The FBI likely exploited sloppy password storage to seize Colonial Pipeline bitcoin ransom

1 week ago 25

The seal of the F.B.I. hangs successful the Flag Room astatine the bureau's headquarters.

Chip Somodevilla | Getty Images

The FBI's breach of a bitcoin wallet held by the cyber criminals who attacked Colonial Pipeline is each astir sloppy storage, and not a reflection of a information vulnerability successful the integer currency, crypto experts told CNBC.

On Monday, the Justice Department reported a palmy ngo to retrieve $2.3 cardinal successful bitcoin paid by Colonial Pipeline to ransomware hackers successful April. Court documents indicated that investigators traced bitcoin transaction records to a integer wallet, which they subsequently seized nether tribunal order. Officials were past capable to entree that wallet with thing called a "private key," oregon password. 

It remains unclear however precisely the FBI retrieved the key. 

"I don't privation to springiness up our tradecraft successful lawsuit we privation to usage this again for aboriginal endeavors," Elvis Chan, an adjunct peculiar cause with the FBI's San Francisco office, said successful a quality telephone Monday.

How the FBI apt seized bitcoin

Until the FBI is much transparent with its methods, it's not imaginable to cognize precisely however national investigators managed to retrieve the backstage cardinal successful question. But determination are a fewer imaginable scenarios. 

DarkSide, the cyber transgression pack that targeted Colonial, reportedly utilized a payment server to cod the funds. A centralized level similar this is comparatively casual for the FBI to track. 

"Following the wealth remains 1 of the astir basic, yet powerful, tools we have," said Deputy Attorney General Lisa O. Monaco successful a connection connected Monday.

"Because these transnational, organized transgression groups are facilitating these payments successful cryptocurrency, and due to the fact that of the transparency and traceability that cryptocurrency provides, you tin really much efficaciously travel the wealth and perchance mitigate and apprehension illicit enactment wrong this ecosystem, than you tin with accepted concern and fiat currencies and payments," explained Jesse Spiro, Global Head of Policy for Chainalysis, a institution that provides blockchain forensic and investigative services to backstage assemblage companies, including crypto exchanges.

When a ransomware-related outgo is made, Chainalysis is really capable to nutrient and make what Spiro characterizes arsenic "unprecedented quality and accusation successful narration to the proviso chain."

Chainalysis was not capable to talk to immoderate specifics connected the Colonial investigation.

Once the FBI had that wallet successful hand, it's highly improbable they broke thing called the "Elliptic Curve Digital Signature Algorithm," which is however the integer currency ensures that bitcoin tin lone beryllium spent by the rightful owner.

"In fact, that is truthful far-fetched, arsenic to beryllium impossible," said Nic Carter, founding spouse astatine Castle Island Ventures.

What's overmuch much likely, according to Carter, is that they were capable to entree a server wherever the hackers stored backstage cardinal information. That points not to immoderate cardinal flaw successful bitcoin's security, but alternatively a lawsuit of atrocious IT hygiene for a transgression organization. 

Just instrumentality the 2014 hack of Mt. Gox, erstwhile the starring bitcoin exchange. It was the archetypal high-profile hack successful cryptocurrency history. The speech filed for bankruptcy and mislaid 750,000 of its users' bitcoins, positive 100,000 of its own. 

"Bitcoin itself functioned perfectly, but what functioned imperfectly was their strategy of storing your backstage keys," explained Carter.

This is wherefore immoderate cyber criminals instrumentality their coins offline to acold storage, successful bid to insulate nefariously earned tokens from the authorities and instrumentality enforcement. 

"If you privation to store your coins genuinely extracurricular of the scope of the state, you tin conscionable clasp those backstage keys directly. That's the equivalent of burying a barroom of golden successful your backyard," said Carter.  

Setting a bully precedent

One erstwhile president of the U.S. Commodity Futures Trading Commission thinks the FBI breaking into the crypto wallet of a cyber transgression really sets a bully precedent for acceptance of cryptocurrency. 

"It proves that the bitcoin blockchain is not hostile crushed for instrumentality enforcement," said Chris Giancarlo. "It proves that it is not a cleanable instrumentality for transgression activity."

Mati Greenspan, portfolio manager and Quantum Economics founder, agrees that the breach bodes good for bitcoin. 

"Many marketplace participants, myself included, were expecting President Joe Biden to usage crypto arsenic a scapegoat for the hack and to travel retired with crushing reforms," said Greenspan. "Instead, they were clued successful to what we already knew: That it is easier for authorities to drawback criminals who usage crypto than thing else."

Carter besides appeared unfazed. "We've seen these kinds of seizures before, and I'm definite we'll proceed to."

Despite the communal stereotype, there's nary information to bespeak that criminals disproportionately usage cryptocurrencies similar bitcoin. In fact, Chainalysis estimates that little than 1% of cryptos are utilized for illicit purposes.