If you have been in the cryptocurrency markets since 2016, you must still remember the Bitfinex hack. At that time, 119,754 Bitcoins, worth $71 million, fell into the hands of attackers and had serious effects on the cryptocurrency markets. The US Department of Justice pursued the matter and recovered the funds.
US Department of Justice Bitcoin Statement
In August 2016, a hacker breached Victim VCE’s security systems. Starting in January 2017, some of the stolen BTC was moved from Wallet 1CGA4s (the first characters of the wallet). Assets were being laundered in different mixer services. Despite this process, which complicates the work of US law enforcement officers, the authorities identified Russian nationals ILYA “DUTCH” LICHTENSTEIN and HEATHER MORGAN.
Making sure that the assets were kept in the wallet with the code 1CGA4, the agents gained access to LICHTENSTEIN’s cloud account. By decrypting a file found here, the wallet with the code 1CGA4 was reached. In the file, 9 separate wallets used in the attack and linked to the laundering of Bitcoins were also detected. February 1, 2022, law enforcement received approval to execute a legal lien.
Based on the approval, agents confiscated approximately 95,000 Bitcoins worth $3.629 billion.
History of Stolen Bitcoins
At today’s price, the value of stolen assets exceeds $5 billion. First, more than 2,000 BTC were moved to wallet11 with the code 1CGa4s. This is one of the wallets seized in LICHTENSTEIN’s cloud storage account. Some of the assets were sent to some accounts on the darknet marketplace AlphaBay. Most of the assets are distributed to 7 accounts managed by LICHTENSTEIN and MORGAN.
LICHTENSTEIN and MORGAN used many methods to launder funds.
Transfers to accounts opened with fictitious identities
Moving assets from main accounts to smaller wallets with thousands of transactions
Using computer programs that automate small-scale transfers to launder assets
Hiding transaction history by spending on the darknet market
Converting Bitcoins in hand to different cryptocurrencies
Using 11 different third-party wallets for transfers
You can see the movement of wallet ownership-based assets above. Below is a diagram of how stolen assets are distributed.
LICHTENSTEIN and MORGAN made NFT purchases and also used Bitcoin ATMs to launder stolen Bitcoins. The fact that the parties are Russian nationals can also give some ideas about the aggressors. It is thought that these two names do not have the necessary competencies to hack systems and are only tasked with laundering Bitcoins.
