Russian Hackers Use Bitcoin to Hack U.S Presidential Elections.
A group of 12 Russian Hackers was accused of hacking during the 2016 presidential U.S elections according to an indictment released in July by the Department of Justice.
More importantly, the hackers were found to fund their illicit activities during the hack with $95,000 worth of Bitcoin as reported by Wired Magazine. The dozen purchased servers, websites, VPNs and other accounts to carry out the attack relatively anonymously.
Among other activities, these servers were used to conduct “spear phishing” attacks to gain access to the email accounts of the American officials.
The indictment states that the hackers chose Bitcoin to “avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds.”
When the news broke out, politicians, media publications and the general public at large had no one else to blame except for Bitcoin and its unusual architecture which facilitates pseudonymous (not anonymous) transactions.
Dissecting the whole act, it is now known the hackers also used some fiat currency here and there in the execution of the attack.
The bitcoins used by the group came as a result of multiple transactions through peer-to-peer exchanges, which allow participants to trade directly with each other without the need for an exchange to process transactions. This allowed them to effectively buy bitcoins without giving any information to the exchanges or going through a KYC/AML verification process.
Apart from buying bitcoin, the hackers also indulged in mining, which is a process of validating transactions to get a financial reward (in BTC and transaction fees). Despite consuming huge amounts of electricity, the process is still profitable enough for the miners to generate considerable gains.
All the bitcoins acquired by the group were then used for setting up the infrastructure to execute their hack which included buying a server in Malaysia for the website and paying a Romanian company to register a domain name called dcleaks.com.
In addition to this, the group also bought a Virtual Private Network, with BTC, to hide their IP address and their location after they went live. Using the same VPN, they operated a twitter account with the handle “Guccifer_2” to post stolen emails from Democratic National Committee as well as John D.Podesta, the chairman of the Clinton Campaign.
Chainalysis, a blockchain forensics company, which is “building trust in blockchains,” has been previously used by clients worldwide, including the DOJ, to detect fraud, money laundering and other crimes on the blockchains.
Jonathan Levin, the co-founder of Chainalysis, said,
“This is the first clear example in court documents of cryptocurrency being used to purchase capabilities that could be leveraged in attacks on national security. ”
In the event of the hack, while blaming Bitcoin was the first move, the indictment also mentioned the inability of the officials to provide security measures against phishing attacks and notice the presence of X-Agent malware installed in the system.
Moreover, Bitcoin is not apparently the best currency for hackers to conduct operations. While it can hide their real identity, it is also very much traceable. Since it works on the blockchain, it can easily provide the trail of transactions to the investigators.
Other currencies like Monero and Zcash use advanced cryptographic techniques to ensure a high degree of anonymity and might be a much better choice for criminals aiming to attack national security.
While the hackers avoided the traditional financial institutions from getting in their way by using Bitcoin, it is more harmful than beneficial since it stores an immutable record of transactions forever on the blockchain.
Levin thinks we need to figure out ways to combat the criminal activity in a world where cross-border transactions can happen just with the click of a button,
“The fact that cryptocurrencies are global and real-time means that you might only find out about these things after the fact. We need to think about the responsibilities that we all have in a world where payments move seamlessly across borders in the blink of an eye.”