Russian DNC Hackers Used Bitcoin to Fund Operation
Even prior to Donald Trump’s November 2016 U.S. presidential election, the notion of Russian interference in the election was under investigation by U.S. intelligence agencies. One of the first events to transpire was a malicious hack on the Democratic National Committee (DNC) and Hillary Clinton’s `presidential campaign.
On March 16, 2016, Wikileaks published a searchable inventory of 30,000 emails retrieved from the Clinton campaign, including those from her campaign chairman, John Podesta. The matter is a subject of special counselor Robert Mueller’s broad investigation into Russia’s interference in the U.S. election.
Today, Rod Rosenstein, the Deputy Attorney General of the United States, announced that Mr. Mueller’s investigation indicted 12 Russians GRU agents in the hacking operation. The comprehensive indictment issues eleven charges at the various defendants including conspiracy to access computers without authorization, aggravated identity theft, and money laundering.
Deputy Attorney General Rod J. Rosenstein Delivers Remarks Announcing the Indictment of Twelve Russian Intelligence Officers for Conspiring to Interfere in the 2016 Presidential Election Through Computer Hacking and Related Offenses https://t.co/4di0Drcokd
— Justice Department (@TheJusticeDept) July 13, 2018
Although the Russian operatives’ mission was information-based, the indictment claims they used cryptocurrencies to fund their work.
Bitcoin Used to Fund the Operation
The Russian operatives required extensive computing equipment to complete their work, and they relied on cryptocurrencies to make necessary purchases.
In a copy of Mr. Rosenstein’s remarks published by the Department of Justice, he contends,
“Count Ten charges the eleven conspirators with money laundering by transferring cryptocurrencies through a web of transactions in order to purchase computer servers, register domains, and make other payments in furtherance of their hacking activities, while trying to conceal their identities and their links to the Russian government.”
For example, according to the indictment, the Russian operatives used cryptocurrency to buy the domain “dcleaks.com” where they disseminated many of the stolen emails. In addition, they used Bitcoin to purchase a VPN account used to access various “dcleaks” and other relevant social media accounts.
As the indictment notes,
“Although the Conspirators caused transactions to be conducted in a variety of currencies, including U.S. dollars, they principally used bitcoin when purchasing servers, registering domains, and otherwise making payments in furtherance of hacking activity.”
In some cases, the Russian operatives mined Bitcoin to acquire the currency, but they also worked through a network of p2p exchanges while also exchanging Bitcoin for other digital currencies to further mask the process.
In total, the Russian conspirators laundered $95,000 through Bitcoin transactions.
The Blockchain Paper Trail
By primarily relying on cryptocurrencies, the hackers were able to make purchases without interacting with established financial institutions, which would have exposed them to more significant levels of scrutiny.
Of course, while cryptocurrencies allow a level of anonymity, all transactions are permanently logged in the public blockchain, but they are only identifiable by a complicated alpha-numeric Bitcoin address. Therefore, to avoid detection, the report concludes that the Russian operatives implemented hundreds of email addresses backed by fake names and addresses to facilitate their Bitcoin transactions.
However, they used only a few email addresses to manage all of their accounts, making their activity more identifiable when those specific email accounts were housed on the same computers used to conduct hacking. When the same computers used to mine the operatives Bitcoin were used to register domains and social media accounts linked to the operation, their anonymity began to dissolve.
The indictment demonstrates the broad potential for nefarious use-cases for cryptocurrencies but also the limitations of those efforts. Despite their best efforts, some of the most highly trained operatives could not use Bitcoin to break the law without consequence.