- The 12 Russian intelligence officers indicted Friday by the special counsel Robert Mueller’s office are accused of using bitcoin to facilitate their scheme.
- Mueller’s indictment suggests those bitcoin transactions could have helped catch the hackers.
The 12 Russian intelligence officers indicted Friday by the special counsel Robert Mueller’s office used bitcoin to facilitate their scheme, the charging document says.
The indictment suggests those bitcoin transactions contributed to catching the hackers.
It alleges that they led a hacking scheme that included stealing emails from the Democratic National Committee, the Democratic Congressional Campaign Committee, and top staffers of Hillary Clinton’s campaign, in addition to targeting state and county board of elections websites.
“To hide their connections to Russia and the Russian government, the Conspirators used false identities and made false statements about their identities,” the indictment says. “To further avoid detection, the Conspirators used a network of computers located across the world, including in the United States, and paid for this infrastructure using cryptocurrency.”
The Russians conspired to launder the equivalent of roughly $US95,000 through cryptocurrency transactions to help facilitate the purchase of infrastructure the hackers used to conduct their campaign, the indictment alleges, adding that the Russian officers did so to “capitalise on the perceived anonymity of cryptocurrencies such as bitcoin.”
The indictment says the hackers “principally used bitcoin when purchasing servers, registering domains, and otherwise making payments in furtherance of hacking activity.”
“The use of bitcoin allowed the Conspirators to avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds,” it says.
Bitcoin transactions are added to a blockchain, or public ledger. But the identities of those carrying out the transactions are represented only by identifiers known as bitcoin addresses.
The hackers, the indictment says, further sought to obscure their identities by using hundreds of different email addresses, which often contained fictitious names and addresses, to make the transactions.
But Mueller, who’s leading the investigation into Russia’s interference in the 2016 US election, dropped a few hints in the indictment about how the bitcoin transactions may have played a role in catching the hackers:
- For instance, the Russians sometimes made the bitcoin payments on the same computers they used to conduct their hacking campaign, the document says.
- The Russians used one of the bitcoin accounts in 2015 to renew the registration of a domain name encoded in a malware agent that was later installed on the DNC’s network of servers.
- The indictment says the hackers used bitcoin to pay a Romanian company to register the domain DCLeaks.com, a site that housed some of the stolen emails.
- They also used bitcoin to lease a Malaysian server that hosted the website, the document says.
- Using funds in a bitcoin address, the Russians also purchased a virtual private network account to access the @Guccifer_2 Twitter account, the document says. @Guccifer_2 was the persona that claimed to be the DNC hacker and was in touch with Roger Stone, a confidant of Trump’s.
- And the indictment says the Russians used bitcoin to lease the server used to administer the malware implanted on the DNC server network and to lease two more servers used to hack into its cloud network.
A representative for Mueller declined to comment further on the importance of cryptocurrency to the hacking scheme detailed in the indictment.