Coinbase says it was not involved in the DOJ’s Bitcoin ransom seizure

Published at: June 9, 2021

Coinbase chief security officer Philip Martin has refuted suggestions the American crypto exchange was involved in any seizure of crypto assets related to the recent Colonial Pipeline ransomware attack.

Martin took to Twitter on Tuesday to explain the firm’s involvement, or lack of it, with the Department of Justice’s warrant for the seizure of Bitcoin.

“Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet.”

1/ I've seen a bunch of incorrect claims that Coinbase was involved in the recent DOJ seizure of bitcoin associated with the Colonial Pipeline ransomware attack. We weren’t. a thread:

— Philip Martin (@SecurityGuyPhil) June 8, 2021

The official seizure story, in which government officials recovered 63.7 Bitcoin (BTC), worth roughly $2.3 million at the time, had a number of irregularities. Federal investigators claimed to have obtained the Darkside group’s private keys but did not disclose how the United States Federal Bureau of Investigation was able to commandeer them.

The #Bitcoin associated with Ransomware / Darkside / Colonial Pipeline Co. hack went through the Californian servers of @coinbase and likely seized by U.S. investigators there.Not your keys, not your 63.7 #BTC. pic.twitter.com/4RwZLFww5c

— This is Bullish (@thisisbullish) June 8, 2021

According to the affidavit, the private key for the subject address was in the possession of the FBI in the Northern District of California. This led to the connection with Coinbase, which has servers in the area as a number of Twitter users pointed out. Martin refuted these claims, stating:

“I’ve also read that because the seizure warrant specified property in the Northern District of California, it had to be targeted at Coinbase. Nope. What this likely means is that the private key is located at one of the many Northern California FBI field offices.”

He added that due to the exchange’s storage mechanisms, which use a pooled hot wallet, it “wouldn’t make a ton of sense” to hand over a specific private key.

Questioning how the investigators acquired the private key, he guessed that it was “some good ol’ fashioned police work to locate the target servers,” followed by a mutual legal assistance treaty request and/or some political pressure to get access.

Concerns arose over the abilities of authorities to access the cryptographic keys, which played a role in Tuesday’s market drop. However, authorities have a variety of innovative ways to access private information. On the same day, reports surfaced detailing a fake encrypted communications app used by criminals that was secretly operated by the FBI in order to surreptitiously collect messages, private information and monitor criminal activity on a massive scale.

In a newsletter on Tuesday, Mati Greenspan, founder of Quantum Economics and a former senior market analyst at eToro, stated that the recovered ransom was actually bullish for Bitcoin, as many had expected U.S. politicians to use crypto as a scapegoat for the attack and to enforce some heavy-handed regulations.

“Instead, they were clued in to what we already knew, that it is easier for authorities to catch criminals who use crypto than anything else.”

Greenspan added that the “only valid explanation for prices to be falling is that markets are random, especially in the short-term.” At the time of writing, BTC was trading down 2.2% over the past 24 hours at $33,000 after slumping over 10% since the beginning of the week.

Tags
Fbi
Related Posts
Cybercrime task force monitoring the global digital financial system
The United States faces a growing threat of transnational cybercrime, particularly against its financial system. In what may be the largest prosecution of its kind in U.S. history, the U.S. Department of Justice has charged Texas tech billionaire Bob Brockman in a 39-count indictment with evading $2 billion in taxes. The businessman used encrypted devices and code words to conceal his wire fraud, tax fraud and money laundering within a network of offshore entities and bank accounts. As the CEO of Reynolds and Reynolds Co., Brockman contributed 6.4% to the United States’ current annual deficit of $3.1 trillion — more …
Technology / Oct. 24, 2020
The IRS offers a $625,000 bounty to anyone who can break Monero and Lightning
The United States Internal Revenue Service has offered a bounty of up to $625,000 to anyone who can break purportedly untraceable privacy coins such as Monero (XMR) as well as trace transactions on Bitcoin’s (BTC) Lightning Network. The official proposal, published last week, says the IRS will accept submissions in the form of working prototypes until Sept. 16. If accepted, applicants will receive an initial payment of $500,000. This grant will allow applicants to develop their prototype into a working concept over the next eight months. Once the pilot test is completed and approved by the government, a further $125,000 …
Technology / Sept. 11, 2020
Mobile Ransomware That Doesn't Ask Victims For Crypto Emerges
A report from cybersecurity firm Check Point unveiled a new ransomware attack, where cybercriminals pose as the FBI to demand victims pay their "fine" by credit card. According to the April 28 report, the malware — known as "Black Rose Lucy" — is unusual, since there are no ransom payments involving cryptocurrencies like Bitcoins (BTC) and it affects users of mobile devices with Android as an operating system. Check Point had already tracked the beginnings of the malware since September 2018, originating in Russia as a "Malware-as-a-Service" (MaaS) botnet. However, it took the form of ransomware to make various changes …
Technology / April 28, 2020
Hospitals Still Being Attacked Despite Big Fall in Ransomware
The number of ransomware attacks globally has dropped significantly since the coronavirus crisis intensified in March, according to a new report from Chainalysis. The blockchain analytics firm said the drop was particularly significant given there were growing concerns over the impact of ransomware attacks against hospitals and other healthcare organizations during the crisis. Hospitals are a favoured target for ransomware gangs. Security software provider Emsisoft reported that over the course of 2019, at least 764 healthcare providers in the U.S. had been attacked. In mid-March Emsisoft publicly implored ransomware gangs to stop targeting hospitals due to the potential fatal impacts …
Technology / April 16, 2020
Ransomware Hacks Cost Victims $144M in BTC Over Last 6 Years, FBI Says
A recent presentation from the U.S. Federal Bureau of Investigation, or FBI, shows ransomware hackers have pilfered massive amounts of Bitcoin (BTC) since 2013. Between October 2013 and November 2019, victims paid roughly $144 million in BTC to ransomware hackers, FBI supervisor Joel DeCapua indicated at a Feb. 24 RSA conference. Ransomware takes control During a ransomware breach, nefarious parties take control of a person or entity’s computer systems, demanding payment, often in BTC, to unlock victims’ platforms. DeCapua noted almost all ransomware payments are sent in Bitcoin, and that the bureau's number does not include other related losses victims …
Technology / Feb. 26, 2020