The selling of this bitcoin is, by far, the least interesting part of the saga.
The govt's seizure, the dude who had his bitcoin seized, and why it even got seized in the first place is full of so many amazing, hysterical, enraging gems.
Now obviously youre wondering, "damn. how'd he get caught?"
And, well, considering he signed a message using his 60k BTC key and posted it to bitcointalk... 🙈
A better question though is *why* did he get caught? Like, who cares that someone hacked Silk Road back in 2012????
Turns out the govt cares. They *really* care. But not about lil Jimmy. Nope.
Govt cares bc it would look *really* bad if corrupt federal agents who were investigating Silk Road in 2013 still had a $3b stash of BTC that the (less corrupt) investigation in 2015 missed. 😬
I know—that last tweet was a doozy. Let's back up. You need some more context so you can appreciate what's happening here.
If we rewind even further back to 2011, Adrian Chen of Gawker infamy discovered the Silk Road and wrote about it.
In response, Sens. Charles Schumer of New York and Joe Manchin of West Virginia stood up on their high horses and demanded, loudly, that the DOJ and DEA 'shut down this shit down immediately!!!!!'
Naturally, due to the huge number of federal cooks in the kitchen + the newness of Bitcoin + the fact being a federal law enforcement agent does preclude you from being a lying, stealing, scheming, greedy bastard...it didnt go super well.
And remember how I told you earlier that James hacked the Silk Road in late-2012 via a super basic race condition?
Silk Road was also hacked in *early*-2012 by a still unidentified " Individual X " using the exact same method. (That ~$1 billion worth of BTC was similarly seized in November 2020.)
This isnt a conspiracy theory. These feds—Shaun Bridges and Carl Mark Force IV—were both busted after Katie Haun (then prosecutor @ NDCA) + Tigran Gambaryan (then investigator @ IRS-CI) got a tip from....Bitstamp. 🤡
The depth of fraud is really something else. The various filings are worth reading in full. These guys—who were not working together—were so fucking independently disgustingly dirty.
And Corrupt Bro #1, Bridges, *after* being arrested and pleading, RE-STOLE THE FUNDS THAT HAD TECHNICALLY (but not literally) SEIZED **TWICE** by then.
Sidenote: It is truly appalling that Ross got the literal book thrown at him, will never be released, and these guys got half a slap on the wrist.
Especially considering not one word of this corrupt shitshow was allowed in Ross's trial. 😨 #freeross
And that's the story of how the govt came to be in a position to dump piles of BTC via Coinbase today.
They knew there was unaccounted for BTC that had been stolen from SR.
They knew who stole repeatedly from SR before.
And those agents were about to be released.
🤡
But more importantly, its why the small handful of folks in the govt who actually know Bitcoin—the same ones who took down the corrupt agents, Alpha Bay, BTC-E, Welcome 2 Video, etc.—went from working those cases to working random, long-forgotten-about Silk Road hacks and stuff.
At some point prior to July 2024 the actual hackers landed a backdoor onto something that gave them some access to the WazirX multisig signers and/or their signatures.
We don't know what or who was compromised and it doesn't really matter.
Initial toehold was likely gained by tricking someone at WazirX or Liminal into installing malware -> escalated from there.
This access allowed the hackers to intercept/insert invisible, malicious payloads for signing in a way where none of the 3+ signers were able to notice.
With the recent sophisticated hacks fresh on everyone's mind, there's been a lot of talk about ✨fancy stacks and setups.✨
Yes, you should evaluate how—and with what—you sign txns.
But building a custom UI for your LAN Qubes OS AWS KMS everyday is not really the answer 😅
Background on the referenced hacks (feel free to skip):
1. Funds were stolen from each org's multisig.
2. Keys themselves were not compromised.
3. In Radiant and WazirX and maybe DMM, the keys backing the multisig were actually only on hardware wallets + actually controlled by distinct parties.
DMM Bitcoin - $305m in May
The least amt is known about DMM, including whether keys were cold vs hot. Early theories said address poisoning. It def wasn't that. Attached is rampant speculation (likely all wrong)
See also: x.com/mononautical/s…
Also, note, any organization that can implement / enforce EDR, etc. should do so. Full stop. End of conversation.
However, the crypto industry generally considers this a non-starter for all sorts of philosophical + practical reasons.
Crypto folks (hopefully) already know that Lazarus is one of the most prevalent threat actors targeting this industry.
They rekt more people, companies, protocols than anyone else.
But it's good to know exactly how they get in. Bc another smart contract audit won't save you.
For example, one long-time fave method:
- Contact employee via social/messaging app
- Direct them to a Github for a job offer, "skills test," or to help with a bug
- Rekt individual's device
- Gain entry to company's AWS
- Rekt company (and their users)