India-Based Email ID Used in Bitifinex BTC Hack

Share

Washington/ Bengaluru: The United States Internal Revenue Service (Criminal Investigation) IRS-CI, Federal Bureau of Investigation (FBI) investigation into the Bitfinex cryptocurrency exchange hacking in 2016 has revealed an “India based email provider” quite a few times though no further details or names from India have been provided in the probe.

The IRS CI investigation has led to the recovery of 94,636 of the stolen bitcoins, “presently worth $3.629 billion.”

In his submission before the designated court, Christopher Janczewski, special Agent IRS-CI on February 7, 2022 stated that “the six accounts of virtual currency exchanges (VCEs) were all registered using email addresses hosted by the same India-based email provider, and that the eight VCE 1 accounts shared notable commonalities leading investigators to believe that they were owned by the same individual.”

Further, IRS CI investigations revealed that “similarly styled email addresses hosted by the same India based provider were accessed by the same IP addresses and created around the same time period surrounding the hack of Victim VCE (virtual currency exchange) in or around August 2016. The blockchain analysis revealed that stolen funds moved through AlphaBay (darknet market between December 2014 and July 2017) were also sent to accounts registered using an email address associated with the above-referenced India-based email provider.”

The FBI investigation, however, concluded that all of the laundering activity was conducted by Ilya Lichtenstein, 34 and his wife, Heather Morgan, 31, who were arrested early this year for alleged conspiracy to launder stolen cryptocurrency. Ilya Lichtenstein was the co-founder of Mixrank, a Y-Combinator backed startup and Heather Morgan was a writer for Forbes.

[webp-to-jpg output image]
Ilya Lichtenstein and Heather Morgan

The probe revealed that  Lichtenstein, of Russian origin and  Morgan – a US citizen  – employed numerous money laundering techniques, including using accounts set up with fictitious identities; moving the stolen funds in a series of small amounts, totalling thousands of transactions, as opposed to moving the funds all at once or in larger chunks; utilizing computer programs to automate transactions, a laundering technique that allows for many transactions to take place in a short period of time;  layering the stolen funds by depositing them into accounts at a variety of VCEs and darknet markets and then withdrawing the funds, which obfuscates the trail of the transaction history by breaking up the fund flow etc to legitimize activity.

The investigation has cleared the air on hacker Srikrishna Ramesh alias Sriki’s claim over his alleged involvement in hacking the Bitifinex cryptocurrency exchange in 2016. He was arrested by Bengaluru police in November 2020 for allegedly hacking cryptocurrency exchanges and procuring contraband drugs on the darknet.  Bengaluru police commissioner Kamal Pant had later countered Sriki’s claim stating that “the representatives of Bitfinex company have neither shared any details of the alleged hack nor have sought any information so far,” the top cop said.

Congress leader Priyank Kharge had on Thursday tweeted about the FBI in India investigating the BTC scam. “If the FBI investigation has revealed India based email services, should it not be investigated by the police here?” He questioned.