Tech

US files lawsuit against Bitcoin exchange that helped launder ransomware profits

As "Mr. Bitcoin" seems destined to be extradited to Russia, US authorities are trying to recover some of BTC-e's funds in a last ditch effort.

Written by Catalin Cimpanu, Contributor July 29, 2019 at 12:27 p.m. PT

See als

10 dangerous app vulnerabilities to watch out for (free PDF)

The US Department of Justice has filed a civil lawsuit seeking to recover more than $100 million from a notorious cryptocurrency exchange that has helped cyber-criminals launder stolen funds, such as those obtained from ransomware payments, dark web drug marketplaces, and funds from hacked cryptocurrency exchanges.

In a lawsuit filed on Friday, July 26, the US wants to recover $88,596,314 from the accounts of the now-defunct BTC-e cryptocurrency exchange, and an additional $12 million from Alexander "Mr. Bitcoin" Vinnick, BTC-e's founder and CEO.

Lawsuit wants to recover US fine in a sinking legal case

The sum represents a fine that was imposed by the US Treasury's Financial Crimes Enforcement Network (FinCEN) in 2017 when the FBI shut down the BTC-e portal, and Greek authorities arrested Vinnick.

For the past two years, the DOJ has been trying to extradite Vinnick to the US to face charges, but with no success.

In fact, in a shocking and unexpected decision, Greece's highest court ruled last year to extradite Vinnick to Russia, his home country, where he stands to face trial on much lighter charges than those brought forward by the US and France (also looking for Vinnick's extradition).

The DOJ's civil lawsuit is an alternative legal method to make sure the US Treasury FinCEN recovers its due fine in the case US authorities opened in 2017.

BTC-e was a hotbed for money laundering

Those fines were imposed because BTC-e violated the Bank Secrecy Act (BSA). First by not registering with US authorities as a Money Services Business (MSB), even if it catered to US consumers.

Second, for failing to implement an anti-money laundering (AML) program in accordance with US and many other international standards.

And third, for failing to file any suspicious activity report (SAR) for the numerous shady transactions that have happened on its platform.

And there have been plenty of those.

When authorities charged Vinnick and shut down BTC-e on July 26, 2017, the DOJ said that the platform, which claimed on its website to have handled over $7 billion worth of Bitcoin in its lifetime, had laundered criminal proceeds of more than $4 billion, representing more than half of the funds that have ever gone through its accounts.

A day later after the BTC-e shutdown, a team of academics that also included Google staffers presented research at the Black Hat USA 2017 security conference, revealing that 95% of all ransomware ransom payments that had been made up until that point had been cashed out and converted into fiat currency through Vinnik's BTC-e portal.

Furthermore, a similar investigation by a group of anonymous Bitcoin experts calling themselves WizSec published an investigation linking Vinnik's Bitcoin accounts to money laundering operations involving funds stolen from the (hacked) Mt. Gox exchange.

In addition, WizSec also said BTC-e was involved in laundering funds stolen from other cryptocurrency exchanges, and not just Mt. Gox, such as Bitcoinica, Bitfloor, and other platforms they did not name at the time.

And last but not least, the DOJ also blamed Vinnick of allowing dark web drug marketplaces and drug cartels to operate accounts at his exchange, helping criminal gangs moves money undetected across borders.