How Russian spies hid behind Bitcoin in the hacking campaign



[ad_1]

SAN FRANCISCO – At the beginning of 2016, Russian intelligence agents obtained a new Bitcoin virtual currency pool. They quickly put digital money to work.

Russian spies used some of the Bitcoins to pay for the registration of a website, dcleaks.com, in which they later posted stolen emails to Hillary Clinton's presidential campaign . When the agents needed a computer server to host the site dcleaks, they also paid for it with Bitcoins.

The transactions were detailed in an indictment of the Ministry of Justice, in which prosecutors accused 12 Russian agents of interfering in the 2016 presidential campaign through a sophisticated hacking system.

The indictment provided one of the clearest illustrations to date of the internal workings of the Russian operation that carried out the hacking of the Democratic Party and other targets. He also showed how crypto-currencies – and the anonymity they provide – have become both a tool and a challenge for intelligence agencies in interstate battles

"This is the first clear example of cryptocurrency. "said Jonathan Levin, co-founder of Chainalysis, a company that helps governments track cryptocurrency payments.

Financial transactions were one of the The most delicate parts of intelligence operations because electronic payment networks and controls are generally forbidden to undercover spies.This led to famous scenes of hidden exchanges of suitcases full of money. [19659002] The Bitcoin network allows anyone to move millions of dollars around the world without any meetings in person, and without the approval of financial institutions.Released in 2009 by its creator my Serious, Satoshi Nakamoto, Bitcoin was designed to work without any central authority that could block transactions or verify the identity of the people involved.

When the price of Bitcoin increased the price of drugs. Last year, many major financial institutions took interest in virtual currency as a new type of investment and sought to remove it from its unsavory badociations. Although the Russians accused of attacking Mrs. Clinton 's campaign also used traditional currency, the indictment said that they had "mainly used Bitcoin at the time of l'. purchase of servers, domain registration and other payments in "

Bitcoin, adds the indictment," allowed the conspirators to avoid relationships direct with traditional financial institutions, allowing them to escape a closer scrutiny of their identities and their sources of funding. "

Steps to obscure their Bitcoin transactions, according to the act of d & # 39; They have bought bitcoins on so-called "peer-to-peer" exchanges, where buyers and sellers can interact directly without exchanging information on either side

The Russians have also created Bitcoins themselves. With mining, the computers rivals to unlock new Bitcoins by solving difficult computing problems. This requires expensive equipment and a lot of electricity, but apparently it was not an obstacle for the Russians.

Operators used Bitcoins to pay much of the IT infrastructure used in hacking attacks, according to the indictment. This included payments for a server in Malaysia that hosted dcleaks.com, and the money sent to a Romanian company that registered the domain name.

In March 2016, according to the indictment, the Russians also used Bitcoin to buy a virtual server. private network account that allowed them to obscure their internet protocol address and location when they went online. They used this VPN account to manage a Twitter account known as Guccifer_2, which became infamous after posting stolen emails to the Democratic National Committee and Clinton campaign president John D. Podesta

. Bitcoin to pay for the servers from which they launched malicious software campaigns and "spearphishing" attacks against the Democratic National Committee, according to the indictment. In these attacks, he said, Russian agents took control of the e-mail accounts of US officials.

US investigators were able to use the blockchain to go back and identify some of the transactions made by Russian agents. But it was not enough to stop them from trading at that time.

"The fact that cryptocurrencies are global and real-time means that you might only know these things after the fact," Levin said. "We need to think about the responsibilities we all have in a world where payments cross borders in the blink of an eye."

Follow Nathaniel Popper and Matthew Rosenberg on Twitter: @nathanielpopper and @AllMattNYT .

Nathaniel Popper reported from San Francisco, and Matthew Rosenberg from Washington.

[ad_2]
Source link