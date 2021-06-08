“I don’t want to give up our profession in case we want to use it again for future efforts,” Elvis Chan, deputy special agent for the FBI’s office in San Francisco, said on Monday.

It is not known exactly how the FBI recovered the key.

On Monday, the Justice Department reported a successful mission to recover $ 2.3 million in bitcoin paid by Colonial Pipeline to ransomware hackers in April. Court documents said investigators traced bitcoin transaction records to a digital wallet, which they then seized by court order. Officials were then able to access this wallet with what is called a “private key” or password.

The FBI’s breach of a bitcoin wallet held by cybercriminals who attacked Colonial Pipeline is a matter of sloppy storage, not a reflection of a security vulnerability in digital currency, crypto experts told CNBC.

Until the FBI is more transparent in its methods, it is not possible to know exactly how federal investigators managed to recover the private key in question. But there are a few possible scenarios.

DarkSide, the cybercriminal gang that targeted Colonial, allegedly used a Payment server to collect funds. A centralized platform like this is relatively easy for the FBI to follow.

“Tracking money remains one of the most basic, but the most powerful tools we have,” Deputy Attorney General Lisa O. Monaco said in a statement on Monday.

“Because these transnational organized crime groups facilitate these cryptocurrency payments, and because of the transparency and traceability that cryptocurrency offers, you can actually track money more effectively and potentially mitigate and stop them. illicit activities within this ecosystem, than you can with traditional finance and fiat currencies and payments, ”explained Jesse Spiro, global policy manager for Chainalysis, a company that provides blockchain forensic and investigative services. to private sector companies, including crypto exchanges.

When a ransomware-related payment is made, Chainalysis is in fact able to produce and generate what Spiro calls “unprecedented intelligence and information regarding the supply chain.”

Chainalysis could not give details of the colonial investigation.

Once the FBI had this wallet in hand, it is extremely unlikely that they would have broken something called the “Elliptical Curve Digital Signature Algorithm”, which is how digital currency ensures that bitcoin cannot be spent only by the rightful owner.

“In fact, it’s so far-fetched that it’s impossible,” said Nic Carter, founding partner of Castle Island Ventures.

What’s much more likely, according to Carter, is that they were able to gain access to a server where the hackers stored private key information. This does not indicate any fundamental flaw in Bitcoin’s security, but rather a case of poor computer hygiene for a criminal organization.

Just take the 2014 hack from Mt. Gox, once the main exchange for bitcoin. It was the first large-scale hack in the history of cryptocurrency. The exchange filed for bankruptcy and lost 750,000 bitcoins from its users, plus 100,000 of its own.

“Bitcoin itself has worked perfectly, but what has worked imperfectly is their system of storing your private keys,” Carter explained.

This is why some cybercriminals take their coins offline in cold rooms, in order to isolate the infamous tokens won by the government and law enforcement.

“If you want to store your coins really out of state reach, you can just hold those private keys directly. It’s the equivalent of burying a gold bar in your backyard,” Carter said.