Topic: [2022-09-13] Man arrested for laundering millions from malicious Electrum update (Read 427 times)

Thanks, I didn't read that far down. I'll post a link.

Ignoring the "taint", there's one thing I find hard to believe: if a hacker is smart enough to spread a compromised version of Electrum, why does he need a third party to exchange Bitcoin for Monero and back to Bitcoin? Even if the third party wouldn't get caught, he would know all involved Bitcoin addresses. Why take that risk after going through all the effort to steal tens of millions of dollars?

That's not how I read it.

Maybe, but there is no way someone could find his location because IP addresses used by Bisq are hidden with Tor, and they could also seized both cryptocurrencies and fiat money.
I understand how he exchanges coins back and forward, but the key in this story of finding his location must be some insider information.

It's obvious like I said before, there is no other way to find his real location.
Everyone should watch out trading with dex exchanges and Bisq, especially if doing trading with fiat currencies and larger amounts.
 

I found a bit different story about the news in the original post.

 The police would have seized all the cash found and the cryptos. So finally, there is cash involved in money laundering.
I'm not saying the sources I quote are more reliable than the police of course. But if it's accurate, apparently the guy is the thief and not a middleman in charge to mix the bitcoins.


https://journalducoin-com.translate.goog/bitcoin/bitcoin-prison-btc-voles/?_x_tr_sl=fr&_x_tr_tl=en&_x_tr_hl=fr&_x_tr_pto=wapp

https://cryptobenelux.com/2022/09/15/verdachte-van-bitcoin-scam-gearresteerd-door-nederlandse-politie/

Most likely yes. They disabled the pop-up feature after this incident so this must be it


The discussion topic is still writable. Though the last reply is over 3.5 years old 



It said he used Bisq


It is a bit vague but my understanding is that he finished allegedly mixing the coins and they seized some BTC,XMR, etc.  he had in his wallet under the supposition that it was his cut from the deal. It does sound weird AF !

On the other hand imagine the hacker's face (considering it's not him) when he found out that he sent some tainted BTC to a guy to mix, the guy got flagged and caught and the received BTC is now tainted again.

I do understand the basics and that the receiver doesn't know the sender's address, but the sender (that goes without saying) does of course know the receiver's address. Bottom line is pretty much that mixing Monero doesn't make sense.

I don't know if that makes sense, but I thought that maybe there is some service where you send Bitcoin (which the suspect obviously stole through the software) and receives Monero to a specified address in return. That way the suspect could at least end up with Monero without getting shot in an OTC deal (Bitcoin for Monero) on the streets (given the sum is so high). The whole text is a bit weird because why would they only seize the expected profit? In such a situation, wouldn't authorities seize whatever they can at first? On the one hand they say investigation of data carriers is ongoing, on the other hand they say expected profit is seized. How can they calculate "expected profit" (which is weird anyway as I said above) while the investigation is still ongoing.

And if they are talking about tens of million of Euros, it doesn't sound common either to let someone go after two days while the data carrier investigation is still ongoing. I can imagine that whoever wrote the text might have exaggerated a good bit.

I haven't seen any. Usually, they don't want to teach criminals how to avoid getting caught.

I was hoping for a topic in which I'm allowed to reply.

The hacker ripped off people who use electrum
The hacker redirected (at least once) to another wallet (there is nothing about if it was Electrum)
the bitcoins were transferred to a Bisq wallet
The wallet exchanged BTC for monero and vice versa

There is no bank transaction involved. If it was the case, the police would have announced they sized the money or the bank account.
The text says "The expected profit that the man made from money laundering was seized in cryptocurrency"
To me, there is no €uro somewhere.

The guy was supposed to mix bitcoins using monero and he got stopped here.

You mean this?

Are there any information saying how exactly they caught him?
He used Electrum, Bisq and Monero, so it must have been when he sold crypto for fiat currency, and that makes me think Dutch police are also using Bisq exchange themselves.
They probably sell cash for crypto and examine all large transactions.

They probably found all transaction information on computers and devices seized from him.

Please read up on Monero. TL;DR: it's a privacy coin.

That doesn't help when someone uses Monero to hide their transactions.
[/quote]

Now one question is where those Bitcoin have been exchanged for Monero and did the guy use a Monero mixer or a Bitcoin mixer before that? Generally, when you use a mixer you need to specify a receiving address. If somehow they uncovered his identity / detected his location, raiding his house and finding data revealing addresses that were used with a mixing service, that would be an important proof against that person. I don't know enough about the case, but the idea that authorities build infrastructure and networks to gather data is quite likely in my opinion. I just don't know whether most of it would be allowed to be used at court.

LoyceV: the Netherlands

I can think of more reasons not to do bad things

That doesn't help when someone uses Monero to hide their transactions.

That was my first thought as well when I came across this topic. The fact that they were able to trace that guy back and to also identify the actual loophole, the malicious electrum software update, does at least show that authorities are making progress and resources are invested significantly into improving their quantitative as well as qualitative capacities.

However, especially when we are talking about cryptocurrencies, I wonder if endeavors by authorities are so nationally limited, or whether it is more likely that they are building cross-border task forces as well. So given that all these incidents had to do with suspects from the Netherlands might not necessarily mean that the Netherland's authorities are better educated and equipped, but that there might have been a network actively communicating on how to exploit issues in a criminal way when it comes to crypto and that authorities succeeded in getting closer to them and are taking them out step by step.

Whatever the exact context might be, one would expect someone laundering tens of millions to be extra cautious.

Wouldn't it be pretty smart by authorities to offer mixing services themselves? Maybe not officially, but reasons for a house raid could probably always be found after you have the info you need to identify an individual using the service. Who knows, I would think that might already be the case. Establish a mixing service, provide services reliably, then take out one criminal after another until the crypto world gets suspicious and stops using the service. But I assume even that could be a hidden fact for quite some time if done the right way despite having to present evidence at court.

https://www.justice.gov/usao-or/pr/alleged-russian-cryptocurrency-money-launderer-extradited-netherlands-united-states

That guy was also caught in the Netherlands. Trial starts on October 4th 2022.

It's highly likely that he's the one behind it all, although I wouldn't be surprised if real hackers hired someone like this person to launder their money, and he's not the only one involved in this operation. It makes sense if you take into account that real hackers would stay in the shadows that way, and even if they catch one accountant, others will continue to launder money.


I have only one logical explanation for that, and that is that there are people in that country who understand very well how the whole thing works and that's why it's not good to do bad things with cryptocurrencies in the Netherlands.

- the guy knows the hacker
- the guy is himself the hacker
- the person is fragile socially or financially and accepted. A bit like drug dealers who never have any stock at home. They keep it in people's homes in exchange for a little money.

I bet 10€ the guy is the hacker. On why from Veenendaal, no idea, nowadays with the internet there are no borders.

off-topic but
bestmixer: the Netherlands
a guy, who used bestmixer, arrested with gold, money, and jewelry: the Netherlands
tornado cash: the Netherlands
this news: the Netherlands

Good point. And why would the hacker trust this guy from Veenendaal with tens of millions of euro's worth of stolen Bitcoin? Even if it was done in smaller batches, I'm curious how this guy got to this "position". It would make more sense if he personally knows the hackers.

Why a hacker would use a person to exchange BTC>Monero>BTC on Bisq. Notice that not any euro is involved.
If it was about doing this on Binance & co., maybe but with Bisq. If it was to cash out on a bank account, ok, but not any cent of euro.

I have the tendency to believe they use the term money laundering simply because they have nothing (yet) to back up a hack accusation.
Since the investigation is still ongoing we will probably hear more if there is something new.
But if you go to a justice court to claim a person is a hacker but have no proof. You know no judge will hear you.


No big deal if the justice is also fast. It makes slots open for the signature police campaign to fill the cages at the police station, and so more gangsters in jail.

With the recent attention mixers have been getting from government, I hope news like this would not turn attention to decentralized, P2P platforms like bisq, increasing censoring.
He did get a slap on the wrist and data carriers found in his him we're seized. There is no guarantee this contains the entire stolen amounts.

Indeed. But they will just track the bitcoins (especially the first 1) and that alone can give plenty of information.


It's a start. From what I see they are (or have been) making mistakes, so it's not all the hope lost.

It says they seized his (expected) profit.

Exchanges can't know where the Monero comes from, so if you sell 1 Bitcoin for Monero on Exchange A and 28 days later sell 10 Monero for Bitcoin on exchange B, they can't link them together (assuming you use different Bitcoin addresses and not your home IP address, of course).

So that's it? They didn't even seize whatever small commission he got?


That's a foolish way to mix coins that does not provide you with any security. Monero's blockchain is completely independent from Bitcoin's, and what makes people feel safe that the exchange(s) that are cooperating with chain analysis companies are not going to unscramble their moving factory floors of transaction histories?

If this guy "only" laundered the money, I expect he earned "only" a few percent of the tens of millions of euros. I guess the real malware makers are still far from getting caught.

It's a good Dutch police tradition to quickly let criminals go. This guy was held for 2 nights!

---

---

I couldn't find back the topic about the malicious Electrum "update popup", so I choose Press.