Feds Bust $3.4 Billion Crypto Theft, Demonstrating Ability to Penetrate Supposed...

Feds Bust $3.4 Billion Crypto Theft, Demonstrating Ability to Penetrate Supposed Secrecy

The Wall Street Journal does a solid job of reporting today in one of its lead stories, The U.S. Cracked a $3.4 Billion Crypto Heist—and Bitcoin’s Anonymity. However, as we’ll discuss, the large steps made in piercing the crypto veil, at least as I read it, do not vitiate the secrecy potential of crypto per se, but of the infrastructure and services around it, on which many users, including those knowing engaged in criminal conduct, use. And this story demonstrates that all it took was one goof by a crypto thief for the Feds to track him down.

I found it odd that the comments I read so far at the Journal and Twitter miss the way the article overstates what are still very large gains by the authorities in tracking crypto transactions and then figuring out who is behind them. And the article (as many Journal readers did point out) confirmed my prejudices about crypto: that it has no uses beyond crime, tax evasion, money laundering, and speculation, none of which are positives to society.

The piece revolves around the bust of one James Zhong, a US computer science student who found a bug on Silk Road, which he’d been using to buy cocaine. He could withdraw twice as much Bitcoin as he had on deposit. He set up additional accounts and made off with about $600,000 of Bitcoin in 2012.

Zhong had the bad fortune to have Silk Road go bust, which gave the authorities their first opportunity to mine transaction records across a network. But the level of forensic skills took a great leap forward with the failure of Mt. Gox in 2014. Crypto maven Jonathan Levin and his business partner Michael Gronager were hired guns on the Mt. Gox collapse, developing software and analytics that became the foundation of Chainalysis. As the story explains:

Government investigators exploit a feature of bitcoin and many other digital currencies: Every transaction is stored forever in blockchain’s online ledger and open for anyone to see. Since Mr. Zhong’s heist, authorities and private firms have compiled the equivalent of a blockchain address book to aid the IRS, Federal Bureau of Investigation and state and local authorities investigating cybercrimes. The blockchain-analytics company Chainalysis Inc., based in New York, said it has mapped more than a billion wallet addresses, separating out legitimate and questionable holdings and identifying the exchanges where the cryptocurrency is converted to cash….

These advances make it difficult for criminals to convert their spoils to cash. After government officials publish wallet addresses connected to crooks, no legitimate cryptocurrency exchange wants to do business with them, fearing legal consequences…

Blockchain analytics provide law-enforcement investigators with an important piece of the blockchain puzzle—mapping the flow of cryptocurrency belonging to specific people and groups. Greater regulatory scrutiny of cryptocurrency exchanges has also helped. Exchanges have stepped up systems to identify the parties they do business with—under so-called know-your-customer requirements—and are more responsive to law-enforcement inquiries.

Let us understand the rub: you as a nefariously-behaving crypto user would be well-protected from the authorities if you did not use a wallet. Of course, you would face the risk of death, loss, or accidental destruction of the device(s) that held your coin. You would also be at risk of loss of your password to your device (this risk also exists with wallets; I have no idea what if any account recovery methods they have).

But what good is having crypto if you can’t eventually trade it or convert into fiat or real economy assets? With exchanges and wallets more widely used and more and more crypto service operators deciding that being on the up and up is a better business proposition, the illicit exchanges and other means for trading out of crypto are declining in importance, and may be shrinking in absolute terms. The Journal piece quotes an expert who claims North Korea has stolen more crypto than it can convert into dollars.

Now back to Zhong. Despite the investigation of the Silk Road failure, no one identified his heist them. Zhong transferred his stolen coins across different accounts for eight years. By 2021, the value of his stash had increased to $3.4 billion.

Zhong kept his “modest” home, but had splurged with a lakefront house, a Lamborghini, and a $150,000 Tesla. But those expenditures weren’t what tipped off the authorities.

What did was Zhong getting sloppy:

For five years after the Silk Road theft, Mr. Zhong sat on his digital treasure. In 2017, he embarked on a $16 million spending spree, much of it spent trying to win friends, according to court papers and his lawyer, Michael Bachner. Mr. Zhong gave away 258 bitcoins, many of them on digital devices each loaded with 50 bitcoins and now worth close to $1.5 million. He hosted friends on chartered planes and boats, at sporting events and in fancy hotels, according to court papers and Clayton Kemker, a former bond salesman who became Mr. Zhong’s business partner.

Mr. Zhong made his big mistake on Dec. 16, 2020, according to court records and an analysis of his bitcoin transactions by Elliptic. He combined crypto funds the IRS had linked to the Silk Road thefts with legitimate funds he kept in a cryptocurrency exchange.

With Mr. Zhong’s Silk Road link in hand, authorities went to the bitcoin exchange that handled the transaction. The exchange gave IRS agents an IP address, 45.20.67.1, and Mr. Zhong’s internet service provider confirmed that he had been using that address since 2016. A month later, federal agents searched Mr. Zhong’s house and found the digital storage devices that helped clinch the investigation.

I’m surprised Zhong had a static IP address.1 I’m also surprised that he didn’t make regular use of a VPN. Readers?

The denouement was mundane:

In November 2021, federal agents surprised Mr. Zhong with a search warrant and found the digital keys to his crypto fortune hidden in a basement floor safe and a popcorn tin in the bathroom. Mr. Zhong, who pleaded guilty to wire fraud, is scheduled to be sentenced Friday in New York federal court, where prosecutors are seeking a prison sentence of less than two years.

The article makes Zhong sound sad, hoping money would buy him love and friends ad finding his spending produced not much of either. The light sentencing request seems odd. Perhaps Zhong was unusually cooperative? But what sort of helpful information could he have provided?

The larger point is not that is it impossible to get away with crime or otherwise hide your tracks in the world of crypto, but that a very big increase in the sophistication and intensity of oversight means it’s much much harder to hide, and far more likely that anything short of meticulously tech hygiene will put a shady user at risk.

With that in mind, Sam Bankman-Fried’s nearly non-existent records at Alameda look like a feature, not a bug. The lack of concern about accounting for customer and counterparty funds sure sounds like the point of Alameda and FTX was not the business of the business, but whatever else could be hidden in the funds miasma. Consider the latest, via Forbes:

Sam Bankman-Fried and other executives at the now-bankrupt cryptocurrency exchange FTX and defunct sister hedge fund Alameda Research casually joked about misplacing millions of dollars’ worth of digital assets…

In an internal message, Bankman-Fried purportedly said Alameda is “unauditable” [sic], and the investment firm’s brass was simply able to “ballpark” the finances for the hedge fund which once had nearly $40 billion”>nearly $40 billion in assets under management, according to a 43-page interim report by FTX’s new CEO John J. Ray III filed in bankruptcy court.

Alameda and FTX executives “sometimes find” $50 million worth of assets “lying around that we lost track of,” Bankman-Fried allegedly wrote….

FTX let thousands of uncashed deposit checks sit around offices like “junk mail,” approved millions of dollars in expense reports via Emoji on Slack and did not have a comprehensive list of who worked at the exchange when it went under in November, according to the report.

A 2022 internal document suggested Alameda should fudge its numbers for its crypto assets, allegedly saying they should “come up with some numbers? idk.”

Both of SBF’s parents are law professors. His father teaches tax and at least for a bit was involved in FTX. It’s getting less and less conceivable that this off-the-charts inattention to the basic elements of running any business, let alone fabulously fault-intolerant, implosion-prone high volume trading operations, was an accident, as opposed to deliberate, to advance other aims. So was SBF’s real problem that he became too (seemingly) successful, and lost sight of his off ramp? Even if so, SBF is so pathologically unable to admit error that we are unlikely to find out.

_____

1 Yours truly had one, IIRC for a decade, due to having been in Verizon’s DSL trial. It was amusing to have Verizon tech support people go on tilt when they worked out I had a static IP address, which was supposed to be impossible. But unlike Zhong I was not a computer expert in need of covering my tracks.