The Russians Who Allegedly Hacked the DNC Mined Bitcoin to Fund Their Operation

The Russian hacking team singled out in the Mueller probe’s latest indictment allegedly mined Bitcoins and banked on cryptocurrency’s pseudonymity to keep their identities hidden.

|
Jul 13 2018, 7:00pm

Image: Shutterstock

On Friday the US Department of Justice indicted 12 members of Russia’s GRU intelligence agency for hacking the Hillary Clinton campaign, the Democratic National Committee, and the DCCC. The indictment alleges that the Russians partly funded their hacking operation through Bitcoin mining and conspired to launder the equivalent of $95,000 USD “through a web of transactions structured to capitalize on the perceived anonymity of cryptocurrencies such as Bitcoin,” the indictment states.

While Bitcoin and other cryptocurrencies afford users a degree of pseudonymity (users are represented by strings of numbers and characters on the public ledger), that guarantee can break down if by some means a real-life identity is correlated with an address on the blockchain.

According to the indictment, the Russian hacking team referred to as “Unit 74455” allegedly used Bitcoin to purchase servers, to register domains, and otherwise make payments related to the operation. This Bitcoin was obtained in part by mining—the process of validating blocks of other people’s transaction data—and otherwise by purchasing it. The indictment even offers an example of a specific transaction: On or around February 1, 2016, an account allegedly controlled by the hackers was instructed to “[p]lease send exactly .026043 bitcoin to” a certain address. Shortly thereafter, the indictment states, a transaction matching those transactions was posted to the public Bitcoin blockchain.

Read More: We Spoke to DNC Hacker 'Guccifer 2.0'

The indictment alleges that the hackers used prepaid cards and peer-to-peer cryptocurrency exchanges to make purchases; P2P exchanges, also known as “decentralized” exchanges, are less tightly controlled and are thought to be more anonymous than more traditional cryptocurrency exchanges operated by a central authority; P2P exchanges merely match buyers with sellers that interact directly.

However, the indictment states that the Russians “facilitated Bitcoin payments” using the same computers that they used to conduct hacking activity, including creating and testing emails designed to fool a victim into handing over login credentials known as “spearphishing” emails. The Russians allegedly also used, in some cases, the same pool of mined Bitcoins to conduct a variety of activities related to the hacking campaign, like purchasing accounts, servers, and domains.

The use of Bitcoin to launder payments related to the operation landed the Russian defendants a charge of conspiracy to commit money laundering.

Get six of our favorite Motherboard stories every day by signing up for our newsletter .