U.S. Justice Department Indicts Russians Who Used Bitcoin to Interfere in 2016 Presidential Election

Omar Faridi
  • Russian nationals were charged with federal crimes involving interference with the US 2016 presidential elections.
  • 12 Russian intelligence officers were charged with using Bitcoin to buy servers used for hacking US government computers.

The US Justice Department announced on Friday an indictment charging twelve Russian citizens for attempting to use Bitcoin (BTC) to engage in money laundering activities. The accused, according to the indictment brought forward by the Special Counsel’s Office, used the cryptocurrency to hide their alleged involvement in interfering with the 2016 U.S. presidential elections.

Reportedly, the accused are members of Russia’s Main Intelligence Directorate (GRU) and have been charged with trying to hack the US Democratic Congressional Campaign Committee’s servers.

The GRU officials, who’re part of the Russian military, have also been indicted on charges of engaging “in a sustained effort to hack” the Democratic National Committee’s (DNC) private databases. All twelve defendants have been accused of trying to unlawfully gain access to confidential information related to former US Secretary of State Hillary Clinton’s presidential campaign.

Defendants “Conspire To Hack” Government Servers

It’s believed that through these data breaches, the accused Russian officers leaked classified information and labeled it as “Guccifer 2.0” and “DCLeaks.” These incidents can be traced back to July 2016 when the DNC revealed that their computer systems had been infiltrated by two different Russian entities known as “Cozy Bear” and “Fancy Bear.”

The Russian hackers then reportedly went on to share thousands of DNC’s confidential messages with Guccifer 2.0, a Romanian hacking group. Soon after this, compromised classified information was posted on WikiLeaks.

US Special Counsel Robert Mueller was quick to follow up on these incidents and now all twelve of the Russian military’s intelligence officers have been indicted by District of Columbia’s grand jury.

Charges levied against the defendants include interfering with the US state boards of election and obtaining unauthorized access to private information belonging to the secretaries of state by “conspir[ing] to hack into [their] computers.” Charges also include tampering with elections software, although it isn’t clear whether the hackers influenced the electoral voting process.

Notably, Mueller’s investigation suggests that the accused used spear-phishing attacks, which are fraudulent emails sent from compromised accounts of trusted senders with the intention of obtaining confidential information from unsuspecting recipients. “X-Agent” (or “Sofacy”), the tool allegedly used for spear-phishing, is believed to also have been used by other Russian hackers reportedly linked to the GRU.

Bitcoin Used To Buy Servers

Interestingly, in a possible attempt to prevent these crimes from being traced back to them, the Russian hackers bought bitcoin and used the pseudonymous cryptocurrency to purchase servers and other computer accessories.

 The computing hardware is believed to have been used to help them infiltrate private US government networks. In addition to being charged for influencing and interfering with the 2016 US presidential elections, the accused have been charged with using bitcoin to engage in money laundering activities.

The federal level indictment consists of 11 criminal counts with Count Ten alleging that the Russian intelligence officials. It reads

“[The] Defendants conspired to launder the equivalent of more than $95,000 through a web of transactions structured to capitalize on the perceived anonymity of cryptocurrencies such as bitcoin."

DOJ

Researchers Publish Vulnerability Locking Bitcoin Lightning Channels for Just 0.25 BTC

Michael LaVere
  • Two researchers at Hebrew University have published multiple vulnerabilities in bitcoin's Lightning network.
  • An attacker can paralyze the majority of nodes on the network for as little as 0.25 BTC. 

Two researchers have discovered a vulnerability in Bitcoin's Lightning Network layer-two scaling solution that could lead to payment channels being locked for as little as 0.25 BTC ($2,400).

Ayelet Mizrahi and Aviv Zohar, two professors at Hebrew University, published a paper on Medium titled “Congestion Attacks in Payment Channel Networks.” According to the researchers, there is a “fundamental vulnerability” in the current iteration of Lightning's trustless payment channel protocol. 

The professors claim to have identified two specific attacks on the network, which involve locking as many liquidity channels as possible for an extended period of time and isolating hubs from the rest of the network. In addition, the researchers say that recent changes to the default network parameters agreed upon by Lightning developers have made the attacks easier to carry out. 

The paper outlines the method of attack for paralyzing payment channels, which involves a hacker requesting numerous small payments and exhausting the number of simultaneously opened hash time locked contracts (HTLC). 

According to the paper,

The attacker is both the source and destination of this payment and can severely delay the final execution of the payment (up to several days). The attacker can then re-run the attack once again and lock the same path for an additional period of time.

The researchers discovered they were able to effectively paralyze the majority of liquidity on Lightning network for several days using less than 0.25 BTC.

The report reads, 

Our results show that the attacker can paralyze 650 BTC [$6.2 million] of liquidity in the Lightning Network for 3 days using less than 0.25 BTC.

Mizrahi and Zohar also detailed their method for disconnecting a single node from the network for an extended period of time. The attack involves an adversary connecting to the victim’s node and paralyzing its adjacent channels. The attacker does this by making payment requests over a path going back and forth through the victim’s channel. To the researcher’s astonishment, “this is surprisingly allowed in Lightning implementations.”

While Lightning has yet to reach mainstream as a payment protocol for bitcoin, the network currently supports 11,000 nodes and 35,000 channels, with an estimated 880 BTC in total capacity. 

Featured Image Credit: Photo via Pixabay.com