Bitcoin is a pain to spend. It is energy-guzzling, perilously slow and, with the prospect of dazzling returns (at least until recently), perhaps best to HODL ‘til you retire. But Bitcoin can count at least one group of spendthrifts among its users: Russian hackers accused of hacking in the 2016 election.
According to an indictment released Friday by the DOJ, the Russian intelligence officers who orchestrated the 2016 hacks of the Democratic National Committee and Clinton campaign funded their operation using $95,000 worth of Bitcoin and other cryptocurrencies. The hackers allegedly used the funds to purchase the domains, servers, and accounts involved in obtaining and disseminating the stolen materials. Charging “conspiracy to launder money,” the indictment states the arrangement allowed the hackers to “avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds.”
Bitcoin, however, is not necessarily the most obvious choice for those looking to conceal their transactions. While pseudonymous, payments on the Bitcoin blockchain are far from untraceable, a fact that has inspired competing currencies marketed to true privacy hounds, such as Zcash and Monero. Yet it remains the workhorse of hackers for a simple reason: Bitcoin is, compared to competitors, a breeze to spend around the world.
“The payments of goods and services are going to take place in the most liquid and easy to use environment. Right now that’s Bitcoin, and it’s going to be for a long time,” says Jonathan Levin, co-founder and COO of Chainalysis. The company’s software, which traces connections between entities on the Bitcoin blockchain to detect fraud and money laundering, has been used by agencies including the DOJ to conduct cybercrime investigations.
While Levin couldn’t confirm whether Chainalysis software was involved in the current investigation, blockchain analysis typically focuses on intermediaries such as the exchanges that facilitate cryptocurrency purchases. Those exchanges, which are subject to anti-money laundering regulations, can act as a link to forms of real-world identification, like addresses and bank accounts.
The indictment says that the hackers took additional steps to conceal their tracks, purchasing Bitcoin using prepaid cards and via peer-to-peer exchanges, which facilitate direct transactions between individuals, often unsurveilled. According to the indictment, they also mined their own Bitcoin, using those freshly minted funds to purchase the DCLeaks.com domain, which disseminated the stolen materials, as well as the tools used in the spearfishing campaigns.
“This is a good case in point showing that the types of cases cryptocurrency touches has broadened to the full spectrum between local crimes and national security issues,” says Levin. Increasingly, investigators in the US are catching on. On Wednesday, President Trump signed an executive order forming a Task Force on Market Integrity and Consumer Fraud—which focuses on digital currency fraud and money laundering—to coordinate investigations across federal agencies.