How Criminals Can “Launder” Income Through Bitcoin
At the end of April, a Russian citizen, Roman Sterlingov, was arrested in the United States. He is being held as a suspect in a Bitcoin money laundering case. The Americans believe that Sterlingov is behind the creation and operation of the Bitcoin Fog cryptocurrency mixing service, with which criminals can cover up traces of bitcoin transactions.
Previously, we’ve talked about how miners are deceived online. You can read more details here.
Today we’ll talk about how cryptocurrency is used for money laundering and what ways exist to anonymize bitcoin wallets for this.
Bitcoin allows you to make anonymous payments. That is, when creating a bitcoin wallet on an underground exchange, you do not need to register it on your passport, as in the case of a bank account. At the same time, the Bitcoin network stores information about all past transactions: when, where and in what amount virtual coins were transferred. And if it is possible in this chain of wallets to somehow light up a trace that can lead to a specific person, all the anonymity of payments through Bitcoin crumbles.
*Note: A good alternative to Bitcoin is the anonymous cryptocurrency Crypton. It is the internal currency of the Utopia decentralized ecosystem that is built on blockchain-powered technology.
This is what happened in the case of Roman Sterlingov. Capitalizing on his mistake, the US Internal Revenue Service, together with other operatives, identified the person who for many years helped others to launder bitcoins and cover up traces of transactions using them. In total, more than a million bitcoins were transferred through Bitcoin Fog —approximately $335 million at the time of the transactions. In addition, coins from the darknet markets and stolen cryptocurrency exchanges fell into this “washing machine.” We will tell you more about how online laundries work, but for now we will return to Sterlingov.
Ten years ago, in 2011, Sterling paid for the hosting of his “laundry” for laundering bitcoins with the help of the now-defunct cryptocurrency Liberty Reserve.
First, on the now-defunct Mt. Gox he exchanged euros for bitcoins, then transferred these bitcoins between several wallets, until he exchanged them on another cryptocurrency exchange for virtual Liberty Reserve coins — and used them to pay for the server for Bitcoin Fog.
The IRS said that the very trace that helped identify Sterlingov was his account on the first exchange in the chain. In this account, ten years ago, the Russian left his home address and phone number, and also indicated a Google account. In its cloud storage, Google Drive found a text document in Russian that described approaches to hiding payments in the Bitcoin system. The rest was already a matter of the usual operational work of US law enforcement.
Each user of the Bitcoin network has a record of the full history of all transactions in the form of a log file. When a user initiates a bitcoin transfer to another wallet, the transfer information is updated in this log. Miners on the Bitcoin network process the log and confirm the transaction.
After confirmation, this transaction is broadcast, so that each node of the network updates the set of confirmed transactions in its database.
Anyone can see the history of all transactions with bitcoin, as well as the current balance of wallets, at any time. And this is an important disadvantage for the use of bitcoin by criminals.
It is necessary to trace the connection of the wallet with illegal activity, as it and its bitcoins are compromised in front of law enforcement. For example, transactions can potentially involve receiving a ransom, selling illegal goods, or ordering a DDoS attack.
You can learn more about DDoS attacks here.
Like cash, transactions in bitcoins do not allow you to uniquely identify the payer or recipient and are irreversible — but only if the careless payer does not leave behind bread crumbs that can be used to reach him, as in the case of Sterlingov.
And for this purpose there are cryptocurrency mixers — “laundries” that launder bitcoins from a dubious history and allow you to cash them in for fiat money without the risk of “burning down” in front of the authorities.
In December 2013, for example, Bitcoin Fog was used to launder 96 thousand bitcoins. Some of them were stolen from the Sheep Marketplace service. This is an anonymous marketplace on the darknet that sold drugs, hacker lotions, and other illegal things. But it closed down before it had worked for a year. The site’s administrators claimed that one of the sellers used a bug in the software to steal virtual money. At that time, these were coins in the equivalent of $6 million.
– How do Bitcoin mixers work, and how do criminals withdraw money through laundered bitcoins?
Researchers from the Netherlands University of Technology and the Ministry of Security and Justice will help explain the entire chain and its performance. In 2018, they set up a practical experiment with mixers and cashing out to find out how criminals can use these services in the darknet.
A typical mode of operation of the mixer is that it provides customers with a newly created bitcoin address, a wallet into which you need to deposit your coins for laundering. Next, the mixer breaks these bitcoins into small pieces and then mixes them with coins from other customers.
It’s like a smoothie, in which many small pieces of fruit are mixed in a blender. So the mixer mixes bitcoins from one wallet with bitcoins from another, giving out a new random batch of bitcoins received from a random address.
Another option for the mixer is to pay out bitcoins from the service’s reserve. When the client sends a certain amount of bitcoins to the mixer, they go to the end of the reserve chain, and the client receives the same amount of bitcoins to the new wallet, but from the beginning of the reserve chain (minus the commission, of course — usually in the amount of 1-3% of the amount). To ensure greater anonymity, payouts are distributed over time, and some element of randomness is introduced in the distribution of amounts. If the mixing was correct, then there will be no connection between the deposited “tainted” bitcoins and the ones received at the output.
Mixing services offer a service to regular customers that ensures that previously deposited corrupted bitcoins will not be accidentally paid to the same customer in the future. After each mixing, the customer is given a number, which can be presented when contacting the mixer again. Thanks to this number, the mixer knows what dirty bitcoins the client deposited and will not give them back.
The researchers from the Netherlands stopped at five mixing services from the darknet, in which they invested a total of 3.5 bitcoins, and received a little less than one bitcoin of output. Three of the five sites turned out to be scams, that accepted but did not return any of the 2.5 bitcoins invested for laundering. Two other mixers took a small commission, up to 1%, and the laundered bitcoins were able to be withdrawn. They could not be traced back to the control wallet that the experimenters used at the very beginning.
Then, they were able to withdraw bitcoins into dollars using PayPal. The necessary account in the system can be purchased on underground markets or generated using a garbage mailbox, which, in turn, can be created in the same anonymous Tor network, which is the gateway to the darknet. There they also had to pay a commission, but this would not stop criminals who seek to cash out their earnings.
During the experiment, the researchers concluded that laundering the proceeds of cybercrime using bitcoin is a convenient and working model for criminal services. Of course, that is only if you pay attention to the reviews on mixers and seriously try to avoid scam services. However, the researchers note that their scheme worked with a small amount of bitcoin. How much it will work in the case of large amounts remains a mystery. There is always a chance that the mixer owner will decide to appropriate thousands or tens of thousands of bitcoins.
From all this, the question arises: how should bitcoin “laundering” be treated from a legal point of view? In many countries its use is not prohibited and it is not regulated, since states do not consider bitcoin a currency.
It is undeniable that some are able to earn money from it. The well-known North Korean group Lazarus is accused of converting the money stolen from banks into cryptocurrency, passing it through several crypto exchanges, hiding their origin, and then converting it back into fiat money and sending it to North Korea.
So far, experts believe that criminals rarely use cryptocurrency to launder large amounts of illegal income. However, they also believe that in the future, the popularity of this method of money laundering will only grow.