|
Reality is often more exciting than movies and TV shows.
In May, the Internet hacker criminal organization DarkSide competed with the FBI (Federal Bureau of Investigation), which temporarily paralyzed the oil supply in the eastern United States. This most socially destructive cyber attack in American history came to a temporary end with the FBI's victory.
On June 8, the FBI recovered 63.7 bitcoins in ransom from Colonial Pipeline, the largest fuel pipeline company in the United States. It is understood that due to the volatility of bitcoin prices, bitcoin prices continued to plummet in May. The 75 bitcoins paid to the "dark side" organization, which was equivalent to $4.4 million, were halved in price when they were recovered. These 63.7 bitcoins are now equivalent to $2.3 million.
Affected by the news, the crypto market plummeted again. As of the time of writing, Bitcoin, Ethereum and other currencies have plummeted by more than 10%, with Bitcoin falling below $33,000.
US FBI VS "Dark Side" Hacker Group
On May 7, 2021, Cologne discovered that its network system had been attacked by a hacker group. Affected by the hacker attack, Cologne was forced to urgently shut down about 5,500 miles of fuel pipelines and suspended fuel supply to the east coast of the United States. The hacker attack caused Cologne to stop oil supply for more than 10 days, causing an oil panic in the eastern United States and a surge in global oil prices, causing huge economic losses.
According to foreign media reports, in an emergency, Cologne received a blackmail demand from hackers to "pay $4.4 million in Bitcoin." Cologne's CEO Blunt said that this was "the right thing to do for the country," and Cologne, which was forced to unblock the app, had to pay the corresponding value of Bitcoin as required.
Although the oil pipeline resumed operation soon after the ransom was paid, the FBI has been secretly investigating where the Bitcoin ransom went. The FBI investigation confirmed that the extortion came from the Internet hacker group "DarkSide". Through the FBI's on-chain tracing, the attackers transferred the Bitcoin ransom to more than 20 on-chain addresses for "money laundering" after receiving it.
FBI Deputy Director Paul Abate publicly introduced that the FBI tracked down a virtual currency wallet of the DarkSide organization and used technical means to recover 63.7 bitcoins. According to FBI investigators, the DarkSide organization has extorted more than tens of millions of dollars in the past year, and more than 90 companies have been extorted by it.
Wang Haifeng, a senior researcher at OKLink Research Institute, analyzed to our reporter that during the investigation, investigators tracked Bitcoin through the public ledger of cryptocurrency, and identified the cryptocurrency wallets used by the hacker group to receive payments. Eventually, the FBI obtained the private key of the wallet.
"Since the disclosure did not involve more detailed information, we have no idea how the FBI obtained the private key. But we can still obtain some valuable information from public information: for example, investigators tracked the bitcoins involved and identified the addresses used by hackers to receive payments by [retrieving transaction records from the public ledger of cryptocurrencies]. These operations mean that investigators and relevant departments have a deeper understanding of the regulation of Bitcoin and can use technical means to counter cryptocurrency-related crimes." Wang Haifeng analyzed.
It is reported that after being investigated by the FBI in mid-May, the DarkSide organization announced that it had ceased operations. At that time, security experts warned that Internet hacker criminal gangs often changed their names and continued to commit crimes.
The attack by the DarkSide organization also attracted the attention of US President Biden. On May 10, Biden publicly stated: "So far, our intelligence personnel have no evidence that Russia is involved in this matter, but there is evidence that the ransomware of the agency is in Russia, and they have the responsibility to deal with it."
US President Biden and Russian President Vladimir Putin had previously scheduled a meeting in Geneva on June 16, 2021. Biden said: "He will discuss the situation with Russian President Vladimir Putin."
White House press secretary Jen Psaki said: "The president's message is that responsible countries do not harbor ransomware criminals, and responsible countries must take decisive action against these ransomware networks."
In addition, the United States has also emphasized that American organizations should strengthen their senior security posture. On June 2, US National Security Advisor Newberg pointed out that all organizations must realize that no company is immune to ransomware attacks, regardless of its size or location. In order to understand the risks, corporate executives should immediately convene the leadership team to discuss the ransomware threat and review the company's security posture and business continuity plan.
In recent years, the global fight against virtual currency money laundering has been intensified. Money laundering and extortion crimes using virtual currencies such as Bitcoin have long become the focus of international attention. The number of virtual currency money laundering crimes is increasing worldwide.
According to statistics from Tencent Security Strategy Research Institute, there were 25 domestic money laundering cases related to virtual currencies published by the Judgment Documents Network in 2019, 84 cases in 2020, and 29 cases in the first quarter of 2021, exceeding the number for the whole year of 2019. Compared with 2019, the number of Bitcoin addresses that transferred illegal funds in 2020 increased, and the proportion of each transaction with a value of tens of millions or even hundreds of millions of dollars also increased. In other words, billions of dollars of illegal funds were transferred to Bitcoin addresses each year in 2019 and 2020. Image source: Chainalysis 2021 Crypto Crime Report
According to a previous report by China Times, the crypto market was specifically analyzed at the G20 summit held in Buenos Aires, Argentina in 2018. On the one hand, cryptocurrencies are regulated according to the Financial Action Task Force on Money Laundering (FATF) standards, and crypto assets used for anti-money laundering and combating terrorist financing are regulated according to FATF standards; on the other hand, the issue of digital currency taxation is also a focus.
It is understood that the Financial Action Task Force on Money Laundering is an intergovernmental international organization established in Paris in 1989 by the G7 Group to specifically study the dangers of money laundering, prevent money laundering and coordinate international anti-money laundering actions. It is currently one of the most influential and authoritative international organizations in the world in the field of international anti-money laundering and counter-terrorist financing.
According to the "FATF Recommendations: International Standards on Combating Money Laundering, Terrorist Financing and Proliferation Financing" updated by FATF in June 2019, countries should require virtual asset providers to identify, assess and take effective actions to reduce their money laundering and terrorist financing risks, providing a set of effective regulatory recommendations for crypto assets and crypto asset providers.
Currently, countries with relatively active cryptocurrencies, including the United States, Canada, South Korea, and Hong Kong, China, are implementing more extensive virtual currency supervision in response to FATF regulations to varying degrees.
China is also stepping up its crackdown on money laundering using virtual currencies. A message posted on the website of the Central People's Government of the People's Republic of China pointed out that "according to the important deployment requirements of the Party Central Committee and the State Council on anti-money laundering work, the Supreme People's Procuratorate and the People's Bank of China have fully exerted their departmental functions, focused on strengthening coordination and cooperation, and effectively cracked down on various types of money laundering crimes and severely punished a number of criminals in accordance with the law."
In a press conference on the joint release of typical cases of combating money laundering crimes by the heads of the Fourth Procuratorate of the Supreme People's Procuratorate and the Anti-Money Laundering Bureau of the People's Bank of China, the heads mentioned the money laundering methods of various upstream crimes, including organized crime of a mafia nature, illegal fund-raising crimes, corruption and bribery crimes, drug crimes, etc., fully revealing the common methods of money laundering crimes under different upstream crimes as well as new criminal methods such as using virtual currency to launder money.
Wang Haifeng told our reporter that in the investigation of virtual currency money laundering transactions, since Bitcoin transactions are public, the transfer between Bitcoin wallets can be queried through the block browser, which also provides convenience for regulators to track certain specific transactions. At the same time, the industry has emerged with tools similar to OKLink's SkyEye, which monitors cryptocurrency transactions through blockchain + big data and helps law enforcement officers handle related cases. The FBI's ransom recovery incident also proves that more comprehensive and in-depth supervision of cryptocurrencies through technical means is a feasible path and one of the future development directions of the industry.
In addition to using virtual currencies to launder money and extort money, national hacker groups also pay special attention to the virtual currency market. Recently, Tesla CEO Musk received threats from a hacker group because of his change in attitude from positive to negative towards Bitcoin.
On June 5, a Twitter account with the ID "Anonymous" posted a video in which a masked man with a changed voice said he was speaking on behalf of "Anonymous," making threatening remarks such as "Hundreds of investors hope to improve their lives through cryptocurrency investments. They certainly have to bear investment risks. Everyone knows that cryptocurrencies are volatile, but your tweets this week show that you don't care about the lives of ordinary working-class people at all," and "You may think you are the smartest, but now you have met an opponent. We are the 'Anonymous' organization, we are numerous, just wait!"
However, foreign media reported on June 8 that "Anonymous" denied any involvement in the production of the video threatening Musk, and that the video was recorded and released by an imposter.
|
