Thursday, November 21, 2024
Home > Exchanges > The Silk Road hacker’s story – Cointelegraph Magazine

The Silk Road hacker’s story – Cointelegraph Magazine

Where would you hide $3.4 billion worth of Bitcoin? For James Zhong, the ideal spot was to store it on a computer — with its circuitry exposed — placed in a used Cheetos popcorn tin hidden in a bathroom closet under a pile of blankets.

Zhong, now 32, was sentenced to a year in federal prison last month for a hack that took place almost 11 years ago. His victim? Ross Ulbricht, the proprietor of the Silk Road dark web drug marketplace where Bitcoin found its first significant use case, as an underground currency. Today, Ulbricht is himself serving two life sentences plus 40 years for his part in operating the illegal marketplace, but darknet markets continue to flourish.

Somewhat ironically, billionaire Zhong was caught due to a transfer of just $1,000 worth of BTC to an address he’d used previously.

Prosecutors stated that Zhong spent lavishly on luxuries. (Zhong’s social media)

Lifestyle of a crypto billionaire

How much is $3.4 billion? One could build another Burj Khalifa — the world’s tallest tower, located in Dubai ($1.5 billion) — and make the winning bid on Leonardo da Vinci’s “Salvator Mundi” — the most expensive painting ever sold ($450 million) — and still have over a billion left over to purchase a sports team, yacht and fleet of private jets. It’s almost beyond comprehension.

BTC computer
The computer containing most of Zhong’s Bitcoin, found in a popcorn tin. (United States Department of Justice)

But Zhong lived in the American city of Gainesville, Georgia, where around $1 million is enough to purchase the luxurious four-bedroom lakefront property he called home. According to some sources, gaining attention from women was among the key motivations of Zhong — who is autistic and was reportedly bullied in school. Court documents hint at his lavish lifestyle:

“Indeed, in the 51 months before law enforcement’s overt search of Zhong’s residences, Zhong dissipated approximately $16 million of crime proceeds, spending lavishly on real estate investments, luxury products, travel, hotels, nightclubs, and other expenses.”

If his online posts are anything to go by, Zhong can also be said to have been something of a party animal, using cocaine on weekends and bragging about being drunk while keeping an eye on the markets. Perhaps this comes with the territory of stealing billions from a drug kingpin.

Zhong party
Zhong memed about his party habits on the Bitcointalk forum.

All this was presumably financed with the roughly 2,900 BTC that the government did not recover from his theft. Zhong stole 50,000 BTC and converted his free Bitcoin Cash into another 3,500 BTC. However, only 50,591 BTC was seized.

Silk Road

Where did all this begin? Possibly with a Bitcointalk user named Teppy, who in June 2010 made a post titled “A Heroin Store” outlining “a thought experiment about how a heroin store might operate, accepting Bitcoins, and ending drug prohibition in the process.” The post connected Bitcoin to libertarianism and suggested that this would enable the new currency to become “truly disruptive.”

It was a cutting-edge concept. “Pizza Day,” which saw Bitcoin exchanged for real-world goods for the first time — a pair of pizzas for 10,000 BTC — had happened just three weeks prior.



Eight months later, in February 2011, Silk Road opened for business in the hidden back alleys of the web. “To access the Tor dark web, users need to download special software,” explains Ethan Lou, an occasional Magazine contributor and the author of Once a Bitcoin Miner. He speaks from experience. Tor, he notes, has many legitimate uses for those who value privacy, including leaking information to the press.

“It’s pretty easy if you have some basic tech know-how. Once you get in, you see that it looks like the internet from the 1990s.”

Sellers could list their items for sale on Silk Road, and the website would hold funds in escrow until items were received by the buyer, who could rate the item and seller. Often, administrators would adjudicate disputes. In months, the site grew to host over 10,000 listings of controlled substances, eventually processing around 1.5 million transactions. One early user was podcaster Peter McCormack, who called it “Amazon for drugs” and told Magazine how he wound up in hospital after three grams of cocaine arrived one day and he got carried away — literally, in an ambulance.

Authorities close in

By June, U.S. Senators Chuck Schumer and Joe Manchin had written to the attorney general and the Drug Enforcement Agency, demanding they take action against the marketplace.

Some of those actions were off-the-books, such as those by DEA Special Agent Carl Mark Force IV, the “lead undercover agent” who in 2015 was sentenced to 6.5 years for various crimes connected with the case. This included demanding exchanges freeze BTC accounts in order to withdraw the coins for himself as well as faking the death of site administrator Curtis Green, whom he had actually arrested, in order to collect money from DPR, who allegedly wanted him dead.

Zhong
Zhong had autism, and prosecutors said he spent lavishly. (Social media)

The website came to an end on Oct. 1, 2013, when a couple started bickering in San Fransisco’s Glen Park Library. This caught the attention of the nearby Ulbricht, who turned his head from the laptop he was working on. It was a trap. At that moment, FBI agents swooped in from behind bookshelves and grabbed Ulbricht’s laptop before he could log out and lock away his 144,000 BTC — the proof he was DPR.

Read also


Features

‘Deflation’ is a dumb way to approach tokenomics… and other sacred cows


Features

Crypto is changing how humanitarian agencies deliver aid and services

Ulbricht received a double life sentence plus 40 years with no possibility of parole. Many in the Bitcoin community and beyond have criticized the sentence as unjust, particularly considering the nonviolent nature of his crime. FreeRoss, an organization dedicated to advocating for his release, archives statements by politicians and industry leaders speaking in favor of his release. As Lou asks:

“Are two life sentences reasonable for someone who did something that is nonviolent?”

A pirate’s billions

During Ulbricht’s sentencing, the funds earned by the site were declared proceeds of crime, meaning the Bitcoin was confiscatable by the U.S. government. The approximately 144,000 BTC found on Ulbricht’s laptop was now U.S. property.

“Under U.S. law, authorities can effectively bring a case against money or other goods and seize them under civil forfeiture laws without necessarily arresting the person possessing them. This naturally extends to digital currencies like Bitcoin,” explains Jason Corbett, a lawyer whose firm, Silk Legal, specializes in cryptocurrencies.

Cheetos
Cheetos, really? Where else would you keep billions in Bitcoin? (United States Department of Justice)

The government disposed of its newfound Bitcoin via a series of auctions held by the U.S. Marshals Service in 2014. Venture capitalist Tim Draper famously purchased 30,000 BTC for $18 million. Functionally, the auctions legitimized Bitcoin by removing all doubt regarding its legality: How could the government sell something it considers illegal?

But some of the Bitcoin was missing, all traceable from the Silk Road addresses. About 50,000 had been stolen from Silk Road’s hot wallets back in September 2012.

It was not a sophisticated hack. Zhong deposited 500 BTC into the Silk Road platform, only to make five withdrawals for 500 BTC a few seconds later, tricking the wallet software into returning 2,500 BTC to him. This was repeated several times using different accounts and increasing amounts, netting Zhong “approximately 50,000 Bitcoin out of Silk Road in just a few days,” according to court documents. At the time, this amount of Bitcoin was worth around $600,000.

Read also


Features

Bitcoin gets physical: Art or digital heresy?


Features

Monero-Mining Death Metal Band from 2077 Warns Humans on Lizard People Extinction Scheme

Unexpected Bitcoin Cash windfall

In 2017, Bitcoin was forked in a move championed by Roger Ver and Jihan Wu. This allowed every Bitcoin holder to redeem 1 BCH for each Bitcoin they held.

Many proponents believed that Bitcoin Cash was the “true” Bitcoin, but Zhong, writing as the aptly named “Loaded,” took to the Bitcointalk forum to disagree. That summer, he went on to exchange his 50,000 BCH for 3,500 additional BTC. As the U.S. government views the stolen Silk Road BTC as proceeds of crime, it similarly views the BCH later assigned to them as equally confiscatable.

Zhong BCH
Zhong, writing as the aptly named “Loaded” on the Bitcointalk forum.

As a decade passed, the value of Zhong’s stolen treasure grew exponentially into the billions. However, with Zhong’s blockchain signature pointing to the lost Silk Road coins, it was only a matter of time before U.S. investigators took notice. There were, and probably still are, eyes on the forum at the center of the Bitcoin movement, where Ulbricht himself had posted under the name “Altoid.”

That’s the trail that eventually led Trevor McAleenan, a special agent with the U.S. Internal Revenue Service’s Criminal Investigation Division, to rummage through the contents of Zhang’s bathroom closets in 2022 in search of “approximately 53,500 [BTC in] Silk Road Crime Proceeds.” He recovered 50,591 BTC, which, “using a conservative estimate of the lowest spot price of BTC on the date of the search,” amounted to $3,388,817,011.90.

Not a tin pot setup

Though Zhong hid much of his BTC in a tin, Special Agent McAleenan described his setup as sophisticated, made up of “multiple computer servers, virtual private networks, cold wallets, virtual machines, numerous layers of encryption, and multiple Bitcoin nodes.” Over the first several years following his 2012 heist, Zhong kept his loot on two addresses of approximately 40,000 BTC and 10,000 BTC.

Perhaps in an attempt to make the connection to the hack appear more distant, he began periodically moving the Bitcoin — for example, splitting the 10,000 BTC address into 10 addresses holding 1,000 BTC each in 2020.

The lakefront home where Zhong kept his treasure. $3.4 billion could buy around 3,600 such houses. (Zillow)

In an apparent attempt to further obfuscate the funds, that same year he “pushed approximately 750 BTC of the Silk Road Crime Proceeds through a decentralized Bitcoin mixer,” which is software that effectively mixes cryptocurrency from various addresses together to make it unclear from which source a final balance comes, thereby aiming to break a connection to tracked coins such as those involved in Silk Road.

While technically anyone can use a site like Blockchain.com to follow transactions — including Zhong’s — on the Bitcoin chain, it is worth noting that the IRS went beyond this, using blockchain tracing and forensic software to string suspicious addresses together more easily. While such software does not add any new information, it makes interpreting the data easier.

Feds swoop in

Despite his VPNs and encryption and various attempts to hide the Silk Road coins, Zhong must have slipped up at some point, as the IRS was able to track him by his IP address — a unique identifier assigned to each device that connects to the internet. This IP address was then matched to records held with Zhong’s internet service provider as well as an exchange where he sent some coins to be traded, presumably obtained by a warrant requiring these records to be released.

Zhong’s floor safe. (United States Department of Justice)

The successful recovery of the Bitcoin came down to identifying the movements of the coins in question and following them to an exchange where Zhong had deposited and sold 119 BTC, worth somewhere in the region of $1 million, in 2019. Despite attempts to mix and obfuscate, the coins’ connection to Zhong and Silk Road was confirmed by a transfer of a mere 0.07750842 BTC — around $1,000 — in leftover change that was sent from Zhong’s account to a Bitcoin address previously used to move 1,000 BTC of Silk Road funds.

This suggests that Zhong was caught — losing him $3.4 billion — due to laziness in reusing an address instead of creating a new one, or perhaps even for worrying about 0.08 BTC when selling 118 BTC, to begin with. The Swan Bitcoin exchange, for example, explicitly discourages users from reusing addresses due to “negative implications such as diminished privacy and diminished security,” which Zhong’s case appears to demonstrate.

And so, a search warrant was issued and executed about two years later, in November 2021.

“The same BTC address controlled by Individual-1 that received change of approximately 0.07750842 BTC in 2019, as indicated in the Exchange records, also is associated with a BTC address that Individual-1 used to transfer 1,000 BTC that Individual-1 had unlawfully obtained from Silk Road,” wrote McAleenan.

Read also


Features

Attack of the zkEVMs! Crypto’s 10x moment


Features

Shanghai Special: Crypto crackdown fallout and what happens next

Zhong’s other loot

In addition to coins held on a computer, Zhong had other assets spread around his house within a kitchen drawer and a floor safe filled with tightly bound stacks of cash. There was also a tiny amount of silver and gold bullion and a collection of rather peculiar coins known as Casascius coins.

Physical bitcoin
The Casascius physical Bitcoin found in Zhong’s kitchen drawer, making the U.S. government an accidental collector. (United States Department of Justice)

Casascius coins are physical Bitcoin on which the private key is hidden under a peelable hologram sticker. They are historical artifacts of the Bitcoin movement dating back to 2011. Magazine’s 2021 piece on the topic declared such coins as “the ultimate privacy coins, as there’s nothing to associate the owner with an address and they can be traded a million times without ever leaving a record on the blockchain.”

“Theoretically, of course, this would make physical Bitcoin a very attractive way to launder money or pay for drug deals.”

Zhong appears to have done just that, effectively trading his red-hot “criminal proceeds” for pre-Silk Road 2011 Bitcoin that appears entirely clean.

As far as we know, however, Zhong cooperated with authorities and returned all his remaining Bitcoin, a factor that played a role — along with his young age and autism — in his getting a short sentence and the more serious money laundering charges dropped, which would typically lead to many years in prison.

In Zhong’s case, the government appeared far more interested in securing the “criminal proceeds” for themselves rather than Zhong, whose criminal activity amounted to stealing from another criminal.

Had Zhong hacked any other dodgy site, it’s unlikely authorities would have been interested in catching up with him a decade after the fact. According to Corbett, wire fraud is the electronic equivalent of mail fraud and has become a sort of catch-all for prosecutors, as virtually any financial crime today involves the use of the internet.

“Zhong was sentenced for wire fraud committed against Silk Road, which is a reminder that fraud is still fraud even if committed against a criminal enterprise.”

The dark side

Despite Ulbricht’s sentencing, the Dread Pirate Roberts may live on. The name came from the movie The Princess Bride, in which DPR was not a single feared sea captain but a title passed on from pirate to pirate. True to the myth, Silk Road 2.0 was launched within a month of the arrest, operating for two years until Blake Benthall, a former administrator of the original Silk Road, was also arrested by the FBI. Despite this, at least two sites calling themselves Silk Road 3.0 were soon again operational, along with a myriad of similar marketplaces using different brands.

In Once a Bitcoin Miner, Lou writes about his experience visiting one of these marketplaces out of curiosity while a student. He soon spent almost half a Bitcoin — about $100 — to purchase a small amount of LSD, which never actually arrived. Naturally, there was far more than just drugs offered:

“Various marketplaces offered stolen credit card details and passwords, drugs and guns. You could also hire someone to say the right words to the police so that a tactical team would raid a house of your choice, a process called ‘swatting.’ My friends and I even found purported assassinations on offer – just unbelievable.”

According to Carnegie Mellon research professor Nicolas Christin, as much as “4.5% to 9% of all exchange trades” in the early days of Bitcoin were related to the dark web drug market. Considering this, there is no denying that the black market was among the first use cases of cryptocurrency, a fact that still fuels apprehension among the public regarding cryptocurrency. Lou, a journalist, takes a slightly more optimistic view:

“Even if the use case is not a very nice one, I think it still is a use case. As they say, any publicity is good publicity.”

Elias Ahonen author at Cointelegraph Magazine

Elias Ahonen

Elias Ahonen is a Finnish-Canadian author based in Dubai who has worked around the world operating a small blockchain consultancy after buying his first Bitcoins in 2013. His book ‘Blockland’ (link below) tells the story of the industry. He holds an MA in International & Comparative Law whose thesis deals with NFT & metaverse regulation.



Source