Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
On June 7, the United States Justice Department and the Federal Bureau of Investigation (FBI) announced the ârecoveryâ of 63.70 bitcoin from the funds Colonial Pipeline sent to the hackers. The official story has a number of inconsistencies and federal investigators did not disclose how the FBI was able to confiscate the Darkside gangâs private key.
Darkside Ransomware Gang Story Loaded With Discrepancies and a Vague Bitcoin Key Capture
The cryptocurrency space has been discussing the recent law enforcement capture of 63.7 BTC or $2.3 million worth of bitcoin at the time of seizure. There have been issues with the way the story has unfolded and people are skeptical of the official story. Bitcoin.com News reported on Monday, how the Justice Department and Deputy Attorney General Lisa Monaco revealed the seizure story. Monaco detailed that federal authorities had âturned the tables on Darkside.â
But from the very moment this story broke by a number of mainstream media outlets, there were a few discrepancies. The first was whether or not the U.S. government advised Colonial Pipeline to oblige the ransomware demands or specifically told the company to pay. If the government did tell the business to pay Darkside then it would contradict the governmentâs stance toward not paying ransomware hackers.
The criminals used a "Payment Server" that was easily tracked by the FBI and their physical cloud server was just found and searched for a password.
This had nothing to do with #Bitcoin itself.https://t.co/AmJsHXJRha
â Documenting Bitcoin đ (@DocumentingBTC) June 8, 2021
Another issue with the original story is when CNN originally reported on the hack, the news outlet claimed the oil company wasnât intending to pay the ransom. According to Bloomberg, shortly after, Colonial Pipeline did pay nearly $5 million to the ransomware gang Darkside.
Besides the two contradicting elements in both CNN and Bloombergâs stories, the articles also noted differences with the digital currency used. CNN originally reported that the payment was demanded to be paid in âbitcoin,â while Bloomberg wrote Darkside asked for âdifficult-to-traceâ cryptocurrencies. CNNâs article was updated after Bloombergâs article published to reflect the same narrative.
Then thereâs the fact that it is impossible to crack a bitcoin (BTC) key without forcing the owner to reveal the private key. This is a constant theme on Twitter, as the crypto community discusses the situation of how the FBI agent obtained the private key. The storyâs affidavit filed on June 7, 2021, explains how law enforcement leveraged âblockchain explorersâ to trace the coins. But other than that the affidavit is extremely vague and contains lots of redactions.
The report published yesterday on Bitcoin.com News explains that executives from Blockchain Intelligence Group (CSE: BIGG) highlight that law enforcement was dependent on âtraining and analysis [that] requires advanced tools and learningâ Other blockchain surveillance companies also followed the ransomware coins as Elliptic recently wrote about following Darkside funds.
So far between all the comments from Monaco, the Justice Department, the FBI agentâs affidavit, and comments from a few blockchain analysis teams, there are no dots that are deeply connected to how the FBI obtained ownership of the private key now in possession.
Crypto Sleuths Discover Hackers Stored Data on the Cloud, Feds Obtain Cloud Server Password via Warrant
A report published by NPR discloses three possible scenarios. One possibility, NPRâs Vanessa Romo notes is that maybe the federal agents were tipped off by an insider in the Darkside gang. The second theory is that Darkside was âcarelessâ or a member of the gang slipped by releasing information tied to the key.
Another theory could be that the FBI was able to shakedown a third party or possibly a cryptocurrency exchange. Some people even openly attacked bitcoinâs âkey selling pointsâ that it was supposed to be âbeyond the reach of the government.â
Something seems weird about this whole case. Was the BTC sent to an exchange?
â Rick McCracken DIGI (@RichardMcCrackn) June 8, 2021
The lawyer Jake Chervinsky who often comments on the blockchain and crypto space regularly said: âWe donât know exactly how FBI seized the Colonial Pipeline ransom [and] theyâre not telling us. The warrant application suggests they got the private key. Maybe from the DarkSide server seizure? Thereâs no suggestion that an exchange or custodian was involved, but thatâs possible.â
Independent journalist Jordan Schachtel gave his opinion about the situation on Twitter and told his 123,000 followers that the âFBI did not âhack backâ a bitcoin wallet, despite claims that they did. Itâs mathematically impossible to hack private keys.â Schachtel continued:
[There is] no evidence of Russian involvement. This was all entirely avoidable if Colonial had basic security measures in place. I think itâs fair to say that it is currently impossible to hack private keys. Improbable is not strong enough language to demonstrate how unlikely it is to retain a private key through computing power. Quantum is still very much a theoretical threat.
Schachtel and many others also discovered the warrant that does indicate the U.S. government obtained the key by leveraging a warrant. The journalist said that it was possibly an exchange based in San Fransico or a database server based in the state of California.
Ransom hackers
used a rented cloud server.
FBI got a subpoena to take control of the rented server
and recover half of the total 75 #btc
The FBI didnât âcrack Bitcoin.â
They got the wallet encryption key (password) from the server. pic.twitter.com/WwHTRjiHod
â Amy Snow (@helloamysnow) June 8, 2021
The CSO at Coinbase, Philip Martin, said he saw a lot of accusations pointing at Coinbase as possibly being âinvolvedâ with the seizure. Martin and Coinbase insist that âCoinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet.â
The election attorney, litigator, and bitcoin practice group leader, Bryan Jacoutot, reiterated the fact that bitcoin private keys cannot be âhacked.â
âFor those of you who think the US govât cracked SHA-256 and correctly guessed the private key of the Colonial Pipeline hackers,â Jacoutot said. âHereâs a fun fact: The size of bitcoinâs private key space is 10^77. For comparison, the amount of *atoms* in the observable universe is 10^80.â
A Twitter account called âCthulhuâ mentioned it could be a false flag and said:
So either the FBI were the hackers of the Colonial Pipeline or they donât need a key to get anyoneâs BTC. LOL. I donât think too much thought went into doing this false flag.
âThe FBI either was given the private keys or they stole them,â another individual dubbed Kingt Crypto remarked on Monday. The fact is the FBI didnât crack a bitcoin wallet. No one can crack a secure bitcoin wallet. The FBI obtained the private keys to the Darkside funds via getting an encryption key to a cloud server by obtaining a warrant issued in San Fransico.
Currently, as the story continues to trend across the web, there are lots of skeptics questioning the âofficialâ tale told by the U.S. government.
Do you believe the federal governmentâs official story about the Colonial Pipeline bitcoin ransomware case? Let us know what you think about this subject in the comments section below.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.