Cryptocurrency

inside-a-violent-gang’s-ruthless-crypto-stealing-home-invasion-spree

Inside a violent gang’s ruthless crypto-stealing home invasion spree

Biz & IT, Cryptocurrency, extortion, Security, syndication / /

brutal extortion —

More than a dozen men threatened, assaulted, tortured, or kidnapped 11 victims.

photo illustration of Cyber thieves stealing Bitcoin on laptop screen

Cryptocurrency has always made a ripe target for theft—and not just hacking, but the old-fashioned, up-close-and-personal kind, too. Given that it can be irreversibly transferred in seconds with little more than a password, it’s perhaps no surprise that thieves have occasionally sought to steal crypto in home-invasion burglaries and even kidnappings. But rarely do those thieves leave a trail of violence in their wake as disturbing as that of one recent, ruthless, and particularly prolific gang of crypto extortionists.

The United States Justice Department earlier this week announced the conviction of Remy Ra St. Felix, a 24-year-old Florida man who led a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North Carolina couple, whose home St. Felix and one of his accomplices broke into before physically assaulting the two victims—both in their seventies—and forcing them to transfer more than $150,000 in bitcoin and ether to the thieves’ crypto wallets.

In fact, that six-figure sum appears to have been the gang’s only confirmed haul from its physical crypto thefts—although the burglars and their associates made millions in total, mostly through more traditional crypto hacking as well as stealing other assets. A deeper look into court documents from the St. Felix case, however, reveals that the relatively small profit St. Felix’s gang made from its burglaries doesn’t capture the full scope of the harm they inflicted: In total, those court filings and DOJ officials describe how more than a dozen convicted and alleged members of the crypto-focused gang broke into the homes of 11 victims, carrying out a brutal spree of armed robberies, death threats, beatings, torture sessions, and even one kidnapping in a campaign that spanned four US states.

In court documents, prosecutors say the men—working in pairs or small teams—threatened to cut toes or genitalia off of one victim, kidnapped and discussed killing another, and planned to threaten another victim’s child as leverage. Prosecutors also describe disturbing torture tactics: how the men inserted sharp objects under one victim’s fingernails and burned another with a hot iron, all in an effort to coerce their targets to hand over the devices and passwords necessary to transfer their crypto holdings.

“The victims in this case suffered a horrible, painful experience that no citizen should have to endure,” Sandra Hairston, a US attorney for the Middle District of North Carolina who prosecuted St. Felix’s case, wrote in the Justice Department’s announcement of St. Felix’s conviction. “The defendant and his coconspirators acted purely out of greed and callously terrorized those they targeted.”

The serial extortion spree is almost certainly the worst of its kind ever to be prosecuted in the US, says Jameson Lopp, the cofounder and chief security officer of Casa, a cryptocurrency-focused physical security firm, who has tracked physical attacks designed to steal cryptocurrency going back as far as 2014. “As far as I’m aware, this is the first case where it was confirmed that the same group of people went around and basically carried out home invasions on a variety of different victims,” Lopp says.

Lopp notes, nonetheless, that this kind of crime spree is more than a one-off. He has learned of other similar attempts at physical theft of cryptocurrency in just the past month that have escaped public reporting—he says the victims in those cases asked him not to share details—and suggests that in-person crypto extortion may be on the rise as thieves realize the attraction of crypto as a highly valuable and instantly transportable target for theft. “Crypto, as this highly liquid bearer asset, completely changes the incentives of doing something like a home invasion,” Lopp says, “or even kidnapping and extortion and ransom.”

Inside a violent gang’s ruthless crypto-stealing home invasion spree Read More »

researchers-crack-11-year-old-password,-recover-$3-million-in-bitcoin

Researchers crack 11-year-old password, recover $3 million in bitcoin

Biz & IT, Cryptocurrency, hacking, passwords, syndication / /
Illustration of a wallet

Flavio Coelho/Getty Images

Two years ago when “Michael,” an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down.

Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted, and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about 4,000 euros, or $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password.

“At [that] time, I was really paranoid with my security,” he laughs.

Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrency he thought he’d lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle “Kingpin,” turns down most of them, for various reasons.

Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel’s Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password.

But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand’s hardware skills were relevant this time. He considered brute-forcing Michael’s password—writing a script to automatically guess millions of possible passwords to find the correct one—but determined this wasn’t feasible. He briefly considered that the RoboForm password manager Michael used to generate his password might have a flaw in the way it generated passwords, which would allow him to guess the password more easily. Grand, however, doubted such a flaw existed.

Michael contacted multiple people who specialize in cracking cryptography; they all told him “there’s no chance” of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets.

Researchers crack 11-year-old password, recover $3 million in bitcoin Read More »

the-hunt-for-rare-bitcoin-is-nearing-an-end

The hunt for rare bitcoin is nearing an end

Bitcoin, Biz & IT, Cryptocurrency, sats, syndication / /

Rarity from thin air —

Rare bitcoin fragments are worth many times their face value.

Digitally generated image of a bitcoin symbol on a glowing circuit board.

Getty Images | Andriy Onufriyenko

Billy Restey is a digital artist who runs a studio in Seattle. But after hours, he hunts for rare chunks of bitcoin. He does it for the thrill. “It’s like collecting Magic: The Gathering or Pokémon cards,” says Restey. “It’s that excitement of, like, what if I catch something rare?”

In the same way a dollar is made up of 100 cents, one bitcoin is composed of 100 million satoshis—or sats, for short. But not all sats are made equal. Those produced in the year bitcoin was created are considered vintage, like a fine wine. Other coveted sats were part of transactions made by bitcoin’s inventor. Some correspond with a particular transaction milestone. These and various other properties make some sats more scarce than others—and therefore more valuable. The very rarest can sell for tens of millions of times their face value; in April, a single sat, normally worth $0.0006, sold for $2.1 million.

Restey is part of a small, tight-knit band of hunters trying to root out these rare sats, which are scattered across the bitcoin network. They do this by depositing batches of bitcoin with a crypto exchange, then withdrawing the same amount—a little like depositing cash with a bank teller and immediately taking it out again from the ATM outside. The coins they receive in return are not the same they deposited, giving them a fresh stash through which to sift. They rinse and repeat.

In April 2023, when Restey started out, he was one of the only people hunting for rare sats—and the process was entirely manual. But now, he uses third-party software to automatically filter through and separate out any precious sats, which he can usually sell for around $80. “I’ve sifted through around 230,000 bitcoin at this point,” he says.

Restey has unearthed thousands of uncommon sats to date, selling only enough to cover the transaction fees and turn a small profit—and collecting the rest himself. But the window of opportunity is closing. The number of rare sats yet to be discovered is steadily shrinking and, as large organizations cotton on, individual hunters risk getting squeezed out. “For a lot of people, it doesn’t make [economic] sense anymore,” says Restey. “But I’m still sat hunting.”

Rarity out of thin air

Bitcoin has been around for 15 years, but rare sats have existed for barely more than 15 months. In January 2023, computer scientist Casey Rodarmor released the Ordinals protocol, which sits as a veneer over the top of the bitcoin network. His aim was to bring a bitcoin equivalent to non-fungible tokens (NFTs) to the network, whereby ownership of a piece of digital media is represented by a sat. He called them “inscriptions.”

There had previously been no way to tell one sat from another. To remedy the problem, Rodarmor coded a method into the Ordinals protocol for differentiating between sats for the first time, by ordering them by number from oldest to newest. Thus, as a side effect of an apparatus designed for something else entirely, rare sats were born.

By allowing sats to be sequenced and tracked, Rodarmor had changed a system in which every bitcoin was freely interchangeable into one in which not all units of bitcoin are equal. He had created rarity out of thin air. “It’s an optional, sort of pretend lens through which to view bitcoin,” says Rodarmor. “It creates value out of nothing.”

When the Ordinals system was first released, it divided bitcoiners. Inscriptions were a near-instant hit, but some felt they were a bastardization of bitcoin’s true purpose—as a system for peer-to-peer payments—or had a “reflexive allergic reaction,” says Rodarmor, to anything that so much as resembled an NFT. The enthusiasm for inscriptions resulted in network congestion as people began to experiment with the new functionality, thus driving transaction fees to a two-year high and adding fuel to an already-fiery debate. One bitcoin developer called for inscriptions to be banned. Those that trade in rare sats have come under attack, too, says Danny Diekroeger, another sat hunter. “Bitcoin maximalists hate this stuff—and they hate me,” he says.

The fuss around the Ordinals system has by now mostly died down, says Rodarmor, but a “loud minority” on X is still “infuriated” by the invention. “I wish hardcore bitcoiners understood that people are going to do things with bitcoin that they think are stupid—and that’s okay,” says Rodarmor. “Just, like, get over it.”

The hunt for rare sats, itself an eccentric mutation of the bitcoin system, falls into that bracket. “It’s highly wacky,” says Rodarmor.

The hunt for rare bitcoin is nearing an end Read More »

crypto-influencer-guilty-of-$110m-scheme-that-shut-down-mango-markets

Crypto influencer guilty of $110M scheme that shut down Mango Markets

crypto scam, Cryptocurrency, cryptocurrency markets, cryptocurrency scam, mango labs, mango markets, market manipulation, Policy, price inflation / /
Crypto influencer guilty of $110M scheme that shut down Mango Markets

A jury has unanimously convicted Avi Eisenberg in the US Department of Justice’s first case involving cryptocurrency open-market manipulation, the DOJ announced Thursday.

The jury found Eisenberg guilty of commodities fraud, commodities market manipulation, and wire fraud in connection with the manipulation on a decentralized cryptocurrency exchange called Mango Markets.

Eisenberg is scheduled to be sentenced on July 29 and is facing “a maximum penalty of 10 years in prison on the commodities fraud count and the commodities manipulation count, and a maximum penalty of 20 years in prison on the wire fraud count,” the DOJ said.

On the Mango Markets exchange, Eisenberg was “engaged in a scheme to fraudulently obtain approximately $110 million worth of cryptocurrency from Mango Markets and its customers by artificially manipulating the price of certain perpetual futures contracts,” the DOJ said. The scheme impacted both investors trading and the exchange itself, which had to suspend operations after Eisenberg’s attack made the exchange insolvent.

Nicole M. Argentieri, the principal deputy assistant attorney general who heads the DOJ’s criminal division, said that Eisenberg’s manipulative trading scheme “puts our financial markets and investors at risk.”

“This prosecution—the first involving the manipulation of cryptocurrency through open-market trades—demonstrates the Criminal Division’s commitment to protecting US financial markets and holding wrongdoers accountable, no matter what mechanism they use to commit manipulation and fraud,” Argentieri said.

Mango Labs has similarly sued Eisenberg over the price manipulation scheme, but that lawsuit was stayed until the DOJ’s case was resolved. Mango Labs is expecting a status update today from the US government and is hoping to proceed with its lawsuit.

Ars could not immediately reach Mango Labs for comment.

Eisenberg’s lawyer, Brian Klein, provided the same statement to Ars, confirming that Eisenberg’s legal team is “obviously disappointed” but “will keep fighting for our client.”

How the Mango Markets scheme worked

Mango Labs has accused Eisenberg of being a “notorious cryptocurrency market manipulator,” noting in its complaint that he has a “history of attacking multiple cryptocurrency platforms and manipulating cryptocurrency markets.” That history includes allegedly embezzling $14 million in 2021 while Eisenberg was working as a developer for another decentralized marketplace called Fortress, Mango Labs’ complaint said.

Eisenberg’s attack on Mango Markets intended to grab tens of millions more than the alleged Fortress attack. When Eisenberg was first charged, the DOJ explained how his Mango Markets price manipulation scheme worked.

On Mango Markets, investors can “purchase and borrow cryptocurrencies and cryptocurrency-related financial products,” including buying and selling “perpetual futures contracts.”

“When an investor buys or sells a perpetual for a particular cryptocurrency, the investor is not buying or selling that cryptocurrency but is, instead, buying or selling exposure to future movements in the value of that cryptocurrency relative to another cryptocurrency,” the DOJ explained.

Crypto influencer guilty of $110M scheme that shut down Mango Markets Read More »

billions-of-public-discord-messages-may-be-sold-through-a-scraping-service

Billions of public Discord messages may be sold through a scraping service

chat, Cryptocurrency, data scraping, discord, discord servers, Policy, privacy, scraping, Security, spy pet, Tech, Web Scraping / /

Discord chat-scraping service —

Cross-server tracking suggests a new understanding of “public” chat servers.

Discord logo, warped by vertical perspective over a phone displaying the app

Getty Images

It’s easy to get the impression that Discord chat messages are ephemeral, especially across different public servers, where lines fly upward at a near-unreadable pace. But someone claims to be catching and compiling that data and is offering packages that can track more than 600 million users across more than 14,000 servers.

Joseph Cox at 404 Media confirmed that Spy Pet, a service that sells access to a database of purportedly 3 billion Discord messages, offers data “credits” to customers who pay in bitcoin, ethereum, or other cryptocurrency. Searching individual users will reveal the servers that Spy Pet can track them across, a raw and exportable table of their messages, and connected accounts, such as GitHub. Ominously, Spy Pet lists more than 86,000 other servers in which it has “no bots,” but “we know it exists.”

  • An example of Spy Pet’s service from its website. Shown are a user’s nicknames, connected accounts, banner image, server memberships, and messages across those servers tracked by Spy Pet.

    Spy Pet

  • Statistics on servers, users, and messages purportedly logged by Spy Pet.

    Spy Pet

  • An example image of the publicly available data gathered by Spy Pet, in this example for a public server for the game Deep Rock Galactic: Survivor.

    Spy Pet

As Cox notes, Discord doesn’t make messages inside server channels, like blog posts or unlocked social media feeds, easy to publicly access and search. But many Discord users many not expect their messages, server memberships, bans, or other data to be grabbed by a bot, compiled, and sold to anybody wishing to pin them all on a particular user. 404 Media confirmed the service’s function with multiple user examples. Private messages are not mentioned by Spy Pet and are presumably still secure.

Spy Pet openly asks those training AI models, or “federal agents looking for a new source of intel,” to contact them for deals. As noted by 404 Media and confirmed by Ars, clicking on the “Request Removal” link plays a clip of J. Jonah Jameson from Spider-Man (the Tobey Maguire/Sam Raimi version) laughing at the idea of advance payment before an abrupt “You’re serious?” Users of Spy Pet, however, are assured of “secure and confidential” searches, with random usernames.

This author found nearly every public Discord he had ever dropped into for research or reporting in Spy Pet’s server list. Those who haven’t paid for message access can only see fairly benign public-facing elements, like stickers, emojis, and charted member totals over time. But as an indication of the reach of Spy Pet’s scraping, it’s an effective warning, or enticement, depending on your goals.

Ars has reached out to Spy Pet for comment and will update this post if we receive a response. A Discord spokesperson told Ars that the company is investigating whether Spy Pet violated its terms of service and community guidelines. It will take “appropriate steps to enforce our policies,” the company said, and could not provide further comment.

Billions of public Discord messages may be sold through a scraping service Read More »

google-sues-two-crypto-app-makers-over-allegedly-vast-“pig-butchering”-scheme

Google sues two crypto app makers over allegedly vast “pig butchering” scheme

crypto scams, Cryptocurrency, Google, google play, Google Play Store, Google Voice, Google Workspace, play store, Policy, racketeering, youtube / /

Foul Play —

Crypto and other investment app scams promoted on YouTube targeted 100K users.

Google sues two crypto app makers over allegedly vast “pig butchering” scheme

Google has sued two app developers based in China over an alleged scheme targeting 100,000 users globally over four years with at least 87 fraudulent cryptocurrency and other investor apps distributed through the Play Store.

The tech giant alleged that scammers lured victims with “promises of high returns” from “seemingly legitimate” apps offering investment opportunities in cryptocurrencies and other products. Commonly known as “pig-butchering schemes,” these scams displayed fake returns on investments, but when users went to withdraw the funds, they discovered they could not.

In some cases, Google alleged, developers would “double down on the scheme by requesting various fees and other payments from victims that were supposedly necessary for the victims to recover their principal investments and purported gains.”

Google accused the app developers—Yunfeng Sun (also known as “Alphonse Sun”) and Hongnam Cheung (also known as “Zhang Hongnim” and “Stanford Fischer”)—of conspiring to commit “hundreds of acts of wire fraud” to further “an unlawful pattern of racketeering activity” that siphoned up to $75,000 from each user successfully scammed.

Google was able to piece together the elaborate alleged scheme because the developers used a wide array of Google products and services to target victims, Google said, including Google Play, Voice, Workspace, and YouTube, breaching each one’s terms of service. Perhaps most notably, the Google Play Store’s developer program policies “forbid developers to upload to Google Play ‘apps that expose users to deceptive or harmful financial products and services,’ including harmful products and services ‘related to the management or investment of money and cryptocurrencies.'”

In addition to harming Google consumers, Google claimed that each product and service’s reputation would continue to be harmed unless the US district court in New York ordered a permanent injunction stopping developers from using any Google products or services.

“By using Google Play to conduct their fraud scheme,” scammers “have threatened the integrity of Google Play and the user experience,” Google alleged. “By using other Google products to support their scheme,” the scammers “also threaten the safety and integrity of those other products, including YouTube, Workspace, and Google Voice.”

Google’s lawsuit is the company’s most recent attempt to block fraudsters from targeting Google products by suing individuals directly, Bloomberg noted. Last year, Google sued five people accused of distributing a fake Bard AI chatbot that instead downloaded malware to Google users’ devices, Bloomberg reported.

How did the alleged Google Play scams work?

Google said that the accused developers “varied their approach from app to app” when allegedly trying to scam users out of thousands of dollars but primarily relied on three methods to lure victims.

The first method relied on sending text messages using Google Voice—such as “I am Sophia, do you remember me?” or “I miss you all the time, how are your parents Mike?”—”to convince the targeted victims that they were sent to the wrong number.” From there, the scammers would apparently establish “friendships” or “romantic relationships” with victims before moving the conversation to apps like WhatsApp, where they would “offer to guide the victim through the investment process, often reassuring the victim of any doubts they had about the apps.” These supposed friends, Google claimed, would “then disappear once the victim tried to withdraw funds.”

Another strategy allegedly employed by scammers relied on videos posted to platforms like YouTube, where fake investment opportunities would be promoted, promising “rates of return” as high as “two percent daily.”

The third tactic, Google said, pushed bogus affiliate marketing campaigns, promising users commissions for “signing up additional users.” These apps, Google claimed, were advertised on social media as “a guaranteed and easy way to earn money.”

Once a victim was drawn into using one of the fraudulent apps, “user interfaces sought to convince victims that they were maintaining balances on the app and that they were earning ‘returns’ on their investments,” Google said.

Occasionally, users would be allowed to withdraw small amounts, convincing them that it was safe to invest more money, but “later attempts to withdraw purported returns simply did not work.” And sometimes the scammers would “bilk” victims out of “even more money,” Google said, by requesting additional funds be submitted to make a withdrawal.

“Some demands” for additional funds, Google found, asked for anywhere “from 10 to 30 percent to cover purported commissions and/or taxes.” Victims, of course, “still did not receive their withdrawal requests even after these additional fees were paid,” Google said.

Which apps were removed from the Play Store?

Google tried to remove apps as soon as they were discovered to be fraudulent, but Google claimed that scammers concocted new aliases and infrastructure to “obfuscate their connection to suspended fraudulent apps.” Because scammers relied on so many different Google services, Google was able to connect the scheme to the accused developers through various business records.

Fraudulent apps named in the complaint include fake cryptocurrency exchanges called TionRT and SkypeWallet. To make the exchanges appear legitimate, scammers put out press releases on newswire services and created YouTube videos likely relying on actors to portray company leadership.

In one YouTube video promoting SkypeWallet, the supposed co-founder of Skype Coin uses the name “Romser Bennett,” which is the same name used for the supposed founder of another fraudulent app called OTCAI2.0, Google said. In each video, a completely different presumed hired actor plays the part of “Romser Bennett.” In other videos, Google found the exact same actor plays an engineer named “Rodriguez” for one app and a technical leader named “William Bryant” for another app.

Another fraudulent app that was flagged by Google was called the Starlight app. Promoted on TikTok and Instagram, Google said, that app promised “that users could earn commissions by simply watching videos.”

The Starlight app was downloaded approximately 23,000 times and seemingly primarily targeted users in Ghana, allegedly scamming at least 6,000 Ghanian users out of initial investment capital that they were told was required before they could start earning money on the app.

Across all 87 fraudulent apps that Google has removed, Google estimated that approximately 100,000 users were victimized, including approximately 8,700 in the United States.

Currently, Google is not aware of any live apps in the Play Store connected to the alleged scheme, the complaint said, but scammers intent on furthering the scheme “will continue to harm Google and Google Play users” without a permanent injunction, Google warned.

Google sues two crypto app makers over allegedly vast “pig butchering” scheme Read More »

sbf-repeatedly-lied-to-get-out-of-“supervillain”-prison-term,-ftx-ceo-alleges

SBF repeatedly lied to get out of “supervillain” prison term, FTX CEO alleges

Cryptocurrency, cryptocurrency exchange, FTX, ftx exchange, Policy, sam bankman-fried, sam bankman-fried trial, sbf / /

SBF’s effective altruism “was a lie” —

FTX CEO: “The harm was vast. The remorse is nonexistent.”

FTX founder Sam Bankman-Fried (R) departs Manhattan Federal Court after an arraignment hearing on March 30, 2023, in New York City.

Enlarge / FTX founder Sam Bankman-Fried (R) departs Manhattan Federal Court after an arraignment hearing on March 30, 2023, in New York City.

The CEO of FTX Trading, John Ray, sent a letter to Judge Lewis Kaplan Wednesday to correct what he called “callously” and “demonstrably false” claims that disgraced FTX founder Sam Bankman-Fried made in hopes of receiving a lighter sentence for crimes including defrauding FTX customers.

In a sentencing memo, Bankman-Fried asked the court to drastically slash his prison sentence from what he considered a “grotesque” 110-year maximum to five to six years. Prosecutors have suggested the sentence should be between 40 and 50 years, but Bankman-Fried claimed such a sentence painted him as a “depraved supervillain,” Bloomberg reported.

The lightest sentence was appropriate, Bankman-Fried claimed, because the “most reasonable estimate of loss” and “harm” to customers, lenders, and investors is “zero.”

According to Ray, “Bankman-Fried continues to live a life of delusion.” While Ray’s team continues to work to recover funds lost, which has been estimated around $10 billion, the total amount of stakeholder claims filed is $23.6 quintillion dollars.

“One quintillion is one billion billions,” Ray told Kaplan. “It is the number 1 followed by 18 zeros. The task of addressing filed claims and reducing them to their proper and ‘allowed’ amount is monumental. Mr. Bankman-Fried assumes this is a breeze. He is wrong, very wrong.”

In one of the letter’s most heated moments, Ray explained why Bankman-Fried is also wrong to claim that FTX is “solvent and safe”:

Vast sums of money were stolen by Mr. Bankman-Fried, and he was rightly convicted by a jury of his peers. That things that he stole, things he converted into other things, whether they were investments in Bahamas real estate, cryptocurrencies or speculative ventures, were successfully recovered through the enormous efforts of a dedicated group of professionals (a group unfairly maligned by Mr. Bankman-Fried and his supporters) does not mean that things were not stolen. What it means is that we got some of them back. And there are plenty of things we did not get back, like the bribes to Chinese officials or the hundreds of millions of dollars he spent to buy access to or time with celebrities or politicians or investments for which he grossly overpaid having done zero diligence. The harm was vast. The remorse is nonexistent.

Ray appears to be frustrated that Bankman-Fried chose to blame his team currently leading FTX and managing bankruptcy claims, as well as lawyers—labeling them as “enemies”—to dodge responsibility for FTX crimes.

Those crimes include: wire fraud on customers of FTX, conspiracy to commit wire fraud on customers of FTX, wire fraud on lenders to Alameda Research, conspiracy to commit wire fraud on lenders to Alameda Research, conspiracy to commit securities fraud on investors in FTX, conspiracy to commit commodities fraud on customers of FTX in connection with purchases and sales of cryptocurrency and swaps, and conspiracy to commit money laundering.

“Bankman-Fried was willing to consider any narrative, including wildly conflicting narratives, that could potentially save him from this day of reckoning,” Ray told Kaplan.

Conflicting narratives Bankman-Fried considered were either focusing “exclusively on the fact” that he “could give value back to customers,” and “the Chapter 11 team is destroying it” or “go strong with the message” that “I’m really glad the Chapter 11 team has stepped in, they’re great, and even better I have funding that can help make customers more whole while the Chapter 11 team does what is needed to clean things up.”

Instead of being “enemies” stopping FTX customers from clawing back all the funds stolen, Ray told Kaplan that his team “worked tirelessly in the months following the collapse to institute governance, controls, and to preserve and protect assets.”

“The value we hope to return to creditors would not exist without the tens of thousands of hours that dedicated professionals have spent digging through the rubble of Mr. Bankman-Fried’s sprawling criminal enterprise to unearth every possible dollar, token, or other asset that was spent on luxury homes, private jets, overpriced speculative ventures, and otherwise lost to the four winds,” Ray told Kaplan, adding that “achieving anticipated recovery levels” that Bankman-Fried suggested all FTX victims are expecting is actually “by no means assured.”

“I am quite confident that but for the work of a very large team of dedicated individuals, billions of dollars would have been lost or stolen and the recoveries to customers would be a fraction of their expected recovery,” Ray told Kaplan. “I make this statement not to curry sympathy or thanks, but to accurately report on the reasons why the FTX debtors may soon be in a position to compensate victims for some of the losses caused by Mr. Bankman-Fried.”

SBF repeatedly lied to get out of “supervillain” prison term, FTX CEO alleges Read More »

“overwhelming-evidence”-shows-craig-wright-did-not-create-bitcoin,-judge-says

“Overwhelming evidence” shows Craig Wright did not create bitcoin, judge says

Bitcoin, bitcoin creator, chatgpt, Craig Wright, Cryptocurrency, fraud, perjury, Policy, satoshi nakamoto, UK high court / /

Debate closed —

Jack Dorsey posted a “W,” as judge halts Wright’s suits against developers.

Dr. Craig Wright arrives at the Rolls Building, part of the Royal Courts of Justice, on February 06, 2024, in London, England.

Enlarge / Dr. Craig Wright arrives at the Rolls Building, part of the Royal Courts of Justice, on February 06, 2024, in London, England.

“Overwhelming evidence” shows that Australian computer scientist Craig Wright is not bitcoin creator Satoshi Nakamoto, a UK judge declared Thursday.

In what Wired described as a “surprise ruling” at the closing of Wright’s six-week trial, Justice James Mellor abruptly ended years of speculation by saying:

“Dr. Wright is not the author of the Bitcoin white paper. Dr. Wright is not the person that operated under the pseudonym Satoshi Nakamoto. Dr. Wright is not the person that created the Bitcoin system. Nor is Dr. Wright the author of the Bitcoin software.”

Wright was not in the courtroom for this explosive moment, Wired reported.

In 2016, Wright had claimed that he did not have the “courage” to prove that he was the creator of bitcoin, shortly after claiming that he had “extraordinary proof.” As debate swirled around his claims, Wright began filing lawsuits, alleging that many had violated his intellectual property rights.

A nonprofit called the Crypto Open Patent Alliance (COPA) sued to stop Wright from filing any more lawsuits that it alleged were based on fabricated evidence, Wired reported. They submitted hundreds of alleged instances of forgery or tampering, Wired reported, asking the UK High Court for a permanent injunction to block Wright from ever making the claim again.

As a result of Mellor’s ruling, CoinDesk reported that Wright’s lawsuits against Coinbase and Twitter founder Jack Dorsey’s Block would be halted. COPA’s lawyer, Jonathan Hough, told CoinDesk that Wright’s conduct should be considered “deadly serious.”

“On the basis of his dishonest claim to be Satoshi, he has pursued claims he puts at hundreds of billions of dollars, including against numerous private individuals,” Hough said.

On Thursday, Dorsey posted a “W” on X (formerly Twitter), marking the win and quoting Mellor’s statements clearly rejecting Wright’s claims as false. COPA similarly celebrated the victory.

“This decision is a win for developers, for the entire open source community, and for the truth,” a COPA spokesperson told CoinDesk. “For over eight years, Dr. Wright and his financial backers have lied about his identity as Satoshi Nakamoto and used that lie to bully and intimidate developers in the bitcoin community. That ends today with the court’s ruling that Craig Wright is not Satoshi Nakamoto.”

Wright’s counsel, Lord Anthony Grabiner, had argued that Mellor granting an injunction would infringe Wright’s freedom of speech. Grabiner noted that “such a prohibition is unprecedented in the UK and would prevent Wright from even casually going to the park and declaring he’s Satoshi without incurring fines or going to prison,” CoinDesk reported.

COPA thinks the injunction is necessary, though.

“We are seeking to enjoin Dr. Wright from ever claiming to be Satoshi Nakamoto again and in doing so avoid further litigation terror campaigns,” COPA’s spokesperson told Wired.

And that’s not all that COPA wants. COPA has also petitioned for Wright’s alleged forgeries—some of which Reuters reported were allegedly produced using ChatGPT—to be review by UK criminal courts, where he could face fines and/or prison time. Hough alleged at trial that Wright “has committed fraud upon the court,” Wired reported, asking Britain’s Crown Prosecution Service to consider prosecuting Wright for “perjury and perverting the course of justice,” CoinDesk reported.

Wright’s counsel argued that COPA would need more evidence to back such a claim, CoinDesk reported.

Mellor won’t issue his final judgment for a month or more, Wired reported, so it’s not clear yet if Wright will be enjoined from claiming he is bitcoin’s creator. The judgement will “be ready when it’s ready and not before,” Mellor said.

“Overwhelming evidence” shows Craig Wright did not create bitcoin, judge says Read More »

over-2-percent-of-the-us’s-electricity-generation-now-goes-to-bitcoin

Over 2 percent of the US’s electricity generation now goes to bitcoin

Bitcoin, Cryptocurrency, Energy, mining, Science, Sustainability / /

Mining stakes —

US government tracking the energy implications of booming bitcoin mining in US.

Digital generated image of golden helium balloon in shape of bitcoin sign inflated with air pump and moving up against purple background.

Enlarge / It takes a lot of energy to keep pumping out more bitcoins.

What exactly is bitcoin mining doing to the electric grid? In the last few years, the US has seen a boom in cryptocurrency mining, and the government is now trying to track exactly what that means for the consumption of electricity. While its analysis is preliminary, the Energy Information Agency (EIA) estimates that large-scale cryptocurrency operations are now consuming over 2 percent of the US’s electricity. That’s roughly the equivalent of having added an additional state to the grid over just the last three years.

Follow the megawatts

While there is some small-scale mining that goes on with personal computers and small rigs, most cryptocurrency mining has moved to large collections of specialized hardware. While this hardware can be pricy compared to personal computers, the main cost for these operations is electricity use, so the miners will tend to move to places with low electricity rates. The EIA report notes that, in the wake of a crackdown on cryptocurrency in China, a lot of that movement has involved relocation to the US, where keeping electricity prices low has generally been a policy priority.

One independent estimate made by the Cambridge Centre for Alternative Finance had the US as the home of just over 3 percent of the global bitcoin mining at the start of 2020. By the start of 2022, that figure was nearly 38 percent.

The Cambridge Center also estimates the global electricity use of all bitcoin mining, so it’s possible to multiply that by the US’s percentage and come up with an estimate for the amount of electricity that boom has consumed. Because of the uncertainties in these estimates, the number could be anywhere from 25 to 91 Terawatt-hours. Even the low end of that range would mean bitcoin mining is now using the equivalent of Utah’s electricity consumption (the high end is roughly Washington’s), which has significant implications for the electric grid as a whole.

So, the EIA decided it needed a better grip on what was going on. To get that, it went through trade publications, financial reports, news articles, and congressional investigation reports to identify as many bitcoin mining operations as it could. With 137 facilities identified, it then inquired about the power supply needed to operate them at full capacity, receiving answers for 101 of those facilities.

If running all-out, those 101 facilities would consume 2.3 percent of the US’s average power demand. That places them on the high side of the Cambridge Center estimates.

Finding power-ups

The mining operations fall in two major clusters: one in Texas, and one extending from western New York down the Appalachians to southern Georgia. While there are additional ones scattered throughout the US, these are the major sites.

The EIA has also found some instances where the operations moved in near underutilized power plants and sent generation soaring again. Tracking the history of five of these plants showed that generation had fallen steadily from 2015 to 2020, reaching a low where they collectively produced just half a Terawatt-hour. Miners moving in nearby tripled production in just a year and has seen it rise to over 2 Terawatt-hours in 2022.

Power plants near bitcoin mining operations have seen generation surge over the last two years.

Enlarge / Power plants near bitcoin mining operations have seen generation surge over the last two years.

These are almost certainly fossil fuel plants that might be reasonable candidates for retirement if it weren’t for their use to supply bitcoin miners. So, these miners are contributing to all of the health and climate problems associated with the continued use of fossil fuels.

The EIA also found a number of strategies that miners used to keep their power costs low. In one case, they moved into a former aluminum smelting facility in Texas to take advantage of its capacious connections to the grid. In another, they put a facility next to a nuclear plant in Pennsylvania and set up a direct connection to the plant. The EIA also found cases where miners moved near natural gas fields that produced waste methane that would otherwise have been burned off.

Since bitcoin mining is the antithesis of an essential activity, several mining operations have signed up for demand-response programs, where they agree to take their operations offline if electricity demand is likely to exceed generating capacity in return for compensation by the grid operator. It has been widely reported that one facility in Texas—the one at the former aluminum smelter site—earned over $30 million by shutting down during a heat wave in 2023.

To better understand the implications of this major new drain on the US electric grid, the EIA will be performing monthly analyses of bitcoin operations during the first half of 2024. But based on these initial numbers, it’s clear that the relocation of so many mining operations to the US will significantly hinder efforts to bring the US’s electric grid to carbon neutrality.

Over 2 percent of the US’s electricity generation now goes to bitcoin Read More »

sim-swapping-ring-stole-$400m-in-crypto-from-a-us-company,-officials-allege

SIM-swapping ring stole $400M in crypto from a US company, officials allege

Cryptocurrency, cryptocurrency scam, cryptocurrency scheme, cryptocurrency wallets, device fraud, Identity theft, mobile device security, Policy, sim swap, sim swapping, wire fraud / /

Undetected for years —

Scheme allegedly targeted Apple, AT&T, Verizon, and T-Mobile stores in 13 states.

SIM-swapping ring stole $400M in crypto from a US company, officials allege

The US may have uncovered the nation’s largest “SIM swap” scheme yet, charging a Chicago man and co-conspirators with allegedly stealing $400 million in cryptocurrency by targeting over 50 victims in more than a dozen states, including one company.

A recent indictment alleged that Robert Powell—using online monikers “R,” “R$,” and “ElSwapo1″—was the “head of a SIM swapping group” called the “Powell SIM Swapping Crew.” He allegedly conspired with Indiana man Carter Rohn (aka “Carti” and “Punslayer”) and Colorado woman Emily Hernandez (allegedly aka “Em”) to gain access to victims’ devices and “carry out fraudulent SIM swap attacks” between March 2021 and April 2023.

SIM-swap attacks occur when someone fraudulently induces a wireless carrier to “reassign a cell phone number from the legitimate subscriber or user’s SIM card to a SIM card controlled by a criminal actor,” the indictment said. Once the swap occurs, the bad actor can defeat multi-factor authentication protections and access online accounts to steal data or money.

Powell’s accused crew allegedly used identification card printers to forge documents, then posed as victims visiting Apple, AT&T, Verizon, and T-Mobile retail stores in Minnesota, Illinois, Indiana, Utah, Nebraska, Colorado, Florida, Maryland, Massachusetts, Texas, New Mexico, Tennessee, Virginia, and the District of Columbia.

According to the indictment, many of the alleged victims did not suffer financial losses, but those that did were allegedly hit hard. The hardest hit appears to be an employee of a company whose AT&T device was allegedly commandeered at a Texas retail store, resulting in over $400 million being allegedly transferred from the employee’s company to co-conspirators’ financial accounts. Other individual victims allegedly lost cryptocurrency valued between $15,000 and more than $1 million.

Co-conspirators are accused of masking stolen funds, sometimes by allegedly hiding transfers in unhosted or self-hosted virtual currency wallets. If convicted, all stolen funds must be forfeited, the indictment said.

Powell has been charged with conspiracy to commit wire fraud and conspiracy to commit aggravated identity theft and access device fraud, Special Agent Brent Bledsoe said in the indictment. This Friday, Powell faces a detention hearing, where he has been ordered by the US Marshals Service to appear in person.

Powell’s attorney, Gal Pissetzky, told Ars that Powell has no comment on the indictment at this time.

SIM swaps escalating in US?

When Powell’s alleged scheme began in 2021, the FBI issued a warning, noting that criminals were increasingly using SIM-swap attacks, fueling total losses that year of $68 million.

Since then, US law enforcement has made several arrests, but none of the uncovered schemes come close to the alleged losses from the thefts Powell’s crew are being accused of.

In 2022, a Florida man, Nicholas Truglia, was sentenced to 18 months for stealing more than $20 million from a single victim. On top of forfeiting the stolen funds, Truglia was also ordered to forfeit more than $900,000 as a criminal penalty. According to security blogger Brian Krebs, Truglia was connected to a group that allegedly stole $100 million using SIM-swap attacks.

Last year, there were a few notable arrests. In October, the Department of Justice sentenced a hacker, Jordan Dave Persad, to 30 months for stealing nearly $1 million from “dozens of victims.” And in December, four Florida men received sentences between eight and 27 months for stealing more than $509,475 in SIM-swap attacks.

Ars could not find any FBI warnings since 2021 raising awareness that losses from SIM-swap attacks may be further increasing to amounts as eye-popping as the alleged losses in Powell’s case.

A DOJ official was unable to confirm if this is the biggest SIM-swapping scheme alleged in the US, directing Ars to another office. Ars will update this report with any new information the DOJ provides.

US officials seem aware that some bad actors attempting SIM-swap attacks appear to be getting bolder. Earlier this year, the Securities and Exchange Commission was targeted in an attack that commandeered the agency’s account on X, formerly known as Twitter. That attack led to a misleading X post falsely announcing the approval of bitcoin exchange-traded funds, causing a brief spike in bitcoin’s price.

To protect consumers from SIM-swap attacks, the Federal Communications Commission announced new rules last year to “require wireless providers to adopt secure methods of authenticating a customer before redirecting a customer’s phone number to a new device or provider. The new rules require wireless providers to immediately notify customers whenever a SIM change or port-out request is made on customers’ accounts and take additional steps to protect customers from SIM swap and port-out fraud.” But an Ars review found these new rules may be too vague to be effective.

In 2021, when European authorities busted a SIM-swapping ring allegedly targeting high-profile individuals worldwide, Europol advised consumers to avoid becoming targets. Tips included using multifactor authentication, resisting associating sensitive accounts with mobile phone numbers, keeping devices updated, avoiding replying to suspicious emails or callers requesting sensitive information, and limiting personal data shared online. Consumers can also request the highest security settings possible from mobile carriers and are encouraged to always use stronger, longer security PINs or passwords to protect devices.

SIM-swapping ring stole $400M in crypto from a US company, officials allege Read More »

child-abusers-are-covering-their-tracks-with-better-use-of-crypto

Child abusers are covering their tracks with better use of crypto

Bitcoin, child abuse, Cryptocurrency, csam, Monery, Policy, syndication, Zcash / /
silhouette of child

For those who trade in child sexual exploitation images and videos in the darkest recesses of the Internet, cryptocurrency has been both a powerful tool and a treacherous one. Bitcoin, for instance, has allowed denizens of that criminal underground to buy and sell their wares with no involvement from a bank or payment processor that might reveal their activities to law enforcement. But the public and surprisingly traceable transactions recorded in Bitcoin’s blockchain have sometimes led financial investigators directly to pedophiles’ doorsteps.

Now, after years of evolution in that grim cat-and-mouse game, new evidence suggests that online vendors of what was once commonly called “child porn” are learning to use cryptocurrency with significantly more skill and stealth—and that it’s helping them survive longer in the Internet’s most abusive industry.

Today, as part of an annual crime report, cryptocurrency tracing firm Chainalysis revealed new research that analyzed blockchains to measure the changing scale and sophistication of the cryptocurrency-based sale of child sexual abuse materials, or CSAM, over the past four years. Total revenue from CSAM sold for cryptocurrency has actually gone down since 2021, Chainalysis found, along with the number of new CSAM sellers accepting crypto. But the sophistication of crypto-based CSAM sales has been increasing. More and more, Chainalysis discovered, sellers of CSAM are using privacy tools like “mixers” and “privacy coins” that obfuscate their money trails across blockchains.

Perhaps because of that increased savvy, the company found that CSAM vendors active in 2023 persisted online—and evaded law enforcement—for a longer time than in any previous year, and about 57 percent longer than even in 2022. “Growing sophistication makes identification harder. It makes tracing harder, it makes prosecution harder, and it makes rescuing victims harder,” says Eric Jardine, the researcher who led the Chainalysis study. “So that sophistication dimension is probably the worst one you could see increasing over time.”

Better stealth, longer criminal lifespans

Scouring blockchains, Chainalysis researchers analyzed around 400 cryptocurrency wallets of CSAM sellers and more than 10,000 buyers who sent funds to them over the past four years. Their most disturbing finding in that broad economic study was that crypto-based CSAM sellers seem to have a longer lifespan online than ever, suggesting a kind of relative impunity. On average, CSAM vendors who were active in 2023 remained online for 884 days, compared with 560 days for those active in 2022 and just 112 days in 2020.

To explain that new longevity for some of the most harmful actors on the Internet, Chainalysis points to how CSAM vendors are increasingly laundering their proceeds with cryptocurrency mixers—services that blend users’ funds to make tracing more difficult—such as ChipMixer and Sinbad. (US and German law enforcement shut down ChipMixer in March 2023, but Sinbad remains online despite facing US sanctions for money laundering.) In 2023, Chainalysis found that about 46 percent of CSAM vendors used mixers, up from around 22 percent in 2020.

Chainalysis also found that CSAM vendors are increasingly using “instant exchanger” services that often collect little or no identifying information on traders and allow them to swap bitcoin for cryptocurrencies like Monero and Zcash—”privacy coins” designed to obfuscate or encrypt their blockchains to make tracing their cash-outs of profits far more difficult. Chainalysis’ Jardine says that Monero in particular seems to be gaining popularity among CSAM purveyors. In the company’s investigations, Chainalysis has seen it used repeatedly by CSAM sellers laundering funds through instant exchangers, and in multiple cases it has also seen CSAM forums post Monero addresses to solicit donations. While the instant exchangers did offer other cryptocurrencies, including the privacy coin Zcash, Chainalysis’ report states that “we believe Monero to be the currency of choice for laundering via instant exchangers.”

Child abusers are covering their tracks with better use of crypto Read More »

actor-paid-to-pose-as-crypto-ceo-“deeply-sorry”-about-$1.3-billion-scam

Actor paid to pose as crypto CEO “deeply sorry” about $1.3 billion scam

Cryptocurrency, cryptocurrency hedge fund, cryptocurrency mining, cryptocurrency scam, facebook, hyperverse, pimeyes, Policy / /
A screenshot from Jack Gamble's video outing Stephen Harrison as HyperVerse's fake CEO, posted on Gamble's

Enlarge / A screenshot from Jack Gamble’s video outing Stephen Harrison as HyperVerse’s fake CEO, posted on Gamble’s “Nobody Special Finance” YouTube channel.

An actor who was hired to pretend to be the highly qualified CEO of a shady, collapsed cryptocurrency hedge fund called HyperVerse has apologized after a YouTuber unmasked his real identity last week.

An Englishman currently living in Thailand, Stephen Harrison confirmed to The Guardian that HyperVerse hired him to pose as CEO Steven Reece Lewis. Harrison told The Guardian that he was “deeply sorry” to HyperVerse investors—who lost a reported $1.3 billion after buying into a cryptocurrency-mining operation that promised “double or triple returns,” but did not exist, Court Watch reported.

Harrison claimed that he had “certainly not pocketed” any portion of those funds. Instead, he told The Guardian that he was paid about $7,500 over nine months. To play the part of CEO, he was also given a “wool and cashmere suit, two business shirts, two ties, and a pair of shoes,” The Guardian reported.

Harrison said that he had no part in HyperVerse’s alleged scheme to woo investors with false promises of high returns.

“I am sorry for these people,” Harrison said. “Because they believed some idea with me at the forefront and believed in what I said, and God knows what these people have lost. And I do feel bad about this.”

He also said that he was “shocked” to find out that HyperVerse had falsified his credentials, telling investors that Harrison was a fintech whiz—supposedly earning prestigious degrees before working at Goldman Sachs, then selling a web development company to Adobe before launching his own IT startup.

Harrison claimed that he only found out about this resume fraud when The Guardian investigated and found that nothing on his resume checked out.

“When I read that in the papers, I was like, blooming heck, they make me sound so highly educated,” Harrison told The Guardian.

He confirmed that he had received general certificates of secondary education but that his expertise was “certainly not on that level” that HyperVerse claimed that it was.

“They painted a good picture of me, but they never told me any of this,” Harrison told The Guardian.

Getting hired as fake CEO

According to The Guardian, Harrison was working as an unpaid freelance sports commentator when a “friend of a friend” told him about the HyperVerse gig.

The contract that Harrison signed was with an Indonesian-based talent agency called Mass Focus Ltd. It stated that he would be hired as “presenter talent,” The Guardian reported. However, The Guardian could find “no record of a company of this name on the Indonesian company register.”

Harrison’s agent allegedly told him that it was common for companies to hire corporate “presenters” to “represent the business” and reassured him that HyperVerse was “legitimate.”

Even after those assurances, Harrison said that he was still worried that HyperVerse might be a “scam,” researching the company online but ultimately deciding that “everything seemed OK.”

“So, I rolled with it,” Harrison told The Guardian.

Harrison said that promotional videos that he recorded as HyperVerse CEO were filmed in “makeshift studios” in Bangkok. He said that he was asked to start using the fake name Steven Reece Lewis while filming the second video. When he questioned why a fake name was necessary, HyperVerse allegedly told him that he was “acting the role.”

His agent allegedly told him that this was “perfectly normal” and after that, he “never went online and checked about Steven Reece Lewis,” he told The Guardian.

“I looked on YouTube occasionally, way back when they put the presentations up, but apart from that I was detached from this role,” Harrison said.

Over nine months, Harrison mostly worked one to two hours monthly, making videos posing as HyperVerse’s CEO.

There was also a Twitter account launched under the fake name Steven Reece Lewis. The Guardian noted that the date of Harrison’s final paycheck from HyperVerse “coincided with the last date the Twitter account was active,” but Harrison told The Guardian that he “had no oversight” of that account. When he was ending his stint as fake CEO, Harrison told The Guardian that he “requested that the Twitter account be shut down.”

Harrison also told The Guardian that he had “no contact at any point” with HyperVerse heads Sam Lee and Ryan Xu, exclusively dealing with a local contact in Thailand.

Actor paid to pose as crypto CEO “deeply sorry” about $1.3 billion scam Read More »