Mt. Gox Suspect Arrested; BTC-e Exchange Involved
BTC-e Exchange Operated By Mt.Gox Hacker?
WizSec, the bitcoin security specialists investigating the Mt. Gox exchange theft, released some bombshell news today identifying the key suspect in the Mt. Gox hacking theft. The information implicates competing exchange BTC-e as an accomplice in laundering the stolen proceeds of the exchange theft, and maybe the theft itself.
BTC-e has been offline, citing "technical problems" since 7/25.
With the arrest of Alexander Vinnik in Greece today, WizSec began releasing information on its investigation. Vinnik is a Russian national who apparently was the operator of the BTC-e bitcoin exchange. The exchange's ownership was previously unknown, but pieces of the WizSec investigation point to Vinnik as at least a key player in operating the exchange.
Key Takeaways From WizSec Report
- Attacker copied the private keys (wallet.dat) for Mt. Gox hot wallet in 2011
- Using the stolen private keys, the attacker moved bitcoin out of various Mt. Gox customer addresses on an ongoing basis from 2011 through 2013
- Total stolen from Mt. Gox: 630,000 BTC
- Key suspect: Alexander Vinnik, a Russian national arrested in Greece, 7/26
- Vinnik laundered the stolen bitcoin through his own exchange (BTC-e) and several others, including Mt. Gox
- Selling the coins back at Mt. Gox is how Vinnik was identified
- Vinnik is so far charged with money laundering, but not theft
WizSec provided a detailed map of the path the stolen bitcoin took through the network:
Click here to see a larger, more detailed version of this chart in the WizSec report.
Laundered Funds May Total $4 Billion
A statement from Greek police said that Vinnik had laundered currency worth at least $4 billion USD through his bitcoin platform. This statement seems to paint every transaction on the exchange as part of Vinnik's money laundering efforts, and to describe BTC-e itself as a "criminal organization."
"An internationally sought 'mastermind' of a crime organization has been arrested. Since 2011 the 38-year-old has been running a criminal organization which administers one of the most important websites of electronic crime in the world."
BTC-e was known to have few requirements for customer identification. Exchange users could trade bitcoin and a few other cryptocurrencies against several fiat currencies. Withdrawal options included "money codes" representing an on-exchange balance of any currency that could then be traded off-exchange.
WizSec is trickling its report out in multiple parts; more information is on the way.