I experienced the same with funds stolen from my project http://betco.in/ - whoever stole bitcoins just sit on them right now. I do not know if it is because they are looking for a way to launder them (although it seems simple to me) or just waiting when bitcoins will cost $100+/$1000+/etc may be?
There is no SOL in most nations, as virtual goods are generally not considered property. Bitcoin is regarded as a virtual good in the U.S., so it is not possible to "steal" a bitcoin. (Note: this is a distinct concept from intellectual property -- do not confuse the issues.)
In China, Korea, Singapore, and Japan, virtual goods are considered property to varying degrees.
EDIT: reply to discountgenius since there was no reply link.
One of the functions of government is to create laws protecting property. There aren't any laws in the U.S. that treat virtual goods such as bitcoin as property. In the U.S., at least, courts have proven extremely reluctant to extend property protections to virtual goods, i.e., MMO items, because the state of the law and underlying technology is still too much in flux. At best, virtual goods are treated as licenses. However, licenses are not property that can be stolen (and this has been litigated in non-virtual contexts).
In Japan and Korea a few years ago, some courts ruled that in-game purchases were considered property for specific purposes. I do not know if their respective courts followed those cases.
Even if taking the bitcoins is not itself a crime in their jurisdiction, they may have committed other crimes as part of the operation to take the bitcoins, such as unauthorized access to a computer.
One method involves running a mining pool where you pay little bits of the "dirty" coins to hundreds of different miners and keep their "clean," freshly-minted coins for yourself.
It's a relatively new protocol. There may be laundering methods that nobody's thought of yet.
I'm fairly certain that you keep the balance in a single wallet, so can send from a different address than the one that received the funds, so really, all this tells us is that they haven't been stupid and sent money out from the same wallet they sent it to.
It is not possible to send bitcoins from a different address that received them, it does not matter what addresses you control (i.e. have in your wallet) - from any address you can only send bitcoins that were previously sent there (with the only exception for mining new bitcoins).
So, how can they ever be truly laundered? Because eventually someone is going to want to convert them to cash, and at that point, they're traceable right?
By sending smaller values to different addresses and continuing that route. It wouldn't clear the trail, but the more you dilute the trail the more annoying it would become to trace it back to that original theft. For example, if they had 1000 bitcoins, broke that up in to 4 pairs of 250, then broke that up in to 8 transactions of 125 and kept decreasing it then there would be so many transactions in the history of those coins. Additionally, there are laundering services out there for bitcoins (eg http://www.bitcoinlaundry.com/, http://app.bitlaundry.com/) which will just cycle all the bitcoins with others - eventually it will be so mixed up with others you can cash out without worrying about being traced easily.
What if one of your physical paper currencies in your wallet right now was involved in a robbery at some point? Should that serial number no longer be valid and cause you to lose that money when you attempt to spend it in the store? If currency is successfully laundered it frequently will end up in someone elses wallet - the same would happen with bitcoins, with the main difference being that it could be tracked back to the originating offense. Maybe an exchange will want to keep an eye out for that - but what makes you think a laundering site or gambling site will care? I give you $100, and you give me back $95 from your wallet and since I can use a different wallet to receive the funds it isn't tied together. In the end someone will end up with those hot bitcoins and fractions there-of, but they might be completely innocent - so should they not be able to use those funds? Should every person care about the source of their money? If you could track your paper currency back, would you reject any transactions that were at some point involved with some illicit behavior? I'm not talking about the technical feasibility, but really if people are bothered enough to care.
>Your post strikes me as naive. All that laundering does is tag more addresses as "hot". You still have a graph of where the bitcoins have gone.
Lets say you have an address with 1000 bitcoins in it.
A thief steals a lot of bitcoins, and maliciously, unknown to you, sends you 10 stolen bitcoins.
You now have an account/address with 1010 bitcoins in it. The system you have just proposed tags your address as hot.
What happens next?
[This is not a hypothetical scenario: in the 'allinvain' alleged theft, we saw several organisations and individuals receive stolen bitcoins from quite soon after the theft; probably as unsolicited donations.]
Once it is added to your wallet you can't send it back, you just have a quantity in there without any differentiation on which bitcoin is which. Sending 10 back would in essence aide in laundering the bitcoins.
You now have an account/address with 1010 bitcoins in it. The system you have just proposed tags your address as hot.
What happens next?
Then, as with every criminal investigation, you follow up that lead. Not all Bitcoin addresses will be resolveable to a person in an area where you have LEO authority, but I'm fairly confident that eventually it'll happen and you start tracking back up the chain.
I didn't say the solution was entirely technical--I've said more than once that nerds who default to "computers can solve every problem" are wrong. It does still involve old-fashioned detective work. And you're not going to solve every case. But Bitcoin gives you a lot of clues.
Well, you can't "convert" Bitcoins to cash. You can trade them to someone who will give you dollars in return. And they generally keep real-world information for the people they transact with.
Bitcoin transaction processors can charge a fee for the service, so one channel for laundering BTC could involve cycling small balances among a large number of addresses allowing "clean" coins to leak out through transaction fees.
You don't seem to understand how Bitcoin works: the balance of the address is what has the 'coins'. They dont exist independent of the balance of the address.
So you can't spend them from a different address, without first transferring them to that different address; and that transfer must be publicly announced to the network. It is the public announcement which gives the other address the ability to spend the 'coins'.
Excuse my ignorance, but he said he suspects they're sitting on the bitcoins because they were "hot". I thought that wouldn't matter with bitcoins due to their anonymous nature?
They aren't that inherently anonymous; the transaction flow can be traced to a limited extent.
For example, if the thieves just did something naive, like transfer all those 'coins' to an address in a wallet they had previous used, or that was previously connected to an identity, it could reveal who they are.
In that scenario, the person receiving the coins could be faced with the questions 'Why did you just receive all those stolen coins? If you arent the thief, then who gave them to you? Did you sell them something?' etc.
I did some work on this before, showing it was possible to follow flows of stolen bitcoins at least some distance through the blockchain. The visualisation lower down this page is of a previous alleged theft, and is extracted from the blockchain: http://anonymity-in-bitcoin.blogspot.ie/2011/07/bitcoin-is-n...
My understanding is that because of the distributed transaction nature of Bitcoin-the-protocol, the stolen coins will be "hot" forever. As soon as they're spent, they'll show up in the logs. The identity of the thieves may never be known, but the coins themselves are identifiable.
I'm surprised someone hasn't started a hot-sheet for stolen coins, so that exchanges and individuals can check before accepting them.
People have talked about 'marking' Bitcoins before.
There are some issues with the idea. Some of them are subtle:
The first thing to realize is that bitcoins do not exist as independent trackable entities, in the system. So there are no individually identifiable bitcoins that you can 'mark'.
Instead, address balances exist.
So, you might say, lets just mark the address balance as 'hot'.
This has some merit. It violates what appears to be a design assumption of Bitcoin, which is that bitcoins are meant to be fungible; but it has some merit.
If someone tries to pay you with a transfer from that address full of stolen coins, you can just say "Im not accepting that as valid payment. Take your business elsewhere."
But, what happens when somebody - lets say an anonymous mixer - accepts, say, 100 stolen bitcoins, into an address that has 900 bitcoins already in it.
Now, you have an address with 1000 bitcoins. 10% of these bitcoins are dirty - but which 10%? How do you deal with this scenario? What if someone tries pay you 100 coins from that address? Do you say that transfers from that address are only worth 90% of the value they had before? What if that address goes through a mixer again? You can keep track of percentage 'contamination' but its going to start making things complicated.
If you accept dirty bitcoins, that weren't dirty when you got them (lets say you are a mixer and get a transfer before people realise there has been a theft), what happens?
Also, who gets to say which bitcoins are dirty? A centralised authority? That sort of breaks the design goal of fungibility - if you have to ask a central authority whether this is a real bitcoin or not, why not also just have the centralised authority issue them in the first place, and dispense with all the complexity?
I'm not sure whether a marking system would work; there certainly seem to be some reasons its tricky.
I've seen discussions about this on the bitcoin forum; plenty of people there who have thought about this a lot.
OK, so you (the criminal) have addresses with known-good reputations which you're able to fence the stolen coins through. Once accepted into their wallet, they are indistinguishable from any other coin already present or added later.
It seems that the problem now becomes one of reputation management. The diamond markets in New York work entirely by trust (a handshake can seal a $10 million deal), but that's not possible when the community is the world.
If you send the 'bad' coins into the 'known good' wallet, everyone can see it. So while the coins themselves are potentially indistinguishable for reasons similar to melting together all the gold you receive and chipping off a bit to spend, the entire account is now known to accept coins from a bad source. You can send any part of any coins in an account to somewhere else, so it's not really 'melting', but it's a useful mental picture for laundering bitcoins.
In real-world cases like this, you generally launder the money through untraceable sources, where they can re-enter the system from anywhere and be 'clean'. You can do something similar in bitcoin, where I think they're called "mixers". I don't know if any automated ones exist, but basically: mix (i.e., melt) a bunch of people's money from addresses A-M in one account, and send the same amount out to (brand-new, anonymous) addresses N-Z.
N-Z are owned by unknown entities, so as long as e.g. X doesn't receive exactly as much money as only D put in, you can't infer ownership. All coins are 'tainted' because the sources can be tracked perfectly (i.e., a marker chemical in gold), but who owns what coin is now lost. Obviously there's more to it, and distributing without losing perfect anonymity is difficult, but it shows the basic problem. Again similar to melting, you can even send # coins to addresses 1-9 over a large period of time, while melting more and more coins into the shared pool, so there's less of a chance of guessing who owns what based on timing.
The problem isn't really about identifying the "hot" coins - but rather the history of the coins - you can transfer the same coins constantly to your own wallets, adding noise to the transaction history. If there are 500 transactions to white wash the history, then there is little that can be done besides looking through the whole history of the coins - and if there are other bitcoins in the wallet that were obtained legitimately then you might have to search down multiple historical transaction logs for each partial coin.
Blockchain.info has a taint analysis tool, and there are other tools. Most bitcoins have a long, highly-mixed history, tainted some small fractional percent of most any address from time before. Probably because mtgox, as the largest exchange, mixes coins pretty thoroughly. Risk to the thieves is that if they try to sell the coins through them, mtgox will freeze the funds. They have to be mixed elsewhere first and who knows what taint threshold mtgox uses to freeze funds.
For example, after the Linode hack the stolen coins were moving around and there were reports, from people who had bought coins from cryptoXchange or had paid with paxum, that mtgox was freezing those deposits because they were connected to the stolen funds.
That sounds a lot like how all US currency has traces of cocaine on it, because at some point most US bills (maybe just $100 bills) have passed through a coke dealer's hands.
The Bitcoin network is pseudonymous, not anonymous.
To simplify a bit, your money isn't stored on any device you own -- it's stored on the network, in the cloud. Everyone can see what's going on, although they don't know who has the key who can authorization transfers from cffc7f08c81b63b3fb6b56d3eae8f984.
No. Knowing receipt of stolen property is a crime. However, bitcoins are not considered property, nor can they be considered stolen, under current U.S. law.
no, because funds might be easily transfered to another address. and after that you need to mark new address as "bad" again. and it become complicated when only part of funds transfered to another address. and it become even more complicated when funds transfered to "pool" address, of big exchanger like mtgox for example. and these funds end up in hands of honest users..
I would assume that the people behind whichever inside jobs are just waiting for things to "die down" and for their former customers to forget and move on with their lives before the thieves cash out.
Not necessarily true. They may have simply transferred ownership of the account the bitcoins were in to someone else outside of the bitcoin universe (e.g. on a USB drive).
This presents an interesting problem. Do individuals who accept payments in bitcoin have to verify that the bitcoins the accept haven't been stolen? If they fail to verify the provenance of their payment, are they at risk of forfeiting their money or, worse!, being criminally liable for possession of stolen property?
I've only been into bitcoin mining and trading for about a month now, so take this with a grain of salt, but:
If were the criminal behind this heist and I wanted to whitewash these bit coins, I would first establish several new wallets, would divide the coins between them, then would programmatically transfer the coins back and forth between the accounts in random amounts at short but random intervals over the course of several months to increase the noise level. I would then (again programmatically) buy a different electronic currency (namecoins, etc.) with them to obscure the trail even more. Finally I could transfer them back into bitcoins, using several new wallets.
At that point they could be cashed out or spent more or less freely.
Again, I'm new to bit coins so I may not know all the dynamics involved, but what I have outlined seems logical based on what I know at this point.
If I have it right, the self transactions wouldn't do much (because the transaction history of the bitcoin system is public).
A few other comments mention that Mt. Gox is treating certain coins within some distance of certain accounts as tainted and freezing those transactions.
Can someone explain if there is a technical reason the network can't collude to cancel these bitcoins? This seems a reasonable reaction to known theft.
57 comments
[ 3.2 ms ] story [ 85.9 ms ] threadIn China, Korea, Singapore, and Japan, virtual goods are considered property to varying degrees.
EDIT: reply to discountgenius since there was no reply link. One of the functions of government is to create laws protecting property. There aren't any laws in the U.S. that treat virtual goods such as bitcoin as property. In the U.S., at least, courts have proven extremely reluctant to extend property protections to virtual goods, i.e., MMO items, because the state of the law and underlying technology is still too much in flux. At best, virtual goods are treated as licenses. However, licenses are not property that can be stolen (and this has been litigated in non-virtual contexts).
In Japan and Korea a few years ago, some courts ruled that in-game purchases were considered property for specific purposes. I do not know if their respective courts followed those cases.
It's a relatively new protocol. There may be laundering methods that nobody's thought of yet.
So, how can they ever be truly laundered? Because eventually someone is going to want to convert them to cash, and at that point, they're traceable right?
Bitcoin is done with computers. It's no more "annoying" to trace one hundred transactions than it is to trace one.
Lets say you have an address with 1000 bitcoins in it.
A thief steals a lot of bitcoins, and maliciously, unknown to you, sends you 10 stolen bitcoins.
You now have an account/address with 1010 bitcoins in it. The system you have just proposed tags your address as hot.
What happens next?
[This is not a hypothetical scenario: in the 'allinvain' alleged theft, we saw several organisations and individuals receive stolen bitcoins from quite soon after the theft; probably as unsolicited donations.]
Then, as with every criminal investigation, you follow up that lead. Not all Bitcoin addresses will be resolveable to a person in an area where you have LEO authority, but I'm fairly confident that eventually it'll happen and you start tracking back up the chain.
I didn't say the solution was entirely technical--I've said more than once that nerds who default to "computers can solve every problem" are wrong. It does still involve old-fashioned detective work. And you're not going to solve every case. But Bitcoin gives you a lot of clues.
So you can't spend them from a different address, without first transferring them to that different address; and that transfer must be publicly announced to the network. It is the public announcement which gives the other address the ability to spend the 'coins'.
For example, if the thieves just did something naive, like transfer all those 'coins' to an address in a wallet they had previous used, or that was previously connected to an identity, it could reveal who they are.
In that scenario, the person receiving the coins could be faced with the questions 'Why did you just receive all those stolen coins? If you arent the thief, then who gave them to you? Did you sell them something?' etc.
I did some work on this before, showing it was possible to follow flows of stolen bitcoins at least some distance through the blockchain. The visualisation lower down this page is of a previous alleged theft, and is extracted from the blockchain: http://anonymity-in-bitcoin.blogspot.ie/2011/07/bitcoin-is-n...
I'm surprised someone hasn't started a hot-sheet for stolen coins, so that exchanges and individuals can check before accepting them.
There are some issues with the idea. Some of them are subtle:
The first thing to realize is that bitcoins do not exist as independent trackable entities, in the system. So there are no individually identifiable bitcoins that you can 'mark'.
Instead, address balances exist. So, you might say, lets just mark the address balance as 'hot'.
This has some merit. It violates what appears to be a design assumption of Bitcoin, which is that bitcoins are meant to be fungible; but it has some merit.
If someone tries to pay you with a transfer from that address full of stolen coins, you can just say "Im not accepting that as valid payment. Take your business elsewhere."
But, what happens when somebody - lets say an anonymous mixer - accepts, say, 100 stolen bitcoins, into an address that has 900 bitcoins already in it.
Now, you have an address with 1000 bitcoins. 10% of these bitcoins are dirty - but which 10%? How do you deal with this scenario? What if someone tries pay you 100 coins from that address? Do you say that transfers from that address are only worth 90% of the value they had before? What if that address goes through a mixer again? You can keep track of percentage 'contamination' but its going to start making things complicated.
If you accept dirty bitcoins, that weren't dirty when you got them (lets say you are a mixer and get a transfer before people realise there has been a theft), what happens? Also, who gets to say which bitcoins are dirty? A centralised authority? That sort of breaks the design goal of fungibility - if you have to ask a central authority whether this is a real bitcoin or not, why not also just have the centralised authority issue them in the first place, and dispense with all the complexity?
I'm not sure whether a marking system would work; there certainly seem to be some reasons its tricky. I've seen discussions about this on the bitcoin forum; plenty of people there who have thought about this a lot.
It seems that the problem now becomes one of reputation management. The diamond markets in New York work entirely by trust (a handshake can seal a $10 million deal), but that's not possible when the community is the world.
A pretty challenge. :)
In real-world cases like this, you generally launder the money through untraceable sources, where they can re-enter the system from anywhere and be 'clean'. You can do something similar in bitcoin, where I think they're called "mixers". I don't know if any automated ones exist, but basically: mix (i.e., melt) a bunch of people's money from addresses A-M in one account, and send the same amount out to (brand-new, anonymous) addresses N-Z.
N-Z are owned by unknown entities, so as long as e.g. X doesn't receive exactly as much money as only D put in, you can't infer ownership. All coins are 'tainted' because the sources can be tracked perfectly (i.e., a marker chemical in gold), but who owns what coin is now lost. Obviously there's more to it, and distributing without losing perfect anonymity is difficult, but it shows the basic problem. Again similar to melting, you can even send # coins to addresses 1-9 over a large period of time, while melting more and more coins into the shared pool, so there's less of a chance of guessing who owns what based on timing.
For example, after the Linode hack the stolen coins were moving around and there were reports, from people who had bought coins from cryptoXchange or had paid with paxum, that mtgox was freezing those deposits because they were connected to the stolen funds.
http://www.snopes.com/business/money/cocaine.asp
To simplify a bit, your money isn't stored on any device you own -- it's stored on the network, in the cloud. Everyone can see what's going on, although they don't know who has the key who can authorization transfers from cffc7f08c81b63b3fb6b56d3eae8f984.
Ref: https://bitcointalk.org/index.php?topic=24784.0
An individual that accepts them?
If were the criminal behind this heist and I wanted to whitewash these bit coins, I would first establish several new wallets, would divide the coins between them, then would programmatically transfer the coins back and forth between the accounts in random amounts at short but random intervals over the course of several months to increase the noise level. I would then (again programmatically) buy a different electronic currency (namecoins, etc.) with them to obscure the trail even more. Finally I could transfer them back into bitcoins, using several new wallets.
At that point they could be cashed out or spent more or less freely.
Again, I'm new to bit coins so I may not know all the dynamics involved, but what I have outlined seems logical based on what I know at this point.
A few other comments mention that Mt. Gox is treating certain coins within some distance of certain accounts as tainted and freezing those transactions.