How Bitcoin fueled Russian hacks

Using bitcoin allowed the hackers to “avoid direct relationships with traditional financial institutions” such as banks that would have had stronger controls against money laundering, the indictment said. Still, since all bitcoin transactions are recorded on the blockchain—the distributed ledger technology that provides the backbone for the cryptocurrency system—U.S. investigators were ultimately able to link the transactions to the Russian government.

“These allegations make clear that even where hackers use fake names and multiple accounts, blockchain technology allows law enforcement to follow the money in a way that would never be possible with cash,” said Jason Weinstein, a partner at Steptoe and Johnson and former senior Justice Department official.

Law enforcement and financial regulators have pursued money laundering in cryptocurrencies in recent years, in some instances filing criminal charges and issuing multimillion-dollar fines. The crackdown accelerated with the 2013 shutdown of Silk Road, an online black market where customers could exchange cryptocurrency for illicit drugs.

Bitcoin and other cryptocurrencies were designed at least in part to mimic in a digital setting the anonymity of cash transactions. Anybody can download and run bitcoin’s software. That gives the user access to a digital wallet, identified only by a random, unique alphanumeric string, for holding or trading bitcoin.

“You can see the address that’s associated with that virtual currency, but not whose name is attached to that address,” said Carlton Greene, former chief counsel for the Treasury Department’s Financial Crimes Enforcement Network.

Unlike a bank account, the user of such a wallet is not required to provide any personal information. Bitcoins can be acquired either by “mining” or buying them on an exchange.

The Russians used a variety of methods to acquire bitcoin, including mining, trading on peer-to-peer exchanges, and using prepaid cards. Mining, which involves users solving complex mathematical problems that require immense amounts of computing power resulting in freshly-minted bitcoin, can be a hidden way of acquiring the cryptocurrency. The Russians used their mined bitcoins to pay a Romanian company to register the domain of dcleaks.com, a site that was used to post some of the hacked emails from the DNC, according to the indictment.

Russia has denied interfering in the U.S. election. “Nothing has been proven about the basic allegation of illegal penetration into the computer network of the Democratic Party of the United States,” Russia’s foreign ministry said on Friday.

Many of the most popular bitcoin exchanges used by U.S. customers have robust anti-money-laundering controls that are comparable to those at traditional banking institutions, said John Collins, former head of policy for Coinbase, one of the largest cryptocurrency exchanges. But others use anonymity as a selling point, and don’t make an effort to comply with U.S. anti-money-laundering regulations.

Those exchanges don’t require personal information for trading, which proved appealing to the Russian intelligence officers, according to the indictment.

“All products, all platforms are not created equally,” Mr. Collins said.

Russian intelligence officers moved those funds around through multiple wallets and exchanges, making them harder to track. A single user can have hundreds of different bitcoin “wallets,” without identities or with fake identities in an effort to hide their tracks. Some users trying to operate anonymously also use what are called virtual private networks, or VPNs, services that block the move of data from public sight.

Despite efforts to remain anonymous, prosecutors said the Russians connected their bitcoin transactions with their hacking efforts. “On occasion, the conspirators facilitated bitcoin payments using the same computers that they used to conduct their hacking activity,” the indictment said.

WALL STREET JOURNAL