@loycev it is definetly same owner as the cryptsy hack
If it's "definitely" the same owner, prove me how transaction - 1e7c498469369e90dfdd0c8258c6aa5325661553f441a2c6897d93b210f8ef67 - which spends supposedly stolen funds of 2014, has a direct correlation with transaction - 1f393532c18ac21a21b17ea890579a6d071f008400b2c73ced357cd59fe194d3 - wherein I only see some (conceivably) ChipMixer's chips being spent.
Ok, bare with me, I'll try and explain this one after discovering OXT. The summary is: the coins
weren't mixed between those two txs you reference for starters.
On the left:
1e7c498469369e90dfdd0c8258c6aa5325661553f441a2c6897d93b210f8ef67On the right:
1f393532c18ac21a21b17ea890579a6d071f008400b2c73ced357cd59fe194d3 Tx
557ddcdd1bb1380a04c52748454314aca8f9ef68b75ea678e64b74152525b3af (top right of first image) has a single input (not a mix, just a breakdown):
Hate to say it, but It simply
looks like the thief has either no idea what they are doing, or got confused between their mixed outputs and "broken down" outputs.
As for the "
original mix" in 2014, prior to "1f393532" that is considered the stolen funds, this is a good example of how not to mix your coins basically.
Were mixers even working or being used back then? There was simply a lot of "private mixing" going on in this particular case
- Numerous mainly high-value inputs are all consolidated to 1000+ outputs, apart from 1 output for 0.0961 BTC. Completely not how you mix coins if you don't want to be traced
- Notably 0.0961 BTC is the only unspent output from this "mix" which looks like it came from the input of 0.099 BTC (caught in the mix maybe and now considered "tainted").
For sure, someone else could of also decided to mix 1000+ coins, granted. Then if you trace back these so-called "mixed funds" that were consolidated, they are nearly all Cryptsy labelled addresses simply consolidated together to either single ANON outputs, with the error of what looks like a change addresses (secondary output), often interconnected between "mixes" or back to Cryptsy.
Expanding a few more inputs and it only connects together more of these addresses with same pattern, as well as secondary output going back to a Cryptsy address:
So in summary, this would be a completely legit mix (centered), if it didn't all come from Cryptsy in the first place (with the exception of 1 tx accounted for):
I only found one address that
wasn't labelled Crypsy entering this mix, but it was with 11 BTC, so couldn't of been part of it alone (with outputs being 1000+ or <0.1). This is why you don't do DIY mixing basically.
This is what eliminates the element of doubt that these coins were originally stolen is the reality and probably why they are considered 100% stolen as opposed to 25% "tainted" (mixed) for example.
As for plausible deniability from the user in question, for sure, he could of received those coins in good faith from the thief.
For example in tx
557ddcdd1, the hacker could of paid for 30 nights in a hotel room costing 0.256 BTC up front, using 30 different addresses to pay. Or bought 30 different things for 0.256 BTC with the same transaction, gift cards, games, cds, who knows. The one receiving the Bitcoin likely wouldn't be checking to see if the funds were stolen or "tainted". 30 donations of 0.256 BTC sent to 30 charities? Anything is possible here.
Even before then, the thief could have purchased something for
15.6 BTC, and the user in question was the one to have broken it up into 0.256 BTC increments, or maybe even their employer did before paying their staff. Only to find out the funds were "tainted", because they were stolen 8 years ago. Gutted. Why would the user come here complaining about 0.256 BTC if they still had thousands from that 11K hack anyway? That wouldn't actually make sense either. There are still plenty of unspent outputs of much higher value from this hack I noticed.
So despite the overwhelming evidence that these coins were indeed stolen (as shown above, the coins were only mixed with each other, not with others in any effective manner), it's still not possible to prove that the user was the one who stole them. I'd like to think anyone is "innocent until proven guilty", rather than the idea of having to prove someone's innocence in order not to be considered guilty. So would providing KYC prove your innocence? Of course not. It would just guarantee police/fbi attention, whether you're the hacker or not. So of course you wouldn't want to provide it if you don't want to be caught or wrongfully accused.
Credits:
https://oxt.me