The FBI probably took advantage of sloppy password storage to seize the colonial ransom

The FBI seal hangs in the Flag Room at the office’s headquarters.

Chip Somodevilla | fake images

The FBI’s breach of a bitcoin wallet held by cybercriminals who attacked Colonial Pipeline has to do with careless storage and not a reflection of a security vulnerability in the digital currency, crypto experts told CNBC.

On Monday, the Justice Department reported a successful mission to recover $ 2.3 million in bitcoins paid by Colonial Pipeline to ransomware hackers in April. Court documents indicated that investigators traced bitcoin transaction records to a digital wallet, which they subsequently seized by court order. Officials were then able to access that wallet with something called a “private key” or password.

It is unclear how exactly the FBI recovered the key.

“I don’t want to give up our craft in case we want to use this again for future endeavors,” Elvis Chan, an assistant special agent in the FBI’s San Francisco office, said in a conference call Monday.

How the FBI probably got hold of Bitcoin

Until the FBI is more transparent with its methods, it is not possible to know exactly how federal investigators managed to recover the private key in question. But there are some possible scenarios.

DarkSide, the cyber criminal gang that attacked Colonial, allegedly used a payment server to collect the funds.. A centralized platform like this is relatively easy for the FBI to track down.

“Tracking the money remains one of the most basic, yet powerful, tools that we have,” said Under Secretary of Justice Lisa O. Monaco in a statement Monday.

“Because these transnational organized criminal groups are facilitating these payments in cryptocurrencies, and because of the transparency and traceability that cryptocurrencies provide, it is actually possible to track the money more effectively and potentially mitigate and stop the illicit activity within it. ecosystem, than with traditional finance and fiat currencies and payments, “explained Jesse Spiro, global director of policy for Chainalysis, a company that provides blockchain forensic and investigative services to private sector companies, including crypto exchanges.

When a ransomware-related payment is made, Chainalysis is capable of producing and generating what Spiro characterizes as “unprecedented intelligence and information regarding the supply chain.”

Chainalysis was unable to discuss any details about the colonial investigation.

Once the FBI had that wallet in hand, it is extremely unlikely that they would break something called the “Elliptical Curve Digital Signature Algorithm,” which is how digital currency ensures that only the rightful owner can spend Bitcoins.

“In fact, that’s so far-fetched, it’s impossible,” said Nic Carter, founding partner of Castle Island Ventures.

What’s much more likely, according to Carter, is that they were able to access a server where hackers stored private key information. That doesn’t point to any fundamental flaw in bitcoin security, but rather a case of poor IT hygiene for a criminal organization.

Just take the 2014 hack of Mt. Gox, once the leading bitcoin exchange. It was the first high-profile hack in the history of cryptocurrencies. The exchange went bankrupt and lost 750,000 of its users’ bitcoins, plus 100,000 of its own.

“Bitcoin itself worked perfectly, but what worked imperfectly was its system of storing your private keys,” Carter explained.

This is the reason why some cybercriminals take their coins offline to cold storage, in order to isolate nefariously earned tokens from government and law enforcement.

“If you want to store your coins really out of the state, you can just save those private keys directly. That’s the equivalent of burying a gold bar in your backyard, ”Carter said.

Setting a good precedent

A former chairman of the US Commodity Futures Trading Commission believes that the FBI broke into a cybercriminal’s crypto wallet actually sets a good precedent for acceptance of cryptocurrency.

“It shows that the bitcoin blockchain is not hostile terrain for law enforcement,” said Chris Giancarlo. “It shows that it is not a perfect tool for criminal activity.”

Mati Greenspan, portfolio manager and founder of Quantum Economics, agrees that the gap bodes well for Bitcoin.

Many market participants, including myself, were expecting President Joe Biden to scapegoat the hack and come up with sweeping reforms, “Greenspan said.” Instead, they realized what we already knew: that it’s easier for authorities to catch criminals using crypto more than anything else. “

Carter didn’t seem fazed either. “We have seen these types of seizures before, and I am sure we will continue.”

Despite the common stereotype, there is no data to indicate that criminals disproportionately use cryptocurrencies such as bitcoin. In fact, Chainalysis estimates that less than 1% of cryptocurrencies are used for illicit purposes.

Add Comment