A husband and wife duo was arrested on Tuesday for allegedly trying to launder roughly $4.5 billion worth of stolen Bitcoins, the US Department of Justice (DOJ) said.
Of the total amount, law enforcement has seized over $3.6 billion in cryptocurrency linked to the 2016 hack of digital currency exchange Bitfinex. About 119,754 Bitcoins were stolen, believed to be worth $71 million at the time.
“Today’s arrests, and the department’s largest financial seizure ever, show that cryptocurrency is not a safe haven for criminals,” said Deputy Attorney General Lisa O Monaco.
Who Are They?
Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, are both residents of New York.
Lichtenstein holds dual US and Russian citizenship, while Morgan has lived in Hong Kong and Egypt and is studying Russian, according to her social media. She’s a journalist and economist who travels internationally for work, Al Jazeera reported, citing the US government.
Both have active social media profiles.
Morgan in particular poses as a rapper under the pseudonym Razzlekhan, Reuters reported. She also actively wrote on 'Tips to Protect Your Business from Cybercriminals' and featured an interview with a cryptocurrency exchange owner on how to prevent fraud, the report said.
How They Did It, Allegedly
The couple allegedly conspired to launder the proceeds of 119,754 bitcoin that were stolen from Bitfinex’s platform in 2016. An as-of-yet unidentified hacker or hackers initiated more than 2,000 unauthorized transactions sending the stolen bitcoin to a digital wallet under Lichtenstein’s control.
The couple couldn't immediately exchange the bitcoin for fiat currency, because the hackers' addresses had reportedly been blacklisted by other exchanges.
Instead, Once they had the bitcoin, they according to the DOJ, transferred approximately 25,000 bitcoin out of the account over five years using sophisticated laundering techniques like:
Using fictitious identities to set up online accounts
Utilizing computer programs to automate transactions, a technique that allows for many transactions to take place in a short period of time;
Depositing the stolen funds into accounts at many virtual currency exchanges and dark net markets and then withdrawing the funds, which obscures the trail.
Converting bitcoin to other forms of virtual currency, including anonymity-enhanced virtual currency (AEC), in a practice known as “chain hopping”.
Using US-based business accounts to legitimize their banking activity.
How They Were Caught
In April 2021 roughly 12,000 Bitcoin from the Bitfinex hack were moved out of Lichtenstein's wallet at once. The massive volume of the transactions and the fact that transactions on the blockchain are publicly available meant that many trackers and security firms were alerted, according to The Record.
This is likely when the US authorities caught on.
On January 31, 2022, law enforcement gained access to (Lichtenstein's Wallet) by decrypting a file saved to Lichtenstein’s cloud storage account, the statement of facts says.
"The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys. Blockchain analysis confirmed that almost all10 of those addresses were directly linked to the hack," it says.
"Law enforcement was able to decrypt several key files contained within the account. Most notably, the account contained a file listing all of the addresses within (Lichtenstein's Wallet) and their corresponding private keys," the statement adds.
(With inputs from The Record and Reuters)