Somehow I completely missed this one from last year:

and now we have:

It's not clear to me what they're claiming exactly, in terms of tracing. i'm particularly curious about that "red box" at the top of the flows diagram. (Hydra)

· · Web · 1 · 2 · 3

"The 2017 transfers notwithstanding, the majority of the stolen funds remained in
Wallet 1CGA4s from August 2016 until January 31, 2022. On January 31, 2022, law enforcement
gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage
account,8 which had been obtained pursuant to a search warrant"

So basically they grabbed it by issuing a warrant to google/microsoft/apple etc. I suppose at that point the perpetrators were screwed anyway, but wow.

also if the private keys, or seedphrases, for various wallets were all in that "encrypted" cloud storage, blockchain analysis may have proved surprisingly easy ...

Some other details I gleaned from reading that doc: Monero accounts feature quite heavily in the diagrammatic representations of funds flow. Not sure what this means (privkey thing again as per above? or just records in that file).

On that 'encrypted cloud storage file', they talk about having to explicitly decrypt it, after the seizure of the cloud storage account via warrant. Weak password, or something else?

one last thing I noticed:

W.r.t. an unnamed exchange "VCE 7" they talk about geo-location with IP addresses to find the account owners. Very interesting if that's a big part of finding them.

w.r.t. the decryption, this wording is interesting:

"In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. ... However, a significant portion of the files were encrypted.
52. On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account. "

So they got access "in 2021" but the key breakthrough, the actual seizure, happened in January. We can only guess what kind of decryption.

There's one more thing about this case I want to mention, because I find it very bad:

Elliptic gives pride of place in their blog post to a diagram showing a peeling chain.

All this diagram *actually* shows is that there were a sequence of transactions funding Wasabi from the stolen cluster. (if it's just from one address, that makes no difference; the set of addresses, as a cluster, is known).

It shows precisely *nothing* ... (tbc)

... about tracing funds *through* coinjoins. 99% of readers will assume that's what it's showing, and they know that full well. This is very typical of these reports from blockchain analysis firms.

(Notice that all the arrows point *inwards* towards Wasabi, not out).

@waxwing I'd bet a couple of sats on reuse of a previously leaked password connected to his personal accounts

It looks a lot like they cross-checked some watch lists, netflow data, etc. narrowed down to a few people, and then perhaps exploited a vuln in their laptop which enabled iCloud/whatever backup, then they just had to go collect the loot on the other side.

@cjd @waxwing how much is being exchanged is less useful than who and when.

@cjd that was one angle, i also thought that but then the wording is ambiguous. It could be that it took time to get it from Apple/whatever (somehow?) or through who knows what kind of hacking (including social engineering). Some kind of bruteforcing remains conceivable, too.

@waxwing communication exercise well done as a matter of facts.
despite the lack of tracing evidence everyone buys the fact you can't trace crypto out of government eyes

@roshii yes. it's confusing/subtle to the point where one could argue it doesn't matter (but I think it does):

* if you are the subject of active, well funded and resourced attacks (as a very large stakes criminal may be, once they are under suspicion), then the *combination* of on-chain data with off-chain data gives so many clues that it barely matters that your on-chain techniques successfully obfuscate (see e.g. Monero in the doc).

* But you do get defence against more casual attackers.

@roshii .. so, for an ordinary user, such obfuscation techniques have a very substantive value in terms of their security.

You can probably argue pretty strongly that it's still very worth it, even for the person likely subject to active, well funded attack. It's one of several ways that you're making it harder for them.

@waxwing imho the risk lies (mostly) when moving value out of chain. provided ip is not leaked, I don't see what could reveal your id on chain. so while chain analysis can be highly effectively, it requires off chain data to connect the dots and against a well funded attack, i can imagine it's hard not to leave a single connectable dot!

@waxwing So basically it sounds like they were caught because of bad opsec more than any fancy chain analytics.

Storing private keys, even encrypted, on the internet is totally amateur hour.

@waxwing decrypting? My understanding is that it was plain text? Where did you read about it being decrypted?

Sign in to participate in the conversation
unidentified instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!