Vivere Militare Est.
- Jan 22, 2018
The alleged administrator of Bitcoin Fog kept the dark web service running for 10 years before the IRS caught up with him.
Bitcoin Fog appears to still be live, but its alleged administrator is now in custody.
FOR A DECADE, Bitcoin Fog has offered to obscure the source and destination of its customers' cryptocurrency, making it one of the most venerable institutions in the dark web economy. Now the IRS says it has finally identified the Russian-Swedish administrator behind that long-running anonymizing system and charged him with laundering hundreds of millions of dollars worth of bitcoins, much of which was sent to or from dark web drug markets. What gave him away? The trail of his own decade-old digital transactions.
US authorities on Tuesday arrested Roman Sterlingov in Los Angeles, according to court records, and charged him with laundering more than 1.2 million bitcoins—worth $336 million at the times of the payments—over the 10 years that he allegedly ran Bitcoin Fog. According to the IRS criminal investigations division, Sterlingov, a citizen of Russia and Sweden, allowed users to blend their transactions with those of others to prevent anyone examining the Bitcoin blockchain from tracing any individual's payments. He took commissions on those transactions of 2 to 2.5 percent. In total, the IRS calculates, Sterlingov allegedly took home roughly $8 million worth of bitcoin through the service, based on exchange rates at the times of each transaction. That's before factoring in Bitcoin's massive appreciation over the past decade. Ironically, it appears that the 2011 transactions Sterlingov allegedly used to set up Bitcoin Fog's server hosting are what put the IRS on his trail.
“This is yet another example of how investigators with the right tools can leverage the transparency of cryptocurrency to follow the flow of illicit funds,” says Jonathan Levin, cofounder of blockchain analysis company Chainalysis.
As of Tuesday afternoon, Bitcoin Fog remained online, though it's unclear who, if anyone, now operates it. Neither the IRS nor the Department of Justice responded to WIRED's requests for comment.
The story told in the criminal complaint against Sterlingov begins with his allegedly founding the site in late 2011, while promoting it under the pseudonym Akemashite Omedetou, a Japanese phrase that means "Happy New Year." In a post on the Bitcoin forum BitcoinTalk, Omedetou advertised that Bitcoin Fog "[mixes] up your bitcoins in our own pool with other users," according to the complaint, and "can eliminate any chance of finding your payments and making it impossible to prove any connection between a deposit and a withdraw inside our service."
Of the $336 million the complaint accuses Bitcoin Fog of laundering, at least $78 million passed through the service to various narcotics-selling dark web markets like the Silk Road, Agora, and AlphaBay over the years that followed. The IRS also appears to have used undercover agents in 2019 to transact with Bitcoin Fog, in one case sending messages to Bitcoin Fog's administrator that explicitly stated that they hoped to launder proceeds from selling ecstasy. Bitcoin Fog completed that user's transactions without a response.
Most remarkable, however, is the IRS's account of tracking down Sterlingov using the very same sort of blockchain analysis that his own service was meant to defeat. The complaint outlines how Sterlingov allegedly paid for the server hosting of Bitcoin Fog at one point in 2011 using the now-defunct digital currency Liberty Reserve. It goes on to show the blockchain evidence that identifies Sterlingov's purchase of that Liberty Reserve currency with bitcoins: He first exchanged euros for the bitcoins on the early cryptocurrency exchange Mt. Gox, then moved those bitcoins through several subsequent addresses, and finally traded them on another currency exchange for the Liberty Reserve funds he'd use to set up Bitcoin Fog's domain.
Based on tracing those financial transactions, the IRS says, it then identified Mt. Gox accounts that used Sterlingov's home address and phone number, and even a Google account that included a Russian-language document on its Google Drive offering instructions for how to obscure Bitcoin payments. That document described exactly the steps Sterlingov allegedly took to buy the Liberty Reserve funds he'd used.
The case shows yet another example of how Bitcoin, once widely believed to be a powerful tool for making anonymous, untraceable transactions, has turned out to be in many cases the very opposite. The blockchain's ledger of all Bitcoin transactions since the cryptocurrency's creation has often instead served as a means for law enforcement to trace even years-old transactions.
The arrest of Bitcoin Fog's administrator based on blockchain analysis represents just how far back in time investigators can reach with those "follow the money" techniques, says Sarah Meiklejohn, a computer scientist at University College of London whose work pioneered Bitcoin-tracing techniques in 2013. "With blockchain analytics the thing we say over and over is that all this activity is on this ledger forever, and if you did something bad 10 years ago you can be caught and arrested for it today," says Meiklejohn. "The fact that they're pulling up those transactions is really significant."
Meiklejohn remains puzzled over why Bitcoin Fog remains online after its administrator has been arrested. She notes that law enforcement has quietly taken over dark web criminal operations in the past—though it's not clear, if that were the case with Bitcoin Fog, why the criminal complaint against Sterlingov has been unsealed. "At this point, for anyone who wants to mix their coins, you just have to assume that the service is compromised," Meiklejohn says.
If spending and receiving bitcoins with any assurance of anonymity wasn't already hard enough, in other words, it just got a little harder.
Going to the US... big, big mistake.
Also, why didn't he switch over to Monero instead? it was a matter of time.