Hacker Stole $3 Billion With Bitcoin – Because ‘Crypto’ Is Garbage
James Zhong admitted to stealing 50,000 bitcoins from the former dark web market, Silk Road. The US Department of Justice recently opened up and happily told the story of seizures.
It is another example of how The cryptocurrency ecosystem is incredibly weak. Zhong easily managed to confuse Silk Road’s website and make multiple withdrawals from the same deposit.
Calling him a “hacker” is frankly insulting to hackers. In today’s SB Blogwatch, we roll our eyes.
Your humble blogwatcher curated these blog bits for your entertainment. Not to mention: Jayme asked an AI to make his music video.
In Fiat we trust
What is craic? Bill Toulas reports – “US exposes hacker who stole 50,000 bitcoins from Silk Road”:
“Under blankets in a popcorn box inside a bathroom cabinet“
James Zhong, a mysterious hacker who stole 50,000 bitcoins from the ‘Silk Road’ dark web market … pleaded guilty to money laundering crimes. … In September 2012, he stole 50,000 bitcoins from Silk Road by … exploiting a “withdrawal processing flaw” that allowed him to withdraw many times more Bitcoin than he deposited.
…
Zhong funded nine different accounts with an initial deposit of 200 to 2,000 bitcoin and then triggered 140 withdrawal transactions in quick succession. The hacker exploited a lag in the market’s transaction system so that someone could withdraw their own deposit several times. In this way, Zhong tricked the system into releasing 50,000 bitcoin.
…
The seizure occurred on November 9, 2021, when law enforcement authorities with a search warrant found … 50,491 Bitcoin hidden in an underground safe and on a single desktop computer submerged under blankets in a popcorn box inside a bathroom closet. … Zhong is scheduled to be sentenced on February 22, 2023, with the maximum potential sentence for wire fraud being 20 years in prison.
Sounds like a lot of money. Jacquelyn Melinek is unnecessarily precise – “DOJ Announces Seizure of $3.36B in Cryptocurrency”:
“A mystery for almost 10 years“
Law enforcement seized 50,676.17851897 bitcoins, then valued at more than $3.36 billion, from Zhong’s home. [They] also recovered $661,900 in cash, 25 Casascius coins with bitcoin (valued at about 174 bitcoin), another 11,116 bitcoin, and a handful of silver and gold colored bars.
The whereabouts of this huge amount of bitcoin was a mystery for nearly 10 years, US Attorney Damian Williams said. … It was the largest cryptocurrency seizure in the history of the US DOJ at the time.
Although it’s been something of a crash since then. closewith rains:
At the current spot price, 51,680.32473733 Bitcoin is worth $1,066,821,439.46 (~$1.06B) USD. Some difference from ~$3.36B on November 9, 2021.
And nothing of value was lost. ROOT1803 puts it in bigger words:
The widespread speculation surrounding cryptocurrencies (ie being used as a speculative investment rather than as a currency) has more or less destroyed their ability to grow organically into their relevant use cases. … Cryptocurrencies are frivolous in most use cases in developed countries with safer and less energy intensive alternatives (ie regular money).
Of course, it was worth much less at the time of the offense. bazza broods over procrastination:
Interesting that the FBI took their time to follow the money, to the extent that it had increased in value. Had they got him in 2012, it would have been a pretty small deal, hardly in the public interest. But because they waited 8 [or] For 9 years it has become a fraud worth billions.
…
Not quite sure how big a crime has actually been committed? For example, if he is convicted of a multi-billion dollar crime and bitcoin crashes in value, will he get a corresponding reduction in his sentence?
Wait. Break. I thought cryptocurrency was anonymous? ggm just laughs:
A forensic accountant I know… said that bitcoin had turned his job into one good way: The chain of evidence of intent behind people’s money moving (mixing aside) was so much easier with a self-documenting sequence.
…
Pseudonymity in a distributed ledger is not anonymity. There is a lovely loose thread on the jersey that strips it all back to a set of simple sequences.
And CRHill agrees:
So much for the anonymity of cryptocurrencies. Ten years and he couldn’t unload it even when he had billions of theoretical dollars to pay for the most elaborate means possible.
So how was it tracked? gregarican fill in the blanks:
Once Silk Road’s servers were seized and buried, the trail certainly became easier to follow. … The withdrawal bug in their code was definitely a hole big enough to drive a Brinks truck through.
Oh yes, tell me more about this error? miohtama says it was a classic racial condition:
The original hack was caused by the fact that Silk Road was running PHP on MySQL without transaction isolation. Many early crypto exchanges had similar withdrawal errors when running on LAMP stacks – MySQL has been known to have lax transaction isolation. Sometimes you can take over just by hitting refresh quickly enough in a browser.
Meanwhile, rsilvergun calls it like he sees it:
[They’re] a bunch of amateurs are in a hurry to make money. … There are bound to be security holes because security is hard and these are “go fast, break things” companies.
And finally:
Disco Diffusion in da Haus
Previously in And finally
You have read SB Blogwatch by Richie Jennings. Richi curates the best blog posts, the coolest forums, and the weirdest websites… so you don’t have to. Hate mail can be addressed @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. Past results are no guarantee of future results. Do not stare into the laser with the remaining eye. E&OE. 30.
Image sauce: Viacheslav Bublyk (via Unsplash; smoothed and cropped)