By Pierre Delval, chronicler.
On April 15, 2018, in issue 49 of Financial Afrik, I devoted a full column on the criminological deciphering of cryptocurrency.
I cautioned, in particular, the unwary who would be tempted to minimize the weight of potentially tortious transactions in this financial market of a new kind. And, without taking too much risk, I felt that this lark mirror would become, sooner or later, a target of choice for criminal organizations.
While I was writing this analysis, criticized by the Bitcoin, Litecoin, Peercoin, Namecoin and other cryptodevises aficionados, a character, as he knows how to mystify the criminal history, had been languishing since July 25 2017 in a prison of Athens. Alexander Vinnik, originally from Russia, was secretly detained in Greece, the place of his arrest, pending the finalization of complex legal-technical extradition negotiations to France, the United States or Russia. Suspected of having laundered billions of dollars since 2011, this 30-year-old had become the most sought-after white-collar crook of French, American and Russian specialized services. Across the Atlantic, given the scale of the phenomenon, the FBI, the Secret Service, the Treasury and Homeland Security joined forces for the needs of a survey with the most twisted ramifications. Today, in the United States alone, 21 charges are laid against one of the world’s largest digesters. It must be recognized that Vinnik had seen big. A visionary of crime, he had imagined before all the world all the exceptional potential that cryptocurrency could offer.
The starting point of this incredible story that seems straight out of a B series is a platform called BTC-e. According to Brian Stretch, then federal prosecutor, « Vinnick’s efforts have made BTC-e one of the main tools used by cybercriminals around the world to launder the proceeds of their illegal activities. » The BTC-e platform was skilfully structured with servers in California, a Cypriot law website in Bulgaria, the Canton Business Corporation, a Seychelles-based company with a Russian phone line, and domain names registered in France. , Singapore, New Zealand and the British Virgin Islands. Everything was thought to transform the profits of computer hacks, scams, identity theft, tax refund fraud, drug trafficking and bribery of public officials in cryptocurrency. And if his organization had had the opportunity to finance Daesh or AQIM, he would have done it, without any qualms.
Because, like any good predator, only profit motivated his audacity. 700,000 customers would have used the services of the BTC-e during the last seven years and more than 9.4 million Bitcoins and Litecoins would have been distributed, the equivalent of 33 billion euros. But the Russian would not have been content to turn the dirty money of others into cryptocurrency. He would have acted also for his own interest. Vamndedam (or Vamnedam) is how he baptized one of his accounts. This Russian code name which translates as « I will not give it to you », says a lot about Vinnik’s mind. On this account was deposited part of the booty of the breaker of the century on the platform Mt. Gox. This discovery did not fail to challenge investigators who finally lifted the veil on one of the biggest police impasse in computer hacking.
Mt. Gox was, until its bankruptcy in 2014, the main stock exchange where to buy and sell Bitcoins. 650000 Bitcoins had disappeared without our understanding of their origin. Various reports, the « Willy report », and the work of the security specialist « WizSec », had highlighted the strange activity of two very active mystery operators on Mt. Gox, two actors baptized by the operators « Willy » and » Markus « . The latter would have been at the heart of an unprecedented course manipulation in the sphere of cryptocurrency.
These two operators had acquired 600,000 Bitcoins, between February and November 2013, close to 650,000 Bitcoins that the platform considers to have been stolen. They contributed to the soaring course of Bitcoin which rose from 150 to more than 1,000 dollars at the end of 2013. Markus intervened between Valentine’s Day, February 14, 2013 and September 27. He had bought nearly 336,000 Bitcoins, in 33 sessions, for $ 76 million. Suspicious elements, this trader paid no transaction fees, and some of his transactions seem to have been split. He never paid a single dollar to buy his Bitcoins and those who sold him their Bitcoins never received the money. « Willy » meanwhile, was an automaton of automatic trading.
Unlike Markus, he had used several accounts, 49 in total, who each bought $ 2.5 million worth of Bitcoins, which were never sold. Curiously, these purchases began the same day that Markus had stopped its operations on September 27, 2013. Willy had acquired 268,000 Bitcoins for $ 112 million. He would buy each time at the market, with no limit order, so that the price of Bitcoin increased by nearly $ 20 on the days he was active. These two « ghost operators » each accounted for nearly 20% of the daily volume of Mt. Gox, and 6 to 12% of the volumes of all Bitcoin exchanges. A strike force that allowed them to manipulate the course of Bitcoin. During their interventions, Bitcoin progressed in 80% of cases, against 55% of cases during « normal » sessions without manipulation.
According to investigations conducted in 2014 against the owner of this platform, Mark Karpeles, these operations were trying to hide a huge cyber-attack that Mt. Gox had been the victim of. In fact, between February 2011 and November 2013, the stock market had been the object of about fifty distributed denial of service (DDoS) attacks for Distributed Denial of Service attack. This was particularly flooding the network to prevent its operation and disruption of connections, preventing access to a particular service. But also obstructing access to a service for a particular person. These asymmetric attacks had thus blocked file servers, allowing direct actions on the storage of cryptocurrencies.
Once the Bitcoins were stolen, they had been « laundered » and made anonymous, for a fee, so that no one could go back to their owners. According to the Wizsec report, most of the Bitcoins were stolen as of the end of 2011, at a decreasing rate, to be transferred to other exchanges including BTC-e supervised by Vinnik. Transfers were made gradually over time so as not to penalize the course and not to attract the attention of the diversion. Gox, understanding too late the malfeasance of which she was a victim and becoming technically bankrupt since 2012, then proceeded to dummy operations of valorization of the cryptocurrency to hide its insolvency and try to turn the situation around.
For pirate Alexander Vinnik, this cyber-case had two objectives: to neutralize the competition by creating in 2014 a quasi-stock market monopoly with the BTC-e and recover a stock of cryptocurrency for his benefit. But his ever-growing appetite betrayed him. Another software, under his control and called Locky, attacked many French information systems as early as June 2016. Dozens of small bosses then lodged a complaint. The investigation conducted by the research section of the gendarmerie of Bordeaux back track to Ukraine and Russia, but the collaboration expected by the Paris prosecutor’s office with his Muscovite counterparts remains a dead letter. The FBI, to which the French also ask for help, is not more cooperative. In July 2017, the Greek police finally gets their hands on Vannik, while on vacation, and at the request of the Americans. His cell phones and his computer are seized, as his Californian servers site BTC-e elsewhere. At the same time, the Russians are demanding the repatriation of their national who is accused of fraud of 12 million dollars in their territory. But it is the French who won the case, considering that the case must be managed by the European Union of which France is a member.
This politico-judicial imbroglio has not finished talking about him. But beyond the cybercriminal revelations that could come to fruition, this Vinnik case alone shows, if need be, that the profit generated by cryptocurrency and the anonymity of its transactions will only amplify the predation of organized crime. While there are many positive aspects of a cryptographic economy (greater transaction confidentiality, ease of user control over funds, and free flow of capital), these benefits present new challenges in stopping the crimes of the present and from the future. It is also likely that cryptocurrency crimes will become more complex and potentially more difficult to stem compared to the traditional crimes of fiat money and bank cards. Bitcoin is certainly the first cryptocurrency, but as everyone knows it is not the only one. In recent years, developers have created new cryptocurrency protocols, such as Zcash, Monero and Dash, with privacy features that make transactions more difficult to trace. Monero, in particular, is making progress on the darknet markets. Increased confidentiality may be a determining factor in the growth of legal cryptocurrencies, but this must be offset by the need for law enforcement to trace transactions in certain circumstances. In the coming years, the law enforcement agencies must therefore acquire the technological expertise necessary to fight against their illicit uses and regulators must understand the risks presented by these anonymous cryptocurrency. In the meantime, be vigilant, because a safe and secure currency always remains a great illusion.