To facilitate the purchase of infrastructure used in their hacking activity — including hacking into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election and releasing the stolen documents — the defendants conspired to launder the equivalent of more than $95,000 through a web of transactions structured to capitalize on the perceived anonymity of cryptocurrencies such as Bitcoin.Deputy US Autorney General
On July 14, 2018, the U.S. Department of Justice (DoJ) accused 12 Russian intelligence officers of plotting a conspiracy to influence the 2016 U.S. presidential elections. These 12 Russian intelligence agency officers belonged to the Main Intelligence Directorate of the General Staff (GRU) and they used Bitcoins to fund their execution of large-scale hacking attacks to interfere with the 2016 U.S. presidential elections.
According to the U.S. Department of Justice, a group of Russian military intelligence officers was engaged in cyber operations that involved the staged releases of documents stolen through computer intrusions. These units conducted large-scale cyber operations to interfere with the 2016 U.S. presidential election. During a news conference, Deputy Attorney General of U.S. Department of Justice, Rod Rosenstein explained how two units of Russia’s GRU intelligence agency gained unauthorized access (hack) into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, stole documents from those computers, and staged releases of the stolen documents.
The use of bitcoin allowed the Conspirators to avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds.
In a press conference he said:
“The defendant worked for two units of the Main Intelligence Directorate of the General Staff Known as the GRU. The units engaged in active cyber operations to interfere in the 2016 presidential election. There was one unit that was engaged an active cyber operations by stealing information. A different unit that was responsible for disseminating the stolen information. The defendant used two techniques to steal information. The first scheme they used is known as “spearfishing”, which involves sending misleading email messages and tricking the users into disclosing their passwords and security information. And the second is that defendant hacked into computer networks and install malicious software that allows them to spy on users and capture keystrokes, take screenshots, and remove data from those computers”.
When we confront foreign interference in American elections, it is important for us to avoid thinking politically as Republicans or Democrats and instead to think patriotically as Americans. Fevered political climate doesn’t reflect the “grace and dignity” of the American people.Rosenstein
These GRU officers (Conspirators), in their official capacities, engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee, and the presidential campaign of Hillary Clinton, and released that information on the internet under the names “DCLeaks” and “Guccifer 2.0” and through another entity. Conspirators hacked into the computer networks of
the Democratic Congressional Campaign Committee (“DCCC”) and the Democratic National Committee (“DNC”). The Conspirators covertly monitored the computers of dozens of DCCC and DNC employees, implanted hundreds of files containing malicious computer code (“malware”), and stole emails and other documents from the DCCC and DNC. They planed the release of materials stolen from the Clinton Campaign, DCCC, and DNC.
In addition to mining bitcoin, the Conspirators acquired bitcoin through a variety of means designed to obscure the origin of the funds. This included purchasing bitcoin through exchanges, moving funds through other digital currencies, and using pre-paid cards. They also enlisted the assistance of one or more third-party exchanges who facilitated layered transactions through digital currency exchange platforms providing heightened anonymity
How they bought bitcoins?
Hackers primarily used the virtual coins when buying servers, registering domains and making other payments related to the cyber breaches. Many of the transactions were processed by U.S. companies. peer-to-peer crypto trading platforms, using other digital coins and prepaid credit cards as well. US investigators claimed that the Russians even mined their own cryptocurrency.
The use of bitcoin allowed the conspirators to avoid direct relationships with traditional financial institutions, allowing them to evade greater scrutiny of their identities and sources of funds.
The group allegedly mined Bitcoin to pay a Romanian company to register the domain “dcleaks.com.” They also bought Bitcoin by using peer-to-peer exchanges, moving funds through other cryptocurrencies and setting up prepaid cards. While the defendants allegedly used other currencies, including the U.S. dollar, “they principally used bitcoin when purchasing servers, registering domains and otherwise making payments in furtherance of hacking activity.” Payments are said to have been made to companies in the U.S., with some of those funds being traced to a bitcoin mining operation.
Authorities in Washington claim that hackers working for the Russian foreign military intelligence paid in crypto for servers in the US and Malaysia, website domains, and virtual private networks (VPNs) used to release information stolen from the Democratic camp and to obscure their identities and cover their tracks. They also laundered more than $95,000 through bitcoin.