that there is no reason that this cannot happen. The facilities already exist. And if it did, it would be pretty quick, or may even have been pre-planned.

Vote up!
 2
Vote down!
 0
Buckaroo Banzai . . . _ _ _ . . . Feb 3, 2018 11:22 PM Permalink

You can sell it at a face value, or at a big discount, but either way the transaction is going to be written into the public blockchain, with a pointer to the new wallet address. Maybe there are exchanges on the dark web, but it's doubtful they have the kind of liquidity necessary to absorb even a tiny fraction of that amount of XEM without crashing the price flat.

Vote up!
 0
Vote down!
 0
ed31337 . . . _ _ _ . . . Feb 4, 2018 3:59 AM Permalink

That would be very illogical to me. A dark exchange with a forked blockchain isn't even the same coin anymore. Why bother stealing the original coins in the first place? Just ICO some dark coins, it would be a lot less hassle and incur zero potential legal problems down the road.

Let's look at this in a different angle: Say I legitimately own a modest amount of NEM coin, but I want it to be worth even more.  If someone happened to steal a huge pile of OTHER people's NEM coins and permanently took them out of circulation, my modest pile of NEM coins are now theoretically worth more because there are fewer total NEM coins available on the open market. I can freely trade my coins in full public view because, hey, -I- wasn't the guy who stole all those NEM coins and tainted them, MY coins were totally legit and still are...  

First through inflation, then through deflation, all your base are belong to us.

Vote up!
 0
Vote down!
 0
Automatic Choke Buckaroo Banzai Feb 3, 2018 11:46 PM Permalink

Thanks, Buck.   That jives with what I understood.  Sounds safer to hold up a bank.

 

One more serious question.    Since these are widely known to have been stolen, and have not been transferred out of the wallet they presently reside in, why does the community not simply transfer them back (either by rolling back the blockchain, or by writing a new transfer to steal it right back to the original owners)?

 

Vote up!
 10
Vote down!
 3
GoldenDonuts Feb 3, 2018 7:23 PM Permalink

What does it cost now to "mine" a bitcoin?  $4k?  more or less.  Once you have burned all of that coal to heat that water and turn those turbines to create all that energy to run your computer and create your bitcoin.  What do you have? 

A "token" that will probably get hacked from you the millisecond after you hit the enter button on your computer to cash in said bitcoin.  Oh and the hacker probably got your credit card information to boot.

On the other hand gold costs less that $1300 to mine.  After you burn all of that diesel to run those machines and dig up that ore so that you can crush those rocks and separate the metals so you can refine your gold.  What do you have?

A gold coin or bar that cannot be taken from you without force and has been considered valuable by humans the world over since before the U.S. of A was a country, before Columbus sailed to the new world, before Rome ruled the known world, before Greece did the same. 

Which would you rather have?

 

Got Gold?