Darknetlive

Two Arrested for Conspiring to Launder 119,754 Stolen Bitcoins

Law enforcement arrested two people for conspiring to launder stolen Bitcoin worth approximately $4.5 billion. The Bitcoin had originally been stolen in the 2016 Bitfinex hack.

Police arrested Ilya Lichtenstein and Heather Morgan for allegedly laundering stolen cryptocurrency. According to court documents, the duo laundered the Bitcoin a hacker had stolen after hacking the Bitfinex cryptocurrency exchange in 2016. The hack resulted in the theft of 119,754 Bitcoins which ended up in a Bitcoin wallet controlled by Lichtenstein. Since the hack, Lichtenstein and Morgan allegedly laundered approximately 25,000 of those stolen Bitcoins through a “complicated money laundering process.” The duo reportedly transferred the laundered Bitcoins into “financial accounts” they controlled.

A screenshot of the defendant’s alleged money laundering scheme.

VCE = virtual currency exchange

The original wallet still contained more than 94,000 Bitcoins. After executing search warrants on unspecified “online accounts” owned by Lichtenstein, investigators seized the remaining Bitcoin.

According to court documents, the feds obtained a warrant for an account linked to Lichtenstein’s email address. They managed to decrypt encrypted files stored in the account. The encrypted files contained a list of Bitcoin public addresses and the corresponding private keys. I would like to know how investigators decrypted the files referenced in the complaint.

The criminal complaint alleges that Lichtenstein and Morgan employed numerous sophisticated laundering techniques, including using fictitious identities to set up online accounts; utilizing computer programs to automate transactions, a laundering technique that allows for many transactions to take place in a short period; depositing the stolen funds into accounts at a variety of virtual currency exchanges and darknet markets and then withdrawing the funds, which obfuscates the trail of the transaction history by breaking up the fund flow; converting bitcoin to other forms of virtual currency, including anonymity-enhanced virtual currency (AEC), in practice known as “chain hopping”; and using U.S.-based business accounts to legitimize their banking activity.

A picture of The duo apparently laundered the stolen funds through Alphabay.

The duo apparently laundered the stolen funds through Alphabay.

The darknet market referenced in the Department of Justice announcement is Alphabay. As a part of the conspiracy, Lichtenstein and Morgan allegedly sent the stolen Bitcoin to Alphabay and then withdrew Bitcoin to unhosted addresses.

Feds recovered Bitcoin worth more than $3.6 billion–the largest cryptocurrency seizure to date, according to Chief Jim Lee of IRS-Criminal Investigation (IRS-CI).

A picture of Investigators traced the stolen Bitcoin to at least five other cryptocurrency exchanges.

Investigators traced the stolen Bitcoin to at least five other cryptocurrency exchanges.

Both defendants face charges of conspiracy to commit money laundering and conspiracy to defraud the United States.

The statement of facts contains a lot of interesting information about the alleged laundering conspiracy. I have included the statement of facts and the criminal complaint in both pdf and html formats.

statement of facts: pdf, html

criminal complaint: pdf, html

DoJ Announcement: archive.is, archive.org, .onion


Morgan was involved in cybecrime while in the United States… as a Russian national (why move from Russia to the US, lol?). And then remained in the United States even after the Bitfinex theft. All of this of course is in addition to the obvious mistakes outlined in the statement of facts. There are no shortage of those; it seems as if the laundering scheme was basically Bitcoin “tumbling” with more steps. A failure but better than the reverse laundering seen in this case.

A picture of the well-known rapper Heather Morgan

Although she is a rapper, she is no Nicki Minaj, according to a source.

21 Comments
Do you really want to comment here? not rules
a83de384
71e26f90 Fri, Feb 11, 2022

why didnt they use mixers?? im old alphabay user now on the new one too but i always used mixers on bitcoin EVERYONE was aware to use em when you withdraw because exchanges would flag accounts

4 billion lost to such opsec fucks they cant call themselves hackers

never use bitcoin always use monero only markets like WHM became at the end and how the new Alphabay is

dont launder money if you dont know WHAT THE FUCK youre doing

da116300
924c6e10 Fri, Feb 11, 2022

i second the advice! i fuckin wish markets werent such extortionists when it comes to fees ASAP almost 8% dark0de charged me twice as customer on both orders i did like wtf happened? all markets charging stupid fees we need more markets to go the old way like the new alphabay is lowest withdraw fees ive seen on a market yet

Only need dream to come back and make it a party fuck these new markets

c176c3c6
8e0b72c0 Fri, Feb 11, 2022

There’s no amount of money that can buy you a brain, no hacker that can escape a westernized government that wants them, no Bitcoin wallet that doesn’t have a block chain trail and no government that can crack Monero…

even if you use a remote node, you’ve got a better chance of winning the Mega Millions than getting caught… but, last time I checked McDonalds doesn’t accept Monero if you know what I’m sayin… no tasty Big Mac unless you’re basically a genius to launder that kind of money and get away with it… there are plenty of them
out there and we will never know their names…

All it takes is one fuck up to start rattling that dirty plastic cup against those shitty rusty bars for a long, long time. The IRS is about their paper, their pursuit of those sweet government bucks is the essence upon which our insignificant existences depend upon, to maintain order in a world of savages… How much money does a man or women need? Bitcoin real estate, I found the seed to a million dollar Monero...

c2fec21e
883aac80 Sat, Feb 12, 2022

Holy fuck this is brilliant! If you dont write books, you should….

e4daaf4d
2ca18930 Sat, Feb 12, 2022

For the people not familiar with this case, they DID use mixers. They didn’t just use mixers, they also hopped back and forth between bitcoin and Monero. The feds have some new method of tracking we aren’t familiar with. But if the details trickling in about this story checks out down the line, it might be time to start worrying because even privacy coins like Monero can now be tracked.

933e60e8
a1f701d0 Sat, Feb 12, 2022

Or maybe they got sloppy on the off ramp. They made obvious lies about how they get their money, multiple exchanges noticed, and they get flagged. IRS follows a trail of partially mixed BTC to accounts at VCE 4, which were frozen for ignoring KYC requests. IRS gets a search warrant, find the spreadsheet with every single wallet’s private keys, and connect the dots.
Rule 0 of money laundering is to mix dirty money with clean to make it all look legit. Their accounts only got dirty bitcoin from mixers, and exchanges + IRS saw through it real quick. Instead of wasting 1000 hours mixing bitcoin, should have just used monero and spent 999 hours on a damn good explanation for where it came from. Not that I know how to launder 4 billion worth of BTC, but anything must be better than this.

617f5b4c
3fba9400 Thu, Feb 17, 2022

Very much doubt they have a way to track XMR transactions, but even if they did, they’ll never let us know. They’ll use parallel construction to obscure it, or as in this case they’ll just say pretty much what 933e60e8 said. They traced the bitcoin transactions through the data they obtained from taking over alphabay, down to the suspects accounts, and then additional transactions from those accounts back up to discover VCE4. I’m not saying safely laundering this amount of BTC is really achievable, but even so, this is not how to fucking do it, Christ.

e6368d67
a5f01ce0 Sat, Feb 12, 2022

notice the feds didn’t charge for the actual hacking of the bitcoin.

6ba59be0
2b13df80 Sat, Feb 12, 2022

Isn’t XMRs market cap under the amount of BTC they were trying to exchange? They should have moved to El Salvador.

bb03f59d
efc78e20 Sun, Feb 13, 2022

Gone to re-education camp, be back soon. Go Rams

25ea1fda
cc8132f0 Sun, Feb 13, 2022

I don’t get it. It looks like every monero wallet they used was on an exchange? That can’t be right. If a monero wallet is on the account of an exchange, can’t they monitor everything in and out? Wouldn’t that be like, really, really stupid?

ae8667e7
3a4663f0 Mon, Feb 14, 2022

Just wait until you findout how the entire cryptocurrency ecosystem works. Everyone has to payout eventually.

DNL is a punkass bitch. I’m open, come get it bitch. Port 80/443. Come get it bitch.

2536dd5d
be7c61e0 Mon, Feb 14, 2022

Well of course that begs the question of which account you are dealing with, typically if you’re bank account is associated with a dirty Bitcoin address, you’re responsible those Bitcoins simple as that… Monero is not Bitcoin now is it? No and we have to go on Google and YouTube to understand don’t we?

e54a94bf
3b7fcce0 Tue, Feb 15, 2022

“lichtenstein” ofc it has to be a Jahudi lel

No front though, I am just a bit puzzled he was caught. Probably a half-jewish mystery meat.

285a9b9e
0b93c930 Sat, Feb 19, 2022

Just like always, bunch of know it all shit talkers using the comments section as their own ego inflation platform. Hating ass psychic vampires. Introduce yourself to law of probability maybe? Obviously snitched on. Gfys

53adccb7
3f85f600 Mon, Feb 21, 2022

Okay smartasses, what would you do to launder 0.1% of what they had?

ed67de6d
925748d0 Tue, Feb 22, 2022

Unless you are completely daft, you setup an online crypto-casino and launder it that way. Base it in a tax haven such as Panama….oh wait, that might not be the best place

148923b0
e5aca2c0 Sun, Feb 27, 2022

HAHAHAHAHAHAHAHA. DUMB FUCKS!!!

0e567d92
37189970 Sun, Feb 27, 2022

HAHAHAHAHAHA DUMB F’S….. IF, NO NO WORDS ARE BLOCKED FROM BEING POSTED….

a90665d3
70927b30 Mon, Feb 28, 2022

Hello! Can any one send some BTC or USDT to my wallet address… I’m in bad need…. I’m surviving in Kiev…. Nothing to say anymore everyone knows whats going on in our land!
BTC deposit address (3DQ1N8Y8N8MmDHCg71keBi9TnKmi85cDh4)
TRC20 USDT deposit address (TQv8nyaGu4uALSTyP5gXYPweLwPEsVMHRo)

63be14f7
32bd76d0 Fri, Mar 4, 2022

(((stein)))

New comments are disabled after one month in an attempt to limit spam.