Binance Hackers Bombard Chipmixer to Launder at Least 4,836 BTC - page 3.

AdolfinWolf

legendary

Activity: 1946

Merit: 1427

Quote from: mazdafunsun on August 20, 2019, 09:59:16 AM

Quote

As previously reported, a crypto mixing service, or a crypto tumbler, is an anonymity tool that claims to transform transactions of non-private coins to private ones by mixing crypto funds with others...

I have been thinking of these mixers, are they actually bullet proof?
Are those algorithms un hack-able , I mean if these hackers will go unpunished because they used this service and it can be proven that they are the owners of hacked coins?

No. There has been a paper posted a while ago that deanonymized almost every mixer (except Chipmixer (perhaps due to it not being vectored properly by the researcher)). I lost the link but i'll search for it in a bit.

And of course you also have the good ol' fed's raiding you if you're hosting your servers in Europe/US. See what happend to Bestmixer. INTERPOL claims they got ALL the transaction data from that mixer.

Edit: https://bitcointalksearch.org/topic/breaking-mixing-services-5117328

mazdafunsun

full member

Activity: 490

Merit: 123

Quote

As previously reported, a crypto mixing service, or a crypto tumbler, is an anonymity tool that claims to transform transactions of non-private coins to private ones by mixing crypto funds with others...

I have been thinking of these mixers, are they actually bullet proof?
Are those algorithms un hack-able , I mean if these hackers will go unpunished because they used this service and it can be proven that they are the owners of hacked coins?

jostorres

hero member

Activity: 2562

Merit: 586

Quote from: bryant.coleman on August 18, 2019, 07:54:50 PM

From what I have heard, Binance has agreed to some of the demands made by the American authorities. They are ready to exclude American users from the main platform and may restrict this group to an exclusive platform for the US users where KYC is mandatory. But as we all know, even exchanges with mandatory KYC requirement are not 100% safe.

I agree with what you said, and I don't have any doubts regarding the real intention of these people. But I think shutting down mixers such as Chipmixer may be more of a priority for them, rather than going for the exchanges such as Binance. They target exchanges only when the owners openly challenge them (for example, the case with BTC-e / Wex.nz).

As we know that when it comes to tax, the US government will never joke with that, now that they see it will be impossible to control bitcoin or make it stop, then the best way for them would be to go after these exchanges.

Honestly Binance tried to avoid them and protect its users, but if US will complicate things and make them loose the trust that their user has for them as regards their privacy protection, then I think that they have done the right thing separating the US citizens into a different platform, so it is left for the citizens to willingly submit themselves to the US by using those platform, anyway, they have no choice because they are virtually now controlling all the exchange that they probably have in their country.

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: cryptoperkele on August 19, 2019, 04:29:23 PM

Am i the only one who thought that mixers were build for this purpose? I mean now we suddenly DO want to know who is using money to what?

Bitcoin was hijacked - like the Internet at ist beginning - by ppl who wanted to stay anno and go anarcho. There is a lot Money to be made ...

But Bitcoin was too transparent / even should use IP addresses for proper P2P .

cryptoperkele

member

Activity: 889

Merit: 60

Am i the only one who thought that mixers were build for this purpose? I mean now we suddenly DO want to know who is using money to what?

figmentofmyass

legendary

Activity: 1652

Merit: 1483

Quote from: btctaipei on August 19, 2019, 01:33:30 PM

I would bet 0.25 BTC that Chipmixer already targeted from US Fed since 2018 or perhaps earlier.
Chipmixer operator(s) are likely very well isolated from server and targetable network infrastructure,
and are able to remotely relocate services to front-end .onion or .com website with ease. There is
little incentive to target just yet because even if Feds can do something, the amount of bitcoin that
could be take from hot wallet / server would probably be quite insignificant, because there is no need
to keep large amount of chips/private key on server until someone lack of
privacy-fool (invites side channel / volume analysis ) output a large amount to chipmixer for any
reason.

so what's the end game of targeting them---de-anonymizing users, as opposed to shutting the service down? with proper encryption, even server compromise would probably leave wallets intact (as with BTC-E in 2017). so if the feds come after chipmixer in the open, it would just be a drawn-out game of whack-a-mole, unlikely to net any proceeds.

malevolent

legendary

Activity: 3472

Merit: 1722

Quote from: bryant.coleman on August 18, 2019, 07:54:50 PM

They target exchanges only when the owners openly challenge them (for example, the case with BTC-e / Wex.nz).

They'll go after anyone who serves Americans and doesn't throw a shitload of money for paperwork and compliance costs. That's why you see so many exchanges downright banning Americans from their platforms.

btctaipei

member

Activity: 141

Merit: 62

Quote from: scambust on August 18, 2019, 07:59:35 PM

Yup, one of these days, Chipmixer will be targeted by the US government. Remember they went after
almost all darknet sites that deal in drugs. It would be easy to shut down the site. It should be more
decentralized.

I would bet 0.25 BTC that Chipmixer already targeted from US Fed since 2018 or perhaps earlier.
Chipmixer operator(s) are likely very well isolated from server and targetable network infrastructure,
and are able to remotely relocate services to front-end .onion or .com website with ease. There is
little incentive to target just yet because even if Feds can do something, the amount of bitcoin that
could be take from hot wallet / server would probably be quite insignificant, because there is no need
to keep large amount of chips/private key on server until someone lack of
privacy-fool (invites side channel / volume analysis ) output a large amount to chipmixer for any
reason.

DDD1234

newbie

Activity: 2

Merit: 0

Chipmixer is at the risk of compromising there privacy code, if they opened up about the hackers who are sending money through them. If Chipmaker exposes them, other clients wont be able to trust the company and thats doom.

scambust

legendary

Activity: 1652

Merit: 1007

Yup, one of these days, Chipmixer will be targeted by the US government. Remember they went after almost all darknet sites that deal in drugs. It would be easy to shut down the site. It should be more decentralized.

bryant.coleman

legendary

Activity: 3766

Merit: 1217

Quote from: squatter on August 18, 2019, 11:42:10 AM

Quote from: bryant.coleman on August 18, 2019, 09:18:42 AM

So what will the feds do next? They are going to blame Chipmixer for sure, and will try their best to close down the mixer. If the Chipmixer owners refuse that, then the feds may go ahead with domain seizure.

That's an odd assumption since the US government has never openly targeted mixers like that.

I also don't think they care in the slightest about the Binance hack. No American victims, no customer losses at all -- why would they care? The US government is probably more interested in shutting Binance down than helping them recover stolen bitcoins! Cheesy

From what I have heard, Binance has agreed to some of the demands made by the American authorities. They are ready to exclude American users from the main platform and may restrict this group to an exclusive platform for the US users where KYC is mandatory. But as we all know, even exchanges with mandatory KYC requirement are not 100% safe.

I agree with what you said, and I don't have any doubts regarding the real intention of these people. But I think shutting down mixers such as Chipmixer may be more of a priority for them, rather than going for the exchanges such as Binance. They target exchanges only when the owners openly challenge them (for example, the case with BTC-e / Wex.nz).

malevolent

legendary

Activity: 3472

Merit: 1722

Eh, there might be investigations under way, and the thieves may slip up somewhere along the way when laundering their ill-gotten gains, and we'll only get to hear about it when they're arrested.

squatter

legendary

Activity: 1666

Merit: 1196

STOP SNITCHIN'

Quote from: bryant.coleman on August 18, 2019, 09:18:42 AM

So what will the feds do next? They are going to blame Chipmixer for sure, and will try their best to close down the mixer. If the Chipmixer owners refuse that, then the feds may go ahead with domain seizure.

That's an odd assumption since the US government has never openly targeted mixers like that.

I also don't think they care in the slightest about the Binance hack. No American victims, no customer losses at all -- why would they care? The US government is probably more interested in shutting Binance down than helping them recover stolen bitcoins! Cheesy

stompix

legendary

Activity: 2912

Merit: 6403

Blackjack.fun

Quote from: bryant.coleman on August 18, 2019, 09:18:42 AM

BTW, I haven't heard any updates on this for the past 7-8 days. Does anyone have an updated status on the status of the investigation?

What investigation? Cheesy

A so-called "cryptocurrency analytics platform" called Clain with 8 employees has made claim (pun!). Nothing more.
They could, of course, take spend their time and analyze the transactions they claim they have discovered and follow the coins but, they don't have nor the resources nor the motivation for it, they have achieved their PR goal, no they will go silent till they can make some outrageous claims again and gain even more publicity.

A real investigation if when official agencies move in and in this case, the binance hack, we haven't heard a word from them yet in two months.

bryant.coleman

legendary

Activity: 3766

Merit: 1217

Quote from: bob123 on August 18, 2019, 06:22:07 AM

ChipMixer does not mix like Kakmakr thinks they do.

The procedure is:
1) You deposit BTC
2) You get 'chips' worth your BTC
3) You can split or merge those chips (e.g. split a 0.4BTC chip into 2x 0.2 BTC chips; or merge 2x 0.8BTC chips into one 1.6 BTC chip.
4) You want to withdraw these chips -> You get private keys worth exactly the amount of the chip

The UTXO's you get with the private keys have been created before you deposited into chipmixer.
Therefore, if you do everything right it gets close to impossible to trace the money back to you.

You could wait one month before creating a transaction. This would circumvent any chain analysis. Especially if you do not send the whole amount at once, but only small percentages.

Very informative post. Many thanks for posting this. I don't expect someone (or more probably a group of people) who managed to rob $50 million to act stupid. They might have studied the algorithm used by Chipmixer in great detail, before using its services. So I would say that the feds will not be able to trace the coins back to the individuals, unless the Chipmixer guys had included some spyware algorithm in the system (which is very very unlikely).

So what will the feds do next? They are going to blame Chipmixer for sure, and will try their best to close down the mixer. If the Chipmixer owners refuse that, then the feds may go ahead with domain seizure. BTW, I haven't heard any updates on this for the past 7-8 days. Does anyone have an updated status on the status of the investigation?

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: Initscri on August 17, 2019, 03:12:06 PM

Quote from: Kakmakr on August 11, 2019, 07:05:06 AM

This is a very stupid move and it might lead to the hacker being caught a lot quicker. A mixer service takes your coins and mix them with other people's coins, but the larger the amount of coins being mixed, the higher the chances that those coins might be mixed by the coins being send. It is rumoured that mixing services are less anonymous with larger amount of coins being mixed. Roll Eyes

So let's hope this backfires on them and that they dug their own grave by doing this. Tongue

The companies tracking these coins, might just have received a jackpot from these hackers bombarding a single mixer service with a lot of coins. Grin

It also would depend on how long the mixing service held the coins for in order to perform the mix. Some coin mixers may cause a longer delay in order to assure that the coins were successfully mixed well. Not sure ChipMixer's procedure for this (or if they have this built in)

ChipMixer does not mix like Kakmakr thinks they do.

The procedure is:
1) You deposit BTC
2) You get 'chips' worth your BTC
3) You can split or merge those chips (e.g. split a 0.4BTC chip into 2x 0.2 BTC chips; or merge 2x 0.8BTC chips into one 1.6 BTC chip.
4) You want to withdraw these chips -> You get private keys worth exactly the amount of the chip

The UTXO's you get with the private keys have been created before you deposited into chipmixer.
Therefore, if you do everything right it gets close to impossible to trace the money back to you.

You could wait one month before creating a transaction. This would circumvent any chain analysis. Especially if you do not send the whole amount at once, but only small percentages.

Initscri

hero member

Activity: 1582

Merit: 759

Quote from: Kakmakr on August 11, 2019, 07:05:06 AM

This is a very stupid move and it might lead to the hacker being caught a lot quicker. A mixer service takes your coins and mix them with other people's coins, but the larger the amount of coins being mixed, the higher the chances that those coins might be mixed by the coins being send. It is rumoured that mixing services are less anonymous with larger amount of coins being mixed. Roll Eyes

So let's hope this backfires on them and that they dug their own grave by doing this. Tongue

The companies tracking these coins, might just have received a jackpot from these hackers bombarding a single mixer service with a lot of coins. Grin

It also would depend on how long the mixing service held the coins for in order to perform the mix. Some coin mixers may cause a longer delay in order to assure that the coins were successfully mixed well. Not sure ChipMixer's procedure for this (or if they have this built in)

copoyes

full member

Activity: 616

Merit: 105

it could be only limited to Commodities, the rest there is a possibility they will make their own digital money system, seen from the strong China in the trade market, they prefer to make technology large-scale benefits and benefit the country, for sure they prioritize technology such as the blockchain

bryant.coleman

legendary

Activity: 3766

Merit: 1217

Quote from: malevolent on August 14, 2019, 03:07:14 PM

Quote from: bryant.coleman on August 12, 2019, 08:25:44 PM

I agree that fiat currency is not involved and therefore the threat level is low. But in case of BTC-e, almost 45% of their crypto funds were also seized by the feds. They have the capability to seize wallets and steal the coins within them. My guess is that if the authorities can prove that Chipmixer is regularly used by criminals to launder their money, then they will be able to create issues for the team, even if they may not be able to close down it completely.

Not the same BS again. No one seized BTC-e's wallets, only fiat currencies were either frozen or seized, and it was less than 45% (no one outside BTC-e themselves knows the exact figure). And BTC-e was easier to locate given that they hosted their website in the US and needed more infrastructure than a mixer.

I am not sure about this, but I believe that your claims are wrong. As per their last communication (which was made almost a year back), they announced that the FBI had seized 38% of their funds (not 45%, sorry for that) and the majority of that was cryptocurrency. And secondly, I don't think that the website was hosted in the United States. It was located in a third country (other than the US and Russia). Wex.nz was registered at Accounting and Corporate Regulatory Authority of Singapore. So I suspect that their domain was hosted there.

Still, I could be wrong. I was one of the users who lost my funds when Wex.nz went down and after that I did quite a bit of research about them. But there is a chance that the information that I got was not accurate.

Reid

hero member

Activity: 3052

Merit: 651

Quote from: figmentofmyass on August 14, 2019, 12:08:41 PM

Quote from: Reid on August 14, 2019, 10:36:55 AM

Let us not put it all with that company, some of the exchanges are also being used as a way to escape this kind of hacked coins specially DEX's or maybe some local ones with no KYC until you hit a number where they need to submit some information in regards for the Money Laundering Act.

the funny thing is, binance is always being used to launder stolen coins. it's one of the go-to venues besides DEX and mixers because it's so easy to spin up lots of unverified accounts and cash out anonymously.

That is true. 2 BTC per account. 4000 BTC will just be an easy walk in the park.
Free users with 2 BTC limit each 2000 gmail accounts is free and then just buy prepaid sim cards for the authentication of gmail. Voila! You have lots of money in just a manner of time. Come in and out with different currencies or you could put it all in USDT and no one will notice it. Grin

There is no need to put it in just one BTC wallet address again. Scatter it all over the crypto world.
I guess hackers do know about that, but due to laziness in creating a lot of accounts then mixer will be the best and effortless thing to do.

Topic: Binance Hackers Bombard Chipmixer to Launder at Least 4,836 BTC - page 3. (Read 6425 times)