U.S. cyber sleuths spent seven years trying to unmask the shadowy figure who ran Bitcoin Fog, a dark web service that authorities say helped criminals launder cryptocurrency for a decade.
To find their man, Internal Revenue Service agents turned to Chainalysis Inc., a blockchain analytics firm that helps law enforcement and corporations trace the flow of illicit funds. Using Chainalysis software, agents analyzed hundreds of thousands of Bitcoin Fog transactions.
By April 2021, agents pounced. They arrested Roman Sterlingov, a Swedish and Russian citizen as he flew into Los Angeles, saying he ran a “go-to money laundering service for criminals seeking to hide their illicit proceeds from law enforcement.”
They also charged him with operating an unlicensed money transmitting business related to “mixing,” a practice that makes it much harder to trace transactions by jumbling together tokens from different owners.
Crypto mixing has been an enforcement priority for U.S. prosecutors, who in August charged two founders of Tornado Cash with helping launder more than $1 billion for clients that included a North Korean cybercrime organization.
Sterlingov, 35, has proclaimed his innocence as he prepares for trial in Washington. Sterlingov’s lawyers have used court filings, hearings, social media and podcasts to pursue a novel defense strategy: attack Chainalysis tracing as unscientific and unreliable. On Wednesday, a judge delayed the trial from Thursday to Feb. 12 so Sterlingov can review confidential Chainalysis data.
No defendant has ever gone to such lengths to undermine Chainalysis, a nine-year-old company that has received funding from investors including GIC, a Singapore government wealth fund, and Blackstone Inc. Government agencies in 50 countries are among its 1,200 customers.
‘Junk science’
Sterlingov attorney Tor Ekeland is unimpressed.
“This is junk science that doesn’t belong in a federal court,” Ekeland said at a Sept. 7 court hearing.
Ekeland claims the firm’s Reactor software – the secret sauce used by cyber cops — made flawed assumptions about the flow of crypto funds that falsely incriminated Sterlingov. He argues that Chainalysis can’t identify its error rate or point to peer-reviewed research to support its accuracy.
Ekeland slammed Chainalysis and attacked Justice Department prosecutors as he raised money to support Sterlingov, who’s been locked up since his arrest.
“The main problem that they have is there’s not a single piece of evidence anywhere that he ever operated Bitcoin Fog,” Ekeland said on the What Bitcoin Did podcast. “What quote unquote evidence that they have is all based on this really shoddy blockchain forensics conducted mainly” by Chainalysis.
Chainalysis and prosecutors declined to comment, but in court filings and hearings, both defended the reliability of the Reactor software.
While the firm has resisted requests for its source code and testimony from executives, it accused Sterlingov’s team of harassment and asked U.S. District Judge Randolph Moss to hold them in contempt.
‘Trade secrets’
“They wish to be standard bearers for those in the cryptocurrency community who believe governments should have no ability to trace movements of funds on darknet platforms,” company lawyers wrote last month. “Those same actors would doubtless like to harm Chainalysis, including by publishing its trade secrets.”
Chainalysis has called the smear campaign a “fundraising ploy” and an attempt to help the crypto world escape accountability.
On Wednesday, Moss signed an order allowing a Sterlingov expert to review company data on how it traces blockchain transactions. The judge was clear that the data must remain confidential.
Attempts to raise money for Sterlingov have met with mixed success. One crowdfunding site showed that more than 190 donors contributed about $4,500 to his legal defense fund.
“We, the Bitcoin community got your back!,” wrote one funder. “You are fighting for all of us, chainalysis is a huge scam,” wrote another.
In a Sept. 11 filing, prosecutors said Chainalysis information is “frequently validated and found to be reliable” in supporting subpoenas and search warrants.
They cited dozens of successful prosecutions, including the Welcome to Video case against more than 300 people charged with using a darknet market for child pornography. Another was the insider trading case against Vladislav Klyushin, a Russian hacker sentenced Sept. 7 to nine years in U.S. prison.
Chainalysis is on a winning streak. Bloomberg Government records show Chainalysis made $68.6 million in contracts from eight U.S. agencies since 2019, with about half coming from the Treasury Department.
Bitcoin fever
Sterlingov hasn’t had such luck. He described his life in testimony on Jan. 31, when he unsuccessfully asked the judge to release funds seized after his arrest so he could pay his lawyers. Born in Russia, he moved to Sweden at 14. In 2010, he was working for a marketing and web firm and doing freelance IT work when he caught Bitcoin fever.
He went to meet-ups with fellow enthusiasts and used Bitcoin Fog to protect his privacy. He said he was “really concerned about being robbed or hacked, either at one of those meet-ups” or by a trading partner.
He said he earned crypto legally and placed it in wallets on the Kraken exchange after mixing it through Bitcoin Fog. Sterlingov said that he was a user of Bitcoin Fog, but insists he never operated it or earned fees from it, as prosecutors allege. Agents used Chainalysis to tie the funds in his Kraken accounts to Bitcoin Fog.
On questioning by a prosecutor, he said wasn’t sure if he had set up the domain name for Bitcoin Fog. But prosecutors have cited evidence unrelated to Chainalysis that he registered the domain name more than a decade ago. The transaction involved four forms of currency, three virtual payment services and three different burner email accounts, an FBI agent testified.
Investigators found a document in a Google account linked to Sterlingov’s phone number that matched the same steps used for the domain name, according to an FBI affidavit. The agent also stated that “a series of small value transactions” originating from an account registered in Sterlingov’s name appeared to test Bitcoin Fog before it went live.
Still, Ekeland says there’s no corroborating evidence against Sterlingov.
“This is the only blockchain prosecution that I’m aware of that has no server logs, that has no servers, that has no communications,” Ekeland said on the podcast. “Roman couldn’t even code something as complicated as Bitcoin Fog.”
— With assistance from Olga Kharif and Yueqi Yang
Credit: Source link