DOJ seizes $2.3M in cryptocurrency paid to the ransomware extortionists Darkside
justice.govI think that the people here speculating about the FBI and private keys are greatly overestimating the competency of these hackers.
While it's possible this it he FBI flexing some muscle that they have a backdoor into bitcoin's hashing algorithm, what seems much more likely (to me) is:
There is a more sophisticated hacking group which created this particular ransomware package. They sell this ransomware package to less sophisticated criminals.
(https://www.theverge.com/2021/5/10/22428996/colonial-pipelin...)
Is it so hard to imagine a scenario where the more advanced creators of this ransomware kit gave instructions to their purchasers on things like private keys, and the end user simply ignored them?
Somebody ignoring a warning when installing a software, and that allowing the FBI to subpeona access to the server where it was running, and grab this private key, seems FAR more likely to me than the FBI having a backdoor into BTC, or this all being a cover spy novel plot, or anything like that.
If the FBI has broke any of Secp256k1, SHA256, or RIPE160, (they have not) they’re not going to blow that on a $3M haul.
They just mention they had access to the private key of the account so that makes sense how they got access. If FBI has broken SHA256, then Bitcoin is a done deal. I hope they share how they got access to the private key.
It'd be a big blow but not the end of the Bitcoin
what do you mean? if they broke sha256 in any meaningful way then people can skip (or significantly game) the whole mining thing...
The mining algorithm can just be changed with a hard fork.
The only think that would irrevocably kill Bitcoin is breaking private keys (ie discovering others private keys, or signing transactions without private keys). A fork could not solve it as there'd be no way to prove which coins you actually owned before the fork.
many people speculate that quantum computing would crack private keys in no time.
theres no speculation that this exists, but bitcoin wouldnt last in a commercial world of quantum algos
Wrong. IF there exists a general purpose formula (which isn't known yet) for all quantum problems, so secp256k1 is broken, then it would only reduce the complexity sqrt(N), from 2^256 down to 2^128. Which is unsolvable. (source: Stanford cryptography I course on coursera).
AND even if the elliptic curve cryptography of bitcoin is broken, say you can solve it in a year/month/week/day, the fact is most BTC unspent transaction outputs (UTXO's) are scripted "pay to public key hash".
The entity proving ownership of the UTXO needs to show a public key (that is so far unknown ... if they haven't reused this address before), AND this public key needs to hash into the address, AND the signature signed by the private key verified.
So if somebody announced they had solved secp256k1 and could break it in 1 week, your funds are safe. (1) They probably don't know your public key. Relax. And (2) You just wait for the BTC soft fork to support new crypto, then do a transfer to yourself. You transmit your transaction to the mempool (exposing your public key for the first time), and it will be mined in 10-30 minutes. Not enough time for the hackers to monitor the mempool and come up with a valid signature. Then your new UTXO is a different spend script for how to spend it next time using some new unbreakable crypto.
As long as there was some pre warning that such a quantum computer+algorithm was going to become available, Bitcoin would be able to fork, and users would be able to move their funds to quantum proofed (or at least hardened) wallets.
It surely depends on which aspect of SHA they would have broken, but the whole point of Bitcoin is the hash being completely unpredictable and requiring brute force. That's the Work in Proof of Work.
Bitcoin has contingencies in place to swap out any of its crypto algorithms.
They might be saving for bigger things, however this is a lot more than $3million. It's about holding the US economy hostage, as these will increase in frequency.
Indeed, stopping large-scale oil pipelines means US economy is held hostage, to a degree. Not all of it but some of it. Question is will it increase or not. This FBI action gives us some hope that criminals can be stopped.
Can be stopped? Doesn't sound like this is what happened here, the company paying the ransom is what stopped the hostage. The FBI simply recovered the ransom (and some more), but probably can't cover for the economic damage from the hold-up.
How is this holding the US economy hostage?
Randomware attacks on energy (oil and potentially electric grid) and hospitals. And that's only what we've seen so far.
"Randomware" sounds much more fun. Like Bertie Botts Every Flavor Beans, but for software. :-)
You may know it as "undefined behavior" ;)
XD
I mean we know the hack wasn’t sophisticated at all. It seems to me the hackers are opportunists, scanning for vulnerabilities and weak VPNs. People are confusing grunt work with sophistication. They would’ve used ransomware against any target that they breached that they thought could pay. Too young or too stupid to think through the consequences.
Thread below indicates what happened is they were incredibly naive and eventually used a US exchange wallet. Just script kiddies really.
https://twitter.com/intangiblecoins/status/14020730011899125...
Most likely, that is why i'm convinced US will put regulation in place for "green miners" and "clean exchanges" so US based renewable miners are only allowed to sell and bring new clean bitcoins into circulation.
They use affiliate systems and provide ransomware (that someone else has probably delivered) to the people actually doing the breaches.
It wasn't darkside planting the ransomware afaik, but it was someone wanting to get paid through their affiliate program.
> I think that the people here speculating about the FBI and private keys are greatly overestimating the competency of these hackers.
It's like if some dumbass was beating the crap out of people to steal their money and everyone in the boxing community was suprised that he's not a world class boxer.
It is also possible that criminals made themself look stupid and sacrificed a small part (~70 of 310 BTC) of monthly income to throw FBI a bone, so they can fuck off gracefully.
A "backdoor in bitcoin's hashing algorithm" would not help them recover a private key. "bitcoin's hashing algorithm" is, for PoW, SHA256. The only relevant break for PoW would be a break in preimage resistance; this would allow the attacker to mine blocks faster, which does not allow them to calculate private keys. They could use that to mine an alternate history where the ransomware attack did not occur, but that would of course be immediately obvious.
Preimage attacks tend to be much more rare than collision attacks. MD5 for example still has no publicly known practical preimage attacks.
They seized private key and if it was encrypted/hashed they cracked it. It could've Bitcoin brain wallet and they cracked the actual ASCII password of the wallet.
If the private key was hashed, and they only had the hash, then they could not crack it. Hashing is not the same as encryption.
Hashing is for ensuring data integrity and encryption is for protection of data and information I know it but I meant hashing bitcoin private key with some hashing algorithm in order to conceal it.
Second reply: I saw that you work in applied cryptography and blockchain technology @ Cryptography Services (NCC Group) so you might be familiar with somewhat Grey Hat russian forum InsidePro; back in the day I saw people there requesting Bitcoin private key recovery for their lost private keys or if they encrypted and/or hashed wallet private keys and couldn't recover plaintext anymore and I can say that amateur crackers could recover private keys pretty efficiently and I can only wonder what professional law enforcement agency can do.
If FBI could crack smartphone encryption/protection from multi trillion dollar company I'm speaking about Apple and that terrorist's Iphone then they do pretty much anything.
> amateur crackers could recover private keys pretty efficiently
That's only if the key was derived from a weak password, which allows it to be brute-forced with standard password scanning techniques. If you're even slightly concerned with security you let a computer generate a fully random key using the proper amount of entropy—preferable on an air-gapped system or an HSM (hardware wallet). No one is going to be "recovering" private keys which were generated and handled securely without a very large budget and physical access to the storage medium.
Can they travel faster than light?
I never heard of any criminal that's fast as light so they do not need to be faster than light in order to catch him.
It could've been*
This story makes absolutely no sense at all. The errors present by these hackers are so comical it's simply unbelievable. I'm supposed to believe some elite Russian hacking group keeps their crypto wallets running on a US host where the FBI just logs right in and snatches the private key? I'm starting to entertain the conspiracies that the future of commodities price manipulation is fake ransomware attacks. There needs to be a serious audit of CME derivatives trading. There will come a day when some oil futures trader pays a ransomware group or an employee at a pipeline company and makes billions.
People overestimate criminals. The ones that get caught, especially.
What would you do if you were a foreign intelligence service? Participate in attacks yourself?
No! You would drop hints and supply tools sideways to sloppy groups of idiots enabling them to be destructive, maybe acquiring some funds, and keeping your hands as clean as possible. Then when it comes out that "elite russian hackers" were incompetent idiots, it makes people think the claims of your connection to the crimes are even less likely.
Tricks and disinformation are the name of the game.
If you actually were elite, you would hide and practice and save your actual actions for critical moments and not show your hand for a few million dollars. Or you'd go into security consulting which is a far safer, more profitable, and overall smarter thing to do.
I think it was the RSA hack where the second (and presumed more elite) team had gained access to the first group of hackers and just followed their APTs. Noone really found out about the second group when the story was reported on.
> If you actually were elite
exactly. Look at stuxnet - nobody knew it was an attack until it was over!
People also underestimate the amount of people trying to commit crimes like this.
If there are millions of people trying to ransomware businesses and hundreds of important businesses with really bad security, depending on how talented the best hackers are - the odds could be quite high you get hacked by a not-so-talented hacker.
hacker gangs can make tens of millions dollars. No security consultant makes that much.
Gangs are multiple people, they have higher expenses (can’t go to a normal bank, have to pay off local police, etc.), and the long-term prospects are risky so they need to get rich and find safe places to store the money after laundering it. Plus every so often you get on the wrong side of someone nasty and end up involved in something much riskier or dead.
Even if you’re completely amoral, getting a hefty paycheck, 401k, etc. is going to be appealing to most people with that skill level. It’s not a coincidence that a lot of this happens in places where people have poor career options which makes that more appealing.
Yes, but... if you're in Russia, my understanding is that you really don't have too much to worry about, so long as you only go after targets outside of Russia.
And as long as you're happy with never going outside Russia yourself - I seem to recall a situation some years ago where one culprit was offered a good tech job in the west, and was arrested when arriving at the airport for some scam they did many years ago.
A whole bunch of them have been arrested in or on their way to Dubai, Thailand, Maldives etc.
Hacker gangs also apparently lose 2.4 million dollars at the drop of a hat, which is something that no security consultant ever has to worry about.
> which is something that no security consultant ever has to worry about
There's enough self-styled cypherpunk infosec experts that might insist on being paid only in BTC and then lose their decrypted wallet...
They could also be paid in cash, use that to buy BTC and then lose their wallet. It's a random problem, not related to receiving valid payment for legitimate work.
Yeah, but the same goes for any job. You can't blame your new job when you forgot the keycard to your new office.
Those gangs aren’t one person, and neither are the IT security companies that are making tens (or hundreds) of millions.
right, the deployers are not the people creating the tools.
this is a true criminal SaaS, partly because its low risk, high reward for the developers and partly because its a russian funded op that needs to cover its ass in the nature of its attacks on democracy and corporatism.
“I'm supposed to believe some elite Russian hacking group keeps …”
Why not. Remember Elite Russian GRU hackers identified because they all registered their cars with the DMV at the same address? https://www.bellingcat.com/news/uk-and-europe/2020/10/22/rus...
Smart people do dumb things.
The Mossad did something dumb like that once. Neckties are not widely worn in Israel, so the photo office that made fake passports had some neckties on hand when taking pictures. But only three different neckties. After a while, some other countries caught on.
If they were elite they would have asked for more than $2 million
Who says they're elite? I know that ironically many hackers have poor security practices themselves.
While I suspect the DOJ is leaving out critical information, it is true that these gangs are not nearly as elite as some people imagine.
They just happen to be in an untouchable legal jurisdiction.
It's even more ironic (and troubling) that seeming amateurs managed to shutdown an entire pipeline :)
Can't wait to read this report!
I encountered this myself. I was hit by a browse-and-get-owned zero day. I found out one day later from a blog post, where an anonymous person had hacked the command and control server and wiped the hacker's database in a remarkably brief time. Clearly, their skills were not on par.
The responsible vulnerability was in Java applets, which I had disabled for security reasons. But Java secretly re-enabled itself after updating. I kept Java uninstalled for a long time after that.
I think this is accurate.
If you imagine the extremely unlikely scenario where the DOJ put out a statement that anyone in the US who happened to extract money out of persons or companies in Russia would not be prosecuted or hindered by US law enforcement, what sort of people would jump in to try their hand at that. It seems to me it would certainly be an attractive idea for script kiddies to jump on to if they felt it was low/no risk.
> I'm supposed to believe some elite Russian hacking group keeps their crypto wallets running on a US host where the FBI just logs right in and snatches the private key?
What is it that's so implausible? That's just one possible interpretation. I see many possibilities here. Below are some, where "The FBI" loosely refers to the bureau, collaborating agencies and their partners and contractors:
* The FBI has (through active exploitation of hosts/services) gained access to a large number of BTC private keys, which they can utilize if and when they become a point of interest
* The FBI has some channel to index and get access to cryptocurrency wallets/private keys from hosts running on cooperating service providers such as GCP, AWS and Azure.
* The FBI continuously monitors for BTC addresses/public keys and opportunistically bruteforces them looking for weak keys, keeping a catalogue of broken ones and waiting until they become a point of interest
* These coins were sent through some anonymization network/protocol/service and the wallet in question actually has no relationship to the hack at all but just belonged to some clueless user.
I have already been assuming all of the above to be going on and this particular instance could be a result of either.
There is also the more boring explanation that these 64 something BTC was supposedly "tumbled" but not enough, transferred to a centralized exchange and subsequently frozen. It's also important to remember that it's not a single group/entity responsible for the whole chain here. Darkside provides the software and affiliate program, and maybe some servers. The attacks themselves are performed by "partners" (who just pay for access and could be anyone anywhere). Most likely the wallet here was not under control of Darkside ("The Russan elite hacker group") themselves but some affiliate who could be anything from a "lucky" clueless script kiddie and an actual professional who made one stupid mistake along the way.
> The errors present by these hackers are so comical it's simply unbelievable.
True crime stories abound with comical errors (as do plenty of true not-crime stories). As it turns out, real people fuck up in comical ways all the time.
> I'm supposed to believe some elite Russian hacking group keeps their crypto wallets running on a US host where the FBI just logs right in and snatches the private key?
No, you aren't supposed to believe either (a) that DarkSide are an elite group, or (b) any particular narrative about how the FBI got the private key. AFAICT, no one is selling the first claim, and the only people selling narratives about how the FBI got the private key are doing conspiracy-theory-level creative interpretation of documents.
Also completely baffled how the feds got access to the private key and why an elite Russian hacking group would store their crypto on a US based server.
At the same time, the obvious tin foil hat answer of it was the feds who concocked the entire scheme also doesn't add up. If the NSA/CIA was behind it, they would be smart enough to not use a US based server / wallet. That makes the story inconsistent, and brings up the questions I am asking here. Instead, they would just use a clean wallet (preferably out of Russia). I.E. the misdirection and misinformation does not add up if it was an "inside job" by the US government.
The implausibility of all these scenarios is making me increasingly nervous regarding the other possible ones.
If SHA256 and asymmetric crypto are compromised to this extent, we have a far bigger problem to worry about.
No, they’re not elite, they’re just script kiddies with a payout mechanism.
"Script kiddies" got their name because 20 years ago any kid could download some code and create a DDoS attack by running a pre-written script. Ransomware hacks seem a bit more sophisticated, even with today's highly modular malware. I think it is an interesting proposal: a fake attack as shown by the disparity in savvy between the attack and the payment, or a really dumb screw up.
EDIT: as "koheripbal" says below, maybe their tumbler is a boob (paraphrased).
There's been some reporting of basically a new version of that for the modern "as a service" times, like here https://www.zdnet.com/article/darkside-the-ransomware-group-...
> According to FireEye, affiliates are required to pay up to 25% of ransom payments under $500,000, and 10% of any successful extortion attempts over $5 million.
So the ransomware authors might not always be the people collecting the initial payments. Although according to the press release here, it was siezed from the DarkSide group itself? So it's still a bit confusing.
Question really becomes where did that group get the software from? It could be multiple levels of indirection such as people hired to develop the stuff aren't really connected to activities. They might just as well be contractors not so well paid...
> "Script kiddies" got their name because 20 years ago any kid could download some code and create a DDoS attack by running a pre-written script. Ransomware hacks seem a bit more sophisticated, even with today's highly modular malware.
They're downloadable and leased out.
This allows people to focus on choosing targets instead of the entire vertical integration and liability at each step.
How much sophistication does it take to attack a computer system running software that hasn’t been patched in years?
Many so called "professionals" are still running operations with 5+ year old distributions that haven't been patched in almost as many years, and servers that people are afraid to reboot. I was once contracted by a company that was literally afraid to have any employees reboot a server because they had no idea how it worked, if it would come back up, and what to do if something didn't restart. They wanted an outside guy to take the blame.
Would’ve been a decent opportunity to contract a job paid half up front.
I took the job on the side. It was literally the equivalent of "set up a couple of static web servers with FTP accounts, and move everything over." It was about 8 hours of work and 100 hours of meetings.
./nestea.o
I was reading the article in utter confusion too. I personally think it's the authorities trying to save face, as I don't think even a computer-literate high school kid would make these mistakes.
"Save face" for whom? It wasn't the US gov who got hacked or paid the ransom, it was the Colonial Pipeline Company.
The US Judicial system which tries to flex its "unlimited" reach.
„ If sanctioned the US government could almost certainly 51% attack any given crypto and redirect funds to whoever they want”
51% attacks don’t allow for withdrawing funds from an account - only for rolling back recent transactions
Most mining takes place in China, so no, they can't do anything.
I don’t think it’s an understatement to say that their reach kind of is. If sanctioned the US government could almost certainly 51% attack any given crypto and redirect funds to whoever they want. This isn’t what happened but it’s laughable to think the US government isn’t capable of tracking down the account and seizing coins.
I doubt they could 51% Bitcoin with any sort of haste. Perhaps with a few year plan. Simply put it’s a procurement issue. There are limited ASICS and they are distributed among many operators, mostly foreign. There aren’t massive ASIC stockpiles in the US just waiting to be purchased. A government 51% attack would probably involve doing a private chip run.
> I doubt they could 51% Bitcoin with any sort of haste.
From when they planned for the capacity, probably not. But how do we, at any time, know that hasn’t happened in the past?
> A government 51% attack would probably involve doing a private chip run.
Sure, and when that classified capacity is acquired via, say, the NSA’s black budget, we’ll all know before (or, heck, even after, until they decide to something disruptive with it) they decide to light up the capacity...how?
OTOH, any attack won’t just be to redirect funds, because that can’t be done without broader disruption that would make it pointless for that purpose.
Also even if 51% attack is succeeded, then BTC price would crash so victim can't collect original $.
then the hackers would just send a little bit at a time in case it gets intercepted
It was just an example. If the US government is dead set on hurting you they can and will; that’s my point.
Do we have reason to believe they don’t have that capability? There are very few who have escaped the long arm of the DOJ.
That you know of.
This could have been far downstream from the hackers themselves. They might just have been monitoring the bitcoins and waiting for some to land in one of many addresses for which they have the private key. Presumably FBI is continuously scooping up whatever private keys they can.
Yeah Elliptic and Chainanalysis make all their money by convincing people that all transfers are of the same Ultimate Beneficial Owner until it hits an exchange
As long as the ignorance stays high, they get government contracts
That's utter bs, exchanges generates unique BIP32 addresses for deposit. There isn't a master exchanges key used among all customers.
Which is not something I commented on at all
Genuinely curious why you think your response was related or even mutually exclusive
I actually probably commented on the wrong comment :-/
Why are they elite? Ransomware is the new smash and grab.
The reason why this story doesn't make sense is because it's most likely a lie.
Think about it for a second.
If they wanted to discourage copycat criminals, the easiest way to do it would be to claim they seized the crypto, right?
But what proof do we have that the feds actually seized anything? Is the bitcoin transaction publicly listed anywhere where we can audit what happened? And even if you see the coins were moved, how do we know it was actually the feds that moved them and not the actual criminals?
> what proof do we have that the feds actually seized anything?
I'm sure the feds will sell the bitcoin in the fullness of time, like this:
Won't they hand them back to the pipeline owner who paid the ransom?
I don’t know, I can thing of reasons not to. They want to discourage companies both from lax security standards and from paying ransoms when they get attacked. Not paying them back would provide economic incentive that even if the DOJ is working to combat hacking, they won’t be saving you from your own incompetence.
Not saying that’s what they will do, just that I think it would make sense to me.
> And even if you see the coins were moved, how do we know it was actually the feds that moved them and not the actual criminals?
If the feds falsely claimed to have done it, the criminals could embarrass them by moving the coins again.
Ugh... because the pipeline is going to ask for that money back?
The "elite" hackers are the ones who wrote the ransomware software. You can tell because (apparently) most of them haven't been caught yet.
Computer security is hard. That's why ransomware attacks exist. It's just as hard for ransomware attackers as for their victims. If they were good at computer security, they'd be working a legitimate job. I find your incredulity strange, it's like hearing about the Valentine's day massacre and being shocked that mobsters could be at the receiving end of a Thompson for once.
> If they were good at computer security, they'd be working a legitimate job.
Um, what? Did you do a survey of all people who are good at computer security?
Furthermore, maybe the attackers _are_ working a legitimate job. Do we know attacker's life details?
"Russians did it!" - the modern Bugs Bunny
>I'm supposed to believe some elite Russian hacking group keeps their crypto wallets running on a US host.
They host their hacking tools and other software close to the victim because if you see your network infrastructure logs linking back to an IP address in Russia or China for example it would immediately rise alarm and suspicion.
It always struck me as improbable that all these high profile (and notoriously hard/impossible to attribute) attacks on “critical infrastructure” or whatever are always instantly and authoritatively pinned (by US authorities) on groups operating in the US’s geopolitical enemies.
“Russian hackers” once again, eh?
You find it improbable that geopolitical enemies tend to be the ones that attack us? Feels like saying "I find it weird that people I insult disproportionately punch me in the face".
It's also a very old technique to proxy attacks through countries without extradition treaties.
I don't disagree, obviously. But the question here is if it's reasonable to find that hackers in countries that we consider to be political enemies disproportionately are the ones hacking us.
There are numerous incentives that, to me, make it not only reasonable but extraordinarily likely.
Plus, recent political history and the kinds of benefits delivered by political actors suggest several things: hacking's taken on a special significance as wielded by state actors, there's a considerable amount of delegation to shall we say less expert practitioners who are only loosely controlled, and there's a great deal of effort put forth to deny ANYTHING of the sort ever goes on, ever ever.
To me all this seems par for the course. There's nothing unusual about any of it. It's what you would expect. It's basically like distributed stochastic terrorism, indirectly/loosely driven by a more capable state actor with specific intent to establish deniability.
Not even plausible deniability. Just some convenient way to say 'Nyet! And we are VERY OFFENDED that you would even suggest such a thing!'.
Just the fortunes of war, really.
I think you are assigning too much “us vs them” to the ransomware marketplace.
With ransomware criminals, “us” is the attacker, and “them” is everyone with a computer who might pay. Political boundaries don’t factor in to it at all. It is by nature an anonymous attack, hence the term “ransom”.
It is strange to me that almost all high-profile ransomware attacks that have been publicized in the US are claimed by the FBI to be Russian or Chinese. There are plenty of other countries with greedy criminals that know software, too.
> I think you are assigning too much “us vs them” to the ransomware marketplace.
Attacking things in a foreign jurisdiction is massively appealing from a "what will get me thrown in jail by my own government if things go wrong" perspective. You don't need any political loyalty for that calculation.
The problem is that state-level actors are considerably more sophisticated in their activities than what was seen here. There was a story on HN a while back that can best be summed up as "Defending against this is impossible: Mossad is gonna Mossad and there is nothing you can do about it: https://news.ycombinator.com/item?id=26591669
There's a difference between a criminal who is state sanctioned and a state-level actor.
When your government greenlights criminal activities against their enemies it helps a lot. Many* cyber criminals act as mercs for hire, and are in fact hired for official government operations against the US.
It's simply not true that political boundaries don't factor in. They're a massive part - most obviously, consider extradition or whether the attacker's government will cooperate with the US.
* I say many, but it's more like "it happens", but it feels important to point out.
I always thought it would be fun, if one had enough pull, to get a Letter of Marque and Reprisal issued to oneself snuck onto one of the giant omnibus bills that nobody in the Congress reads in its entirety before voting on it. It could easily be interpreted to cover cyberprivateering.
It is absolutely trivial for an attacker in the US or anywhere to make their ransomware attack appear to come from Russia (to someone who doesn’t know that).
I don't see how that's relevant to the incentives of foreign enemies attacking us. As I said, there are many. It basically stops being criminal activity.
Do you really think that's not the case, or that that isn't going to considerably skew where these attacks come from?
I think he's making the point that the attributions of "This came from <insert geopolitical enemy here>" are without any evidence. How exactly do you determine that a hack originated in Russia when Russian ips will not hand over their traffic to US authorities? Just because a lot of illicit web traffic originates from Israeli servers, for example, does not mean that it originated in Israel. In reality, our cyber security agencies have no idea where these guys are coming from: it COULD very well be from Russia, sure, but it could also be from your neighbor next door who vpn'd in through a chain of servers starting in france and ending in mali.
> I think he's making the point that the attributions of "This came from <insert geopolitical enemy here>" are without any evidence.
Badly, I guess, because no one has mentioned evidence or a lack of evidence anywhere in the thread.
> How exactly do you determine that a hack originated in Russia when Russian ips will not hand over their traffic to US authorities?
There are a lot of different ways. GEOIP is just one method. Examining the artifacts for code-reuse from other malware is another big one. Looking at the types of attacks is another ie: "this malware uses these techniques, and these are favored by groups 1,2,3".
There's a lot more to it than that, and not all of it is public. I've seen attribution done through backdoor channels that were not strictly legal.
> In reality, our cyber security agencies have no idea where these guys are coming from
No, more often than not we definitely do.
That might be easier to believe if these ransomware strains didn't do things like automatically disable themselves on computers with Russian language support installed.
Yes, nobody in the west using a compromised russian box for c&c would ever put such code in their ransomware payload. That would obfuscate its origin, and we all know criminals aren't clever enough for that sort of thing.
There can only be one explanation: russian hackers operating with Putin's tacit approval. Us in the west should add this to the mounting pile of "evidence" supporting going into another cold war, because that will surely improve the entire situation. Attributing the unattributable to our preconceived enemies to escalate a conflict always ends well.
Snark aside, on a technical, factual level, this simply isn't evidence of origin, not even a little bit. "russian hackers" is such a tired punchline now that if I, being in the west, were to suddenly jump the fence after 3 decades and choose A Life Of Crime, using russian configuration file names, UTC+3 daytime operating hours, russian-hosted c&c IPs (or, better yet, russia-controlled but plausibly deniable ones like belarus or kazakhstan), and silly stuff like skipping infection of ru-locale machines would be obvious things I would be doing to fuel this existing narrative sailwind. It's utterly silly to think that this in any way suggests origin.
Exactly, people do not understand how trivially easy it is to completely halt US investigations into internet traffic origins just by pivoting off of a box in a country which doesn't hand over its ip logs to the United States. I would imagine that, should you choose to hack a russian target, you would pivot off of an american box (or would the US hand those logs over? I actually think they might even if Russia wouldn't reciprocate).
Russian and a bunch of other CIS countries. It could very well originate from Moldova or Kazakhstan.
I think you’re conflating a wide range of things: most attacks aren’t linked to those countries and the ones which are often take time to link. Ransomware attacks have been happening frequently for ages, but most of them don’t reach the level where they’re being classed as infrastructure attacks — they’re gangs of opportunists looking for easy money. You find them in countries like Russia because there are only a few places which don’t cooperate with US/EU law enforcement, especially at the level where someone without powerful backers can rely on it. These guys caught a much bigger fish than they were prepared for and weren’t anywhere close to being prepared for a nation-state to seriously pursue them. Anyone trying this from most other countries would either be caught or much better at staying hidden.
Well, "Russian hackers" doesn't mean, Russian military. If I was a Russian hacker, and didn't want to piss off my own government, I may well consider that my best targets would be my country's political enemies. From what I hear, it might even eventually get you a sweet job with gov.
There are only a few countries which don't extradite cybercriminals to the west and don't prosecute them for foreign attacks - so these few countries are very attractive from which to run such operations; and even for international crime organizations it's good to have the "dirty work" done from such places, where the grunts won't get arrested and be motivated to sell you out for a plea deal.
The problem is you don't even have to run your operation from the country: you just have to pivot off of a box in that country as part of your obfuscation chain. In Cyber Security land, a lot of bad actors originate out of Israel, but that doesn't mean they originated there.
It’s well known that the Kremlin is very hospitable to cyber criminals as long as the stay away from the Soviet bloc. It also just so happens that a country with that sort of reckless policy, has lots of other bad policies which make them an enemy of the US and many other countries…
It’s not a conspiracy. You just have the cause and effect backwards.
I can't think of a better place to launch an attack on the US than the US's geopolitical enemies, can you?
I recall seeing on HN lots of descriptions of just how hard it is to maintain strict opsec, or anonymity. Obscurity sometimes is the best security, but these clowns made themselves a big a$$ target for the FBI. Its one thing to be one among hundreds of small-time ransomware attacks, and another to be the one behind shifting the price of oil of the entire southeast US, and to be the subject of thousands of memes about Americans stockpiling gasoline in the backs of their SUVs.
Agreed, there is something that is not being told here.
Maybe the US struck a deal with whoever did this to safe face or something.
Indeed was just discussing the same thing. Perhaps they simply are tracking if the money goes anywhere or using this as a way to hide their incompetence? Just saying they can do something they really can’t or put a legal hold on that wallet so if any exchange receives it they get fined?
Alot of professional criminals are such because they aren't competent enough to make money legally.
Also, how exactly do you "seize" cryptocurrency without hard forking it?
They send it to another wallet/account that they control. Not hard to understand.
And if they don't send? With electronically stored fiat, the feds can just ask the bank to give them the money right out of their account, and I'm sure the banks would cooperate. With paper cash they can just hold their arm while the SWAT team go on a rampage through their bedsheets for the cash.
What does one do for Bitcoin, short of a hard fork?
In crypto „seizing” means getting access to the wallet and sending funds to the one that gov’t has under it’s sole control
How do they get access to the wallet, assuming the dude won't tell them? With fiat they can do it with force, that's the difference. If the dude won't tell them they have no way to get access to it, other than the $5 wrench.
> If the dude won't tell them they have no way to get access to it, other than the $5 wrench.
This assumes perfect opsec: the guy is unphishable, has a quick-response switch to wipe their computers when their house is raided, etc. They get a lot of people through simple gaps: bust the door down when the target is in the bathroom, grab the unlocked computer in a public setting, etc.
The other big assumption is that the only copy of the key belonged to someone in the gang who is a high-value target. If it’s an exchange, they need to make an official request. Someone offering laundering services or a lower-value person in the gang, the offer is likely going to be offered a plea bargain for cooperating to get bigger fish versus a much longer sentence.
Even if it is the most culpable member of the gang, the prospect of a very long prison sentence versus something shorter is going to weigh heavily — especially if you know that they’re just going to leave you in jail until you give them the key anyway.
If the key is solely located only in the hacker's brain, yes it is out of their reach. Usually, however, if you gain access to the hacker's comp, they'll have it written down somewhere.
Maybe they go through their bedsheets looking for the passphrase written on a sticky note? I'm sure US intelligence can be quite persuasive.
That would require a hard fork or the key to the sending utxo.
I was assuming they are able to obtain the key. Nobody believes hard forking is a practical solution to seizure.
Exactly. Until DOJ provides proof, this is pure FUD.
Anyone competent enough to extort a foreign company out of millions is not going to attempt to cash out through an exchange.
Are you saying the government didn’t actually recover the money that they claim to have recovered?
I think, at this point, doubting anything the government claims without hard evidence proving their case is the wiser play based on pure pattern recognition.
When the FBI sells the coins won't it be pretty obvious?
Here is the FBI controlled address, presumably a Coinbase deposit address
https://www.blockchain.com/btc/address/bc1qq2euq8pw950klpjca...
Which got funds from
https://www.blockchain.com/btc/address/3EYkxQSUv2KcuRTnHQA8t...
This is the wallet explorer used for clustering the wallet
https://www.walletexplorer.com/wallet/123085fff68ee703/addre...
I have no idea why they censored out parts of the bitcoin addresses as googling the uncensored part and transaction quantities lets you find them on countless sites.
I'm confused. That account had a little over *69 btc this morning, yet the FBI affidavit said it only has 63.7 btc.
What's up with the disparity?
https://www.justice.gov/opa/press-release/file/1402056/downl...
*edited
They only seized 69.6 as that's what was transferred to an exchange. It's interesting they split the resulting funds into two addresses. One to presumably return to who paid the ransom and the rest which would be held until whoever is indicted can prove they are not proceeds of crime (lol good luck).
You can see the split here: https://www.blockchain.com/btc/address/bc1qu57hnxf0c65fsdd5k...
oops, you're right, I misinterpreted the 'total received' line
See point 31. At some point, 11btc went to one place and 64 went to another. I guess the 11 is still outstanding from the FBI.
The most interesting and unknown question is how the DOJ/FBI came to be in possession of the private key.
If they carried out the attack they would have had the private key in their possession.
gigglesnort
or by "in possession of the private key" they mean "Coinbase generated the private key earlier and just gave it to the FBI"
the amateur hour doesn't stop there though
That was exactly my thought.
Especially together with 'FBI Director Compares Ransomware to 9/11' articles like https://www.foxbusiness.com/technology/fbi-chris-wray-ransom...
Our "respected authorities" have been "predicting" this since last year [1].
I love viewing comment histories of people who write posts like the above. They're always fun.
Thanks!
You might find it interesting to know that, irl, I never talk about anything remotely conspiratorial. I live life like a normal person, and talk like this on forums as a hedge.
A private key is not needed if the funds are on an exchange. Apparently there is a warrant to seize property on Northern California so I guess it might be Coinbase.
And yeah... if the crackers sent the funds to an exchange they were comically dumb.
The warrant does not imply that the coins were on an exchange. The warrant only indicates that they needed legal authority to seize coins, wherever they are.
It seem more likely that the FBI/NSA had and gained some access to the gang's infrastructure and seized the money.
Transmitting ransom money to an exchange without any type of tumbler or atomic swapping, that it's not a realistic scenario.
Maybe they tried to use an ineffective tumbler?
Why not?
Why would you assume an attacker uses all of the best cloaking tactics?
This doesn't seem like a complex attack at all: monitor common 0 day vuln feeds, attack, install off the shelf ransomware sold by 5$.
It might as well have been a script kiddie.
That’s my prediction: these guys are like bike thieves who found out the hard way that they just stole a bike belonging to the police chief and so it’s actually being investigated rather than written off. I don’t think they were remotely prepared for this level of scrutiny.
My thoughts exactly. Isn't the tactic to phish multiple potential victims and then they just get email responses from the victims whose data was caught? From the attackers' perspective they could have accidentally made a big catch instead of "targeted critical national infrastructure".
I’d bet that’s exactly what happened. These guys don’t want a big deal, they want a quick payment from the company’s insurance company and moving on.
DarkSide's announcement that they were shutting down said that their servers were compromised and taken offline. Presumably the private key was on the server and the server was hosted on a business that responds to U.S. subpoenas.
The warrant is for a location in Northern California and they needed a warrant to get it.
Use your head man, this means they literally went to a Federal Judge and said "hey we have probable cause that this address is on Coinbase" and the Judge was like "wow that is pretty probable" and then they took the warrant to Coinbase who was like "oh damn that's legit ..... can we squirm out of dealing with this .... no ... oh wow that is our address too, okay here is the private key" and then the FBI transferred it
> The warrant is for a location in Northern California
No, its not.
Its for a particular Bitcoin address for which the FBI had the primary key. The FBI can’t legally seize coins just because it has a private key any more than it can seize physical property because it has a key to a house. It needs a warrant to use the key, which will only be issued with probable cause that the material is subject to seizure.
> Use your head man, this means they literally went to a Federal Judge and said "hey we have probable cause that this address is on Coinbase"
They literally did not; the warrant and supporting affidavit are public (with some redactions), and that is not, even remotely, what they say.
>The warrant is for a location in Northern California and they needed a warrant to get it.
Not neccessarily.
https://www.justice.gov/opa/press-release/file/1402056/downl...
The FBI in Northern California simply needed permission to use the Private Key they already had to access the bitcoin address.
The court that has jurisdiction over these types of crimes is in Northern California.
> Transmitting ransom money to an exchange without any type of tumbler or atomic swapping, that it's not a realistic scenario.
Maybe not nowadays, but some time ago, after the possibility of tracing transactions was already well known, criminals were still a) first sending all the ransoms they collected directly from the initial ransom address to one address, linking them b) then sending them to their exchange account. No tumbling or obfuscation whatsoever.
The press release specifically mentions that the cryptocurrency was seized through FBI having posession of the private key.
As someone who has been on the receiving end of federal seizure orders for cryptocurrency private keys, they were in my case satisfied by publishing a transfer (signature) to a USG address, not actual disclosure of private key material, despite that being explicitly stated in the order.
This indicates a level of US Fed LEO technical sophistication I’m somewhat pleased to hear exists.
I have heard that they have been developing an in-house technical capability and department for this since at least the time period of the Ulbrich arrest and the "first" Silk Road.
Either that or they just approached it like a bank account and simply wanted the money and didn’t care about the cryptographic specifics whatsoever.
More likely their work with an outside consultant/firm.
What's a USG address?
USG =US Govt.
It's not an either/or thing though, right? IMHO, it seems plausible for the FBI to get a private key from a cooperating exchange?
To the previous poster's point: it didn't say which private key. There can be multiple with cloud storage.
From the press release, the scare quotes could mean anything, but they likely had the rough equivalent part:
for which the FBI has the “private key,” or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address.
Did the crackers surrendered the private keys? And if so why was a warrant issued?
https://www.elliptic.co/hs-fs/hubfs/Screenshot%202021-06-07%...
the prefix ix bc1. coinbase does not use this
https://www.blockchain.com/btc/address/bc1qq2euq8pw950klpjca...
I don't understand why so many people are jumping to the conclusion that the FBI broke sha-256.
Theres so many other lower hanging fruit posibilities...
1: they served the server provider with a warrant they provided physical access. 2: their server infra was running vulnerable code for another service. 3. weak passwords / weak security in general 4. they cut a deal with the upstream ransomware providers and were provided with the private key used.
> FBI broke sha-256
A very odd conclusion because that's not the crypto you need to break to steal some coins.
not my opinion. I was just confused why other commenters would think this.
Couldn't they just have an informant give them the seed phrase?
There are more technical details in the linked affidavit (page 6 and 7): https://www.justice.gov/opa/press-release/file/1402056/downl...
They kept following transactions on the blockchain, but it's not clear how the private key became in the posession of the FBI.
Netsec Twitter's theory is that the attacker(s) had a VPS operating in the US that the FBI was able to access and which contained the key to the wallet where the final payment ended up.
The FBI doesn't need the VPS to be in the United States for that
The FBI specifically has had expanded Congressional authority for like 10 years to operate extraterritorially on cyber matters
FBI agents will show up physically in any country and request cooperation from local municipal police (maybe) to seize electronic property as well as affect arrests in a way compliant with both jurisdictions. Given that private key crypto seizure is consequence free and irrevocable, if the FBI had access to the memory at a foreign data center they could have just taken it without worrying about local procedural nuances.
Using crypto the proper way already shield against this, because you have to assume that you can't trust your own security or the data center operators, let alone the state. The server should only have the Master Public Key[1] for giving a one-time use address and rotating down the index in one of the address trees immediately after any input is received (rotate to a new account upon receipt of funds, new accounts are from an infinite tree of arrays at each node). The mnemonic for the master public key would have been generated offline and never on any device. Moving the funds, whenever one feels like it, can be signed offline and physically handed to a node that will append the signed transaction to the blockchain.
[1]Bitcoin Improvement Protocols - BIP 44 (2014), BIP 39 (2013), BIP 32 (2012)
but anyway I'm leaning towards it being a private key on Coinbase that they got a warrant to check for, and it was correct, and they seized those assets
The legal requirements to search a US-hosted VPS might be higher than an extraterritorial one. US servers have rights, and those largely end once they're off US soil. That's why there's any warrant at all.
I am by far no ransomware expert, but it really seems like amateur hour if they were running a Linux based Bitcoin full node using the mainline CLI daemon and client, with a wallet, on some hosting company geographically within the United States. Why would it need to be in the US?
I only know a few criminal hackers, but within that sample their skillset is really niche. They know what they know well, but otherwise they're just trying to solve problems like any engineer.
Kinda like data scientists - they can be masters with a couple of libraries and concepts, but if you have a data science team you also are more or less guaranteed to have a jupyter notebook open to the world, or something along those lines.
Don't underestimate the stupidity/incompetence of these ransomware devs. Many cybercriminals have been caught for unbelievably dumb reasons.
The connections need to pass through the US just once in order to give the US a chance to attack it.
Since they created the internet, they have field advantage. It's almost impossible not to use a US based provider, it goes as deep as ipv4 distribution.
> The connections need to pass through the US just once in order to give the US a chance to attack it.
Less than once if the US were, purely hypothetically, to have a well-funded foreign sigint operation that might cooperate with domestic law enforcement on priority issues.
True, but it would be far less common I reckon.
So many questions. Why are they running a bitcoin node on a vps? do they need to make automated payments or something? it's very easy to run a bitcoin node locally, or even airgap the signing keys.
Really? That seems like something fairly obvious to attempt to prevent from an attacker's viewpoint.
How? A keylogger? Cache somewhere?
>Based on ... I have probable cause to believe that the aforementioned property may be seized...
Forgive me if this is a dumb question; I have not used a blockchain explorer for anything consequential. Isn't that wallet just the last place it ended up? So, you have chain of custody but does that prove that the owner of that wallet is the "target"?
I think generally speaking, someone in possession of stolen property isn't entitled to keep that property even if they had nothing to do with the theft and had no reason to believe it was stolen. That prevents them from being guilty of a crime - but authorities can still come seize the property without compensating them at all for their loss.
In a way it's similar to getting stuck with counterfeit money. You didn't do anything wrong, but no one is going to just hand you the replacement real money you "deserve" - you just got unlucky.
Nope, but the recipient is welcome to come to the US, show up at the FBI and ask for it back.
The Laywer did a great job explaining Bitcoin.
Can anyone here (hn) add anything?
It seems like steps in the investigation, or process to identifying the bad guys were left out.
The wetware is always the weakest link.
This is why all these gangs will now switch to Monero the moment they get BTC paid.
I am guessing that the key pair generation process was faulty. The FBI found an exploit in a wallet used by the hackers allowing the private key to be predicted. The prefix is bc1,which is uncommon. A few weeks ago there was such a vulnerability with Cake Wallet.
Or they installed malware on the hacker's computers and were able to log the private key as it was generated.
Or the hackers foolishly stored the key pairs on a server
Bitcoin is falling and this news does not help because it shows that some aspect is less secure than previously thought.
bc1 is for bech32 addresses. A feature of the new segwit. Aparently there is a way to predict the private key derived from using multiple times the bc1 address. Details are available here: https://sudonull.com/post/8212-Bitcoin-Pseudo-Random-Number-...
Could it be that bech32 is less secure than thought?
Almost certainly what's not secure is the endpoint, wherever the keys were stored. That shouldn't really be news. The endpoints are always the weakest links in an encrypted channel.
bc1 isn't an uncommon prefix, its a bech32 native segwit address that's been in use for years now (IIRC 1 and 3 are the other prefixes, 1 being the first and most popular and 3 being a backwards compatible segwit address, i.e. non native). Stats: https://txstats.com/dashboard/db/bech32-statistics?orgId=1
faulty key pairs being generated is a well known issue with poorly developed wallets, not with Bitcoin itself. None of the popular wallets have this issue so it doesn't undermine Bitcoin.
I'm wondering if the attackers sent their coins through a mixer, and now some chump with money on coinbase just got his coins jacked b/c he deposited after using a shady mixer.
Can someone explain simply why it is supposed to be so hard to track ransomware bitcoin payments, if all bitcoin transactions are in a shared public ledger?
If the victim pays someone we know which account it goes to, right? Then we know that account is criminal.
If bitcoins move from that account to other accounts we know that accounts that receive them are essentially "hiding stolen goods". So they are criminal accounts as well.
Then at some point they want to get dollars, and FBI can catch them by following where the dollars were sent. No?
>Can someone explain simply why it is supposed to be so hard to track ransomware bitcoin payments, if all bitcoin transactions are in a shared public ledger?
Clearly, it's not. This is a pervasive misconception. Bitcoin is not, and is not even meant to be, private. Even with obfuscation attempts, nearly every ransomware gang has their bitcoin payments fully tracked, as this one did. There is a robust industry of blockchain analytics that pulls in many many millions each year surveilling the bitcoin blockchain. Virtually all exchanges (fiat on and off ramps) collaborate with those analytics companies and require full KYC/AML of their customers, and can thus apply their KYC label data to blockchain metadata.
Bitcoin is not account based: it is based on unspent transaction output sets. UTXOs can be combined with many other UTXOs, combined into one, or split into many. This leaves a large amount of potential for obfuscation strategies such as CoinJoin[^1]. Nearly all of these gangs attempt to use CoinJoin or similar but make small mistakes such as being representative of a large amount of the volume, leaking information through timing, combining their outputs into one, or countless other potential errors, and often a simple "FIFO" strategy can trace flows. Obfuscation is not a robust anonymity strategy, and pseudonymity is not anonymity. To quote Vitalik Buterin, "If your privacy model has a medium anonymity set, it really has a small anonymity set. If your privacy model has a small anonymity set, it has an anonymity set of 1. Only global anonymity sets (eg. as done with ZK-SNARKs) are truly robustly secure."[^2]
[^1]: https://en.bitcoin.it/wiki/CoinJoin [^2]: https://twitter.com/vitalikbuterin/status/119646811199575654...
Good explanation thanks. I'm only a bit confused now. You say "Bitcoin is not account based". But if we send bitcoin to some address doesn't that address in effect equate to an "account"?
Just like if you put money into my bank-account you will need to know the account-number (i.e. "address") of my bank-account?
Leaving aside services like bitcoin mixers designed to obfuscate the process, I think the usefulness of bitcoin for ransomware is that it allows you to move a big sum of money quickly without verifying your identity and without going through bank checks.
I think you are correct about getting dollars out being the risky part, but this way the criminals will at least have a head start in their race against the FBI.
The FBI doesn't have access to every Bitcoin exchange. There are exchanges in other countries that let you trade anonymously, either into fiat or other cryptocurrencies.
Do those other exchanges have some other type of anonymity mechanism? I guess I could see Monero on Bitcoin as a service, but if it isn't something like that it seems just as pseudoanonymous as regular BTC
Colonial paid $4.4M in BTC around May 6th. Coindesk shows BTC/USD around $58K on May 6th.
FBI recovers $2.3M in BTC today. Current BTC/USD around $34K today.
34 / 58 = .58
4.4 * .58 = 2.552
Looks like they recovered more or less all of it?
WSJ reported they recovered 64 Bitcoin out of 75 paid in ransom by the company, so it was most of it.
Colonial paid 75 BTC, and they recovered 63.7 BTC.
I'm guessing the rest was fees/etc coming out of the crypto tumblers they used?
I'm guessing the difference was the split of the 75 between different affiliates of the hackers. Maybe the initial hackers get X and the ransomware people get Y, and X+Y = 75. They only recovered one side of that transaction.
Apparently the take was sliced 85/15 affiliate to developer.
They didn't use any tumblers, that's how they got caught.
edit: it says so in the article:
As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address
I think tumblers can be traced if they are backfired or monitored. Though perhaps that requires more assumptions than the fact that they were incompetent and didn’t use any.
It says this in the article:
>As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address
That seems to imply that they didn't use a mixer.
Honest question: what would a backdoored mixer look like? If it had a list of trapdoor addresses (or checked addresses in real-time) and made last-minute transaction changes, say. Would any criminal risk complaining if it identified them? Does the tumbler’s reputation have a mechanism for angry criminal user stories?
The tumblers seem like a centralized chokepoint for criminals trying to launder.
They could also get caught if say, authorities hacked the computers they were using to execute the Bitcoin tumbler "trades" (or whatever the terminology is)... or used similar means to gain access to a list of crypto wallets they owned along with their passwords.
I mean… this was just a software wallet getting owned, almost for sure. Pair that with not clicking the right AWS region and the details are likely.
I’m curious what the wallet provider was.
> The Special Prosecutions Section and Asset Forfeiture Unit of the U.S. Attorney’s Office for the Northern District of California is handling the seizure
Hah, of course the DoJ office doing bitcoin investigations is in San Francisco.
Also interesting that they were able to recover only $2.3M out of the $4.4M paid. I wonder if Colonial Pipeline will ever see this money.
They recovered 63.7 out of 75 BTC. The USD price just changed in the interim.
Hackers make transactions on clearnet revealing their IP address -> FBI seizes the server.
Plausible theory on how they did this here: https://twitter.com/brucedkleinman/status/140204474591697305...
tl;dr: The hackers used the same full node wallet more than once, and the FBI was able to narrow in on an IP address because the first relay of the transactions was the same across multiple transactions. This server was in California, which allowed the FBI to seize it.
The warrant isn't proof that the server was in California. That's simply where the FBI field office that is going to access the bitcoin address is based out of.
Rather than the us just "having" the key, could it not be a possibility that they in fact managed to somehow crack it? If any power could surely it's the us right?
I wondered the same thing, so I went looking for answers and found this excellent video by 3Blue1Brown:
How secure is 256 bit security? : https://www.youtube.com/watch?v=S9JGmA5_unY
Really informative video but this is talking about hashing functions. Private keys are created differently using (some) shared information between the private and public keys. If there was one area I could see the us investing their time and effort since RSA came out it's here. Don't get me wrong, it would be out there if they could crack even one key but like I said, if anyone can it's them.
No. If anyone had the ability to crack bitcoin addresses, they would not spend that technology on something as inconsequential as this. It would be saved for national defense issues
Completely agree but it could be perceived as a show of strength.
Still stupid. As soon as some entity reveals they have the power to crack one of these algorithms, everyone scrambles to migrate to something orders of magnitude harder. It's a weapon you'd only be able to use for maybe a few weeks or months before all the worthwhile targets immunize themselves against you.
We already have quantum safe asymmetric cryptography, just no incentive to move fast to deploy it.
How would quantum solve any problems here? I thought the benefit of quantum crypto was the ability to send information while detecting eavesdroppers. I don't think quantum computers have outclassed traditional cpus in processing power.
If they FBI did actually crack a private key, it would almost certainly have to be with a top secret, insanely powerful quantum computer that's decades ahead of what is publicly known to exist. The existence of such a computer that could crack bitcoin private keys would also be a powerful tool against every organization on the planet and their ability to maintain secrets.
I'm referring for post quantum cryptography, https://en.wikipedia.org/wiki/Post-quantum_cryptography, which would negate the usefulness of such a quantum computer at cracking competitor secrets.
Bottom line, there are much more useful things you could use this computer for, like cracking all encrypted communications of a foreign power or hacking into their military or financial systems. Using it to crack a single bitcoin key to recover a few million dollars only serves to alert all your adversaries that it's time to upgrade their cryptography.
I believe he's talking about encryption algorithms that are safe from quantum computers
And who decides when it's time to make the switch? Because it's not a random government. It will most likely be the us putting pressure on technology companies to switch
I don't understand the question.
Who decided that we needed to migrate to HTTPs everywhere? Or that authentication for online bank accounts needed to be encrypted?
As cracking of traditional encryption becomes an obvious problem, systems will be upgraded or people will vote with their feet.
Well HTTPS isn't used everywhere and governments have decided that banks need to meet an extremely strict set of rules to operate. As much as we'd like to think of the internet as the wild west, it is not.
HTTPS is used almost everywhere. And it's not like a government decrees something and it's done. Laws involve multiple stakeholders, and there are multiple governments which converge on the same decision.
It is correct to state that security best practices are not decided by one entity but rather figured out organically and on a non centralized basis.
Bitcoin keys are ECDSA (secp256k1) keys. The same scheme is used in many other areas of computer security; it would be incredibly foolish for the NSA to reveal an exploit they're sitting on, even indirectly.
Would it really be that foolish though? Could it not be perceived as a show of strength? That's why America stole them back in the first place right? $4m isn't a lot to the company hacked or to the USA. Why go to the trouble of stealing them back at all?
>As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address
does it mean that "tainted" BTC can be seized any time, even if the current holder may have no relation to the original crime?
where's that sweet sweet transaction graph?
Not exhaustive, but you might find this interesting:
https://blog.wolfram.com/2021/05/25/sleuthing-darkside-crypt...
This is just an early part of an investigation. Since DOJ got this far, they have leads on who did it.
Russian hackers have been captured in Israel, Spain, Belarius... Sometimes, after the FBI identifies them, they just watch and wait.
The DoJ press release doesn't make this clear: what happens to the money now?
Is it returned to the company, or does the DoJ keep it as an asset forfeiture?
I was told governments can't get involved in crypto, that's what makes it great? Totally anonymous? Untraceable?
That's not entirely true. Bitcoin is neither anonymous nor untraceable. governments however can't control it. They can only observe what's happening on the chain. Hope that helps.
My comment was mostly just mocking crypto.
Maybe this is just a result of good old police work: https://xkcd.com/538/
I'm not reading how the private key for the wallet was obtained. Anyone?
They aren't going to tell us that, so they can keep using the same tricks.
They probably should have asked for Moneros ... and in a self hosted wallet.
Looks like the criminals used CoinBase:
https://twitter.com/thisisbullish/status/1402056137340604418...
How amateur is that…
The only thing anywhere in the “supporting” documents or diagrams concerning coinbase is that it is shown as the destination of a 0.001 BTC transfer from the address the funds went to.
This is one of several pieces I’ve seen claiming things about Coinbase and embedding documents or other evidence that doesn’t seem to come close to supporting the conclusion.
I’m not saying Coinbase wasn’t used and that that didn't have something to do with the seizure, but its being repeatedly claimed with the same kind of evidence presentation that tends to accompany conspiracy theories.
That refers to the concept of coinbase, not coinbase the company. It's a technical term on the blockchain for the coins dispensed to the miner.
How? Looks like Darkside transferred the money to an exchange (Coinbase?), didn't hide it well enough, and the FBI just grabbed it?
i dont think coinbase addresses have bc1 prefix
Don't they mean Putin in an agreement with the Biden administration made Darkside give some money back as a way of easing American public tensions and political fallout ahead of the summit?
If that is what they did, that's a fantastic diplomatic success story
Not completely unusual.
I doubt Russia is too crazy about the idea of pipelines=targets. Especially one that doesn't even compete with them. 2x especially the billing! 64% of Russian exports are gas and oil.
https://commons.wikimedia.org/wiki/File:Russia_Export_Treema...
That's some schizo shit right there
Maybe this is the way to deal with ransomware, just seize stolen crypto.
SHUM - Should have used Monero
SHUTC - Should have used Tornado.cash
SHURENVM+TC - Should have used RenVM and Tornado.cash
LOL... I simply don't believe any of these press releases. For all we know, the government negotiated a deal with the cyber-attackers to create this press release as a way to try to thwart future attacks. Seriously wouldn't put it past them one bit.
Or, maybe something like the FBI knows who's behind it through other means (friendly foreign government, etc.). They contact them and let them know they are going to prosecute to the full extent of the law, long prison sentences. The hackers offer to give the money back in exchange for not being prosecuted, FBI agrees, private key is supplied by hackers.
It's possible they underestimated how serious things would get and got cold feet.
Well, evidence-less speculation is also useless, here's another one: maybe they have a quantum computer that spat out the private key?
Or they asked Google to hack the hackers' Android phones!
Do you have a specific reason to not believe it?
Yes, the countless lawsuits and evidence that the government lies on a consistent basis, especially involving acts of national security. We can pretend the Iraq War never happened based on fake evidence.