Money laundering can be a complicated thing. Crypto opens up all kinds of fun techniques to would-be cleaners. Here we have a case that shows a simple truth: using all the fancy techniques in the world doesn’t matter if you don’t understand what they do, and when to use them. Another lesson from this case is that trying to obfuscate your activity on a public ledger is pointless. An elaborate shell game is pointless when all the moves are publicly recorded.

Plead guilty to

Ilya Lichenstein - Conspiracy to commit money laundering

Heather Morgan - Money laundering conspiracy, conspiracy to defraud the US

Overview

Our story begins with the 2016 hack of cryptocurrency exchange Bitfinex. It was a big deal. It was such a large heist that it shook the market’s faith in bitcoin, causing the coin’s vallue to plunge 20% in the immediate aftermath. A hacker managed to steal 119,756 bitcoin, worth about $72 million at the time ($3.4 billion when this article was written.) The stolen coins remained dormant in a single wallet until early 2017.

The stolen funds were spread out, laundered by their new (but temporary) owner using a complex web of obfuscation and deceit. The thief employed a variety of techniques to conduct what was like a virtual shell game, bouncing funds around in a way that made them difficult (but not impossible!!!) to track. Eventually these funds would be traced to New York resident Ilya Lichtenstein and his wife Heather Morgan. The two would go on to admit guilt to stealing and laundering the bitcoin. They went to great pains to cover their tracks, and bitcoin is anonymous and enables criminals and drug dealers and traffickers and blah blah blah, so what went wrong? Nerds have an old adage that explains: security through obscurity is not security. Let’s look at the first step in Lichtenstein’s laundering attempt to see what this means.

Mr. Lichtenstein started by moving some of his ill-gotten gains out of the original wallet into various AlphaBay accounts. He did this using a technique called a peel chain. Essentially a peel chain moves funds into new wallets a little bit at a time rather than dumping the funds in a few large sums. This could be useful in a situation where you’re moving funds into a legitimate exchange that might get suspicious if you suddenly start making large transactions out of nowhere. For an illicit marketplace such as AlphaBay it’s less clear to me why this step would be useful.

From here the funds would be juggled all over, to various wallets associated with various exchanges. The scope of the whole network of transactions is beyond this article, but that’s ok because we’ve already figured out where Ilya went wrong. Some of the funds continued to move through the bitcoin network eventually being used in transactions that were tied to his identity. These transactions included transfers to wallets that were registered in his name, gift cards used towards his PlayStation account, and gold bars that were delivered to his home address.

At this point some of the stolen funds could be attributed to Lichtenstein, but not the entire heist. Law enforcement did have enough to get a search warrant for his cloud storage accounts. According to the criminal complaint the search yielded keys to the wallet that had originally stolen the Bitfinex bitcoins. It also included a spreadsheet detailing the variouis wallets involved in the laundering shell game, including notes such as when certain exchange accounts were frozen.

With the treasure map in hand it would have been easy for law enforcement to connect the dots and track down the entirety of the stolen coins. Lichtenstein would end up pleading guilty, with his wife Heather as an accomplice, due in part to her use of legitimate business accounts to assist in trying to launder the stolen bitcoin.