Molly White
@molly0xfff@hachyderm.io  ·  activity timestamp 4 days ago

That contortion is just one of several flaws in a prosecution that has been plagued by embarrassing blunders, including misattributing to a Tornado Cash developer text messages that were actually sent by a reporter.

#crypto #cryptocurrency#USpol#USpolitics

The misattributed messages The prosecution in Storm’s case has really not covered themselves in glory thus far. First, it came to light that they fumbled extracting Telegram messages from a chat including Storm and Pertsev. It turns out a message quoted in Storm’s indictment and attributed to Pertsev, reading “Heya, anyone around to chat about axie? Would like to ask a few general questions about how one goes about cashing out 600 mil”, was actually a message forwarded by Pertsev from a CoinDesk journalist researching a story about the massive March 2022 Axie Infinity theft [W3IGG] and subsequent laundering of stolen funds.4 Although prosecutors have (sort of) admitted they misidentified the message forwarded by Pertsev as one he authored, they’re still arguing that their error is not material to the case, and that somehow forwarding the message made it a statement Pertsev “manifested [and] adopted or believed to be true”. They also claimed the defense waited to raise the issue in a “strategic decision to play ‘gotcha’ on the eve of trial”.5 The defense has petitioned the court to allow them to view grand jury transcripts, citing “grave concerns about the integrity of the grand jury proceedings since it appears that the government provided false information to the grand jury”, and suggested they may move to dismiss the case on that basis.6
The misattributed messages The prosecution in Storm’s case has really not covered themselves in glory thus far. First, it came to light that they fumbled extracting Telegram messages from a chat including Storm and Pertsev. It turns out a message quoted in Storm’s indictment and attributed to Pertsev, reading “Heya, anyone around to chat about axie? Would like to ask a few general questions about how one goes about cashing out 600 mil”, was actually a message forwarded by Pertsev from a CoinDesk journalist researching a story about the massive March 2022 Axie Infinity theft [W3IGG] and subsequent laundering of stolen funds.4 Although prosecutors have (sort of) admitted they misidentified the message forwarded by Pertsev as one he authored, they’re still arguing that their error is not material to the case, and that somehow forwarding the message made it a statement Pertsev “manifested [and] adopted or believed to be true”. They also claimed the defense waited to raise the issue in a “strategic decision to play ‘gotcha’ on the eve of trial”.5 The defense has petitioned the court to allow them to view grand jury transcripts, citing “grave concerns about the integrity of the grand jury proceedings since it appears that the government provided false information to the grand jury”, and suggested they may move to dismiss the case on that basis.6
The misattributed messages The prosecution in Storm’s case has really not covered themselves in glory thus far. First, it came to light that they fumbled extracting Telegram messages from a chat including Storm and Pertsev. It turns out a message quoted in Storm’s indictment and attributed to Pertsev, reading “Heya, anyone around to chat about axie? Would like to ask a few general questions about how one goes about cashing out 600 mil”, was actually a message forwarded by Pertsev from a CoinDesk journalist researching a story about the massive March 2022 Axie Infinity theft [W3IGG] and subsequent laundering of stolen funds.4 Although prosecutors have (sort of) admitted they misidentified the message forwarded by Pertsev as one he authored, they’re still arguing that their error is not material to the case, and that somehow forwarding the message made it a statement Pertsev “manifested [and] adopted or believed to be true”. They also claimed the defense waited to raise the issue in a “strategic decision to play ‘gotcha’ on the eve of trial”.5 The defense has petitioned the court to allow them to view grand jury transcripts, citing “grave concerns about the integrity of the grand jury proceedings since it appears that the government provided false information to the grand jury”, and suggested they may move to dismiss the case on that basis.6
Molly White
@molly0xfff@hachyderm.io  ·  activity timestamp 4 days ago

Then, prosecutors called as a witness a woman who had fallen victim to a $250,000 cryptocurrency scam. Their argument seems to have been that Tornado Cash developers should have helped her in ways that were technologically impossible.

#crypto #cryptocurrency#USpol#USpolitics

The scam victim Then, prosecutors invited their first witness: a woman named Hanfeng Lin, who told her story of falling for a pig butchering scam that started with a message from a stranger on WhatsApp and ended in her losing around $250,000 — her life savings. The woman contacted Payback, a company that specializes in “crypto recovery” — essentially, consulting services to trace stolen crypto assets in hopes of getting them back — and, after likely paying them anywhere from $3,500 to $10,000 for their help, was handed a report showing that $150,000 of the stolen funds went to Tornado Cash (along with smaller transfers to Coinbase, Binance, and FTX) and instructions to email those entities.a The victim did so, and prosecutors argued that Tornado Cash developers never responded to help her, which I guess prosecutors think they should have managed to do.b
The scam victim Then, prosecutors invited their first witness: a woman named Hanfeng Lin, who told her story of falling for a pig butchering scam that started with a message from a stranger on WhatsApp and ended in her losing around $250,000 — her life savings. The woman contacted Payback, a company that specializes in “crypto recovery” — essentially, consulting services to trace stolen crypto assets in hopes of getting them back — and, after likely paying them anywhere from $3,500 to $10,000 for their help, was handed a report showing that $150,000 of the stolen funds went to Tornado Cash (along with smaller transfers to Coinbase, Binance, and FTX) and instructions to email those entities.a The victim did so, and prosecutors argued that Tornado Cash developers never responded to help her, which I guess prosecutors think they should have managed to do.b
The scam victim Then, prosecutors invited their first witness: a woman named Hanfeng Lin, who told her story of falling for a pig butchering scam that started with a message from a stranger on WhatsApp and ended in her losing around $250,000 — her life savings. The woman contacted Payback, a company that specializes in “crypto recovery” — essentially, consulting services to trace stolen crypto assets in hopes of getting them back — and, after likely paying them anywhere from $3,500 to $10,000 for their help, was handed a report showing that $150,000 of the stolen funds went to Tornado Cash (along with smaller transfers to Coinbase, Binance, and FTX) and instructions to email those entities.a The victim did so, and prosecutors argued that Tornado Cash developers never responded to help her, which I guess prosecutors think they should have managed to do.b
Molly White
@molly0xfff@hachyderm.io  ·  activity timestamp 4 days ago

But shortly after this testimony, crypto sleuths discovered that the scam victim’s funds likely never were laundered through Tornado Cash at all.

Not only that, the “crypto recovery” service used by the victim may have been one identified by the FBI as a scam known for producing “incomplete or inaccurate tracing report[s]” (though this may be a separate company sharing a name, or impersonating a legitimate business).

#crypto #cryptocurrency#USpol#USpolitics

September 11, 2024 FBI San Diego Seizes Cryptocurrency Recovery Websites SAN DIEGO — Special Agents with the FBI San Diego Field Office have seized websites belonging to three cryptocurrency recovery services. The seizures come as the FBI continues to crack down on an emerging scam tactic aimed at further defrauding cryptocurrency scam victims. The web domains were from the following cryptocurrency recovery services: MyChargeBack, Payback LTD, and Claim Justice. These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered. These companies use extensive social media advertising, including false reviews, to convince victims of the legitimacy of their services. Potential ways to identify this type of scheme: Recovery scheme fraudsters charge an up-front fee and either cease communication with the victim after receiving an initial deposit or produce an incomplete or inaccurate tracing report. They may also request additional fees to recover funds. Fraudsters may claim affiliation with law enforcement or legal services to appear legitimate. Scammers may reference actual financial institutions and money exchanges to build credibility and further their schemes. Tips to avoid becoming a victim:
September 11, 2024 FBI San Diego Seizes Cryptocurrency Recovery Websites SAN DIEGO — Special Agents with the FBI San Diego Field Office have seized websites belonging to three cryptocurrency recovery services. The seizures come as the FBI continues to crack down on an emerging scam tactic aimed at further defrauding cryptocurrency scam victims. The web domains were from the following cryptocurrency recovery services: MyChargeBack, Payback LTD, and Claim Justice. These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered. These companies use extensive social media advertising, including false reviews, to convince victims of the legitimacy of their services. Potential ways to identify this type of scheme: Recovery scheme fraudsters charge an up-front fee and either cease communication with the victim after receiving an initial deposit or produce an incomplete or inaccurate tracing report. They may also request additional fees to recover funds. Fraudsters may claim affiliation with law enforcement or legal services to appear legitimate. Scammers may reference actual financial institutions and money exchanges to build credibility and further their schemes. Tips to avoid becoming a victim:
September 11, 2024 FBI San Diego Seizes Cryptocurrency Recovery Websites SAN DIEGO — Special Agents with the FBI San Diego Field Office have seized websites belonging to three cryptocurrency recovery services. The seizures come as the FBI continues to crack down on an emerging scam tactic aimed at further defrauding cryptocurrency scam victims. The web domains were from the following cryptocurrency recovery services: MyChargeBack, Payback LTD, and Claim Justice. These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered. These companies use extensive social media advertising, including false reviews, to convince victims of the legitimacy of their services. Potential ways to identify this type of scheme: Recovery scheme fraudsters charge an up-front fee and either cease communication with the victim after receiving an initial deposit or produce an incomplete or inaccurate tracing report. They may also request additional fees to recover funds. Fraudsters may claim affiliation with law enforcement or legal services to appear legitimate. Scammers may reference actual financial institutions and money exchanges to build credibility and further their schemes. Tips to avoid becoming a victim:
Worse still, Payback may well have been one of three companies named in a September 2024 press release from the San Diego FBI office announcing the seizure of websites connected to scam crypto recovery services — although it is possible that the firm Lin used merely shares a name with a scam service.9 According to the FBI: “These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered.” In other words, the prosecutors may have chosen a scam victim to put on the stand based solely on claims from a crypto “recovery” service the FBI has specifically named as charging fees to “produce an incomplete or inaccurate tracing report”.10
Worse still, Payback may well have been one of three companies named in a September 2024 press release from the San Diego FBI office announcing the seizure of websites connected to scam crypto recovery services — although it is possible that the firm Lin used merely shares a name with a scam service.9 According to the FBI: “These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered.” In other words, the prosecutors may have chosen a scam victim to put on the stand based solely on claims from a crypto “recovery” service the FBI has specifically named as charging fees to “produce an incomplete or inaccurate tracing report”.10
Worse still, Payback may well have been one of three companies named in a September 2024 press release from the San Diego FBI office announcing the seizure of websites connected to scam crypto recovery services — although it is possible that the firm Lin used merely shares a name with a scam service.9 According to the FBI: “These companies claim to provide cryptocurrency tracing and promise the ability to recover lost funds. Representatives of these companies often advertise strong success in recovering victim funds but have no track record in doing so. They often charge significant upfront fees and ask for a commission should funds be recovered.” In other words, the prosecutors may have chosen a scam victim to put on the stand based solely on claims from a crypto “recovery” service the FBI has specifically named as charging fees to “produce an incomplete or inaccurate tracing report”.10
This all sounds very heartwrenching, but there was one slight issue, apparently first noticed by crypto sleuth Taylor Monahan as she followed the trial coverage: the money stolen from Lin may never have gone to Tornado Cash at all. Monahan said her interest was initially drawn based on her experience tracing transfers from thousands of victims like Lin. “Those scammers don’t use Tornado Cash ... and they never have,” she wrote, explaining that “it’s nothing compared to their existing laundry networks” that can launder massive sums.7 Although no transaction details were mentioned in Lin’s testimony, Monahan was able to track down the transactions between Lin and the scammers from separate court cases involving seizures of funds from the same scam group. She repeated the tracing supposedly performed by Payback, discovering that no transfers ever went to Tornado Cash or to Coinbase, and that Payback apparently made an incredibly rookie mistake: by mishandling tracing of a chainswap transaction that batches together many unrelated deposits, they may have erroneously identified completely unrelated transfers to Coinbase and Tornado Cash as made by Lin’s scammer. Fellow crypto sleuth zachxbt later wrote that he’d repeated Monahan’s analysis and agreed with it, writing: “Idk how you mess up the tracing that bad ... It’s unfortunate these predatory firms come up as the first search results on Google when victims look for help.”8
This all sounds very heartwrenching, but there was one slight issue, apparently first noticed by crypto sleuth Taylor Monahan as she followed the trial coverage: the money stolen from Lin may never have gone to Tornado Cash at all. Monahan said her interest was initially drawn based on her experience tracing transfers from thousands of victims like Lin. “Those scammers don’t use Tornado Cash ... and they never have,” she wrote, explaining that “it’s nothing compared to their existing laundry networks” that can launder massive sums.7 Although no transaction details were mentioned in Lin’s testimony, Monahan was able to track down the transactions between Lin and the scammers from separate court cases involving seizures of funds from the same scam group. She repeated the tracing supposedly performed by Payback, discovering that no transfers ever went to Tornado Cash or to Coinbase, and that Payback apparently made an incredibly rookie mistake: by mishandling tracing of a chainswap transaction that batches together many unrelated deposits, they may have erroneously identified completely unrelated transfers to Coinbase and Tornado Cash as made by Lin’s scammer. Fellow crypto sleuth zachxbt later wrote that he’d repeated Monahan’s analysis and agreed with it, writing: “Idk how you mess up the tracing that bad ... It’s unfortunate these predatory firms come up as the first search results on Google when victims look for help.”8
This all sounds very heartwrenching, but there was one slight issue, apparently first noticed by crypto sleuth Taylor Monahan as she followed the trial coverage: the money stolen from Lin may never have gone to Tornado Cash at all. Monahan said her interest was initially drawn based on her experience tracing transfers from thousands of victims like Lin. “Those scammers don’t use Tornado Cash ... and they never have,” she wrote, explaining that “it’s nothing compared to their existing laundry networks” that can launder massive sums.7 Although no transaction details were mentioned in Lin’s testimony, Monahan was able to track down the transactions between Lin and the scammers from separate court cases involving seizures of funds from the same scam group. She repeated the tracing supposedly performed by Payback, discovering that no transfers ever went to Tornado Cash or to Coinbase, and that Payback apparently made an incredibly rookie mistake: by mishandling tracing of a chainswap transaction that batches together many unrelated deposits, they may have erroneously identified completely unrelated transfers to Coinbase and Tornado Cash as made by Lin’s scammer. Fellow crypto sleuth zachxbt later wrote that he’d repeated Monahan’s analysis and agreed with it, writing: “Idk how you mess up the tracing that bad ... It’s unfortunate these predatory firms come up as the first search results on Google when victims look for help.”8
Molly White
@molly0xfff@hachyderm.io  ·  activity timestamp 4 days ago

Prosecutors have tried to recover the testimony by bringing in an FBI agent to testify that the scam victim’s funds were sent to Tornado, using an accounting practice known as LIFO. Problem is, that doesn’t really work for crypto tracing — as the agent acknowledged.

#crypto #cryptocurrency#USpol#USpolitics

Now, this is admittedly a simplified example. A real money corner store money transfer service is required to register and abide by strict regulations as a money transmitting business, including keeping detailed records on who sent money where. Yet these are exactly the compliance measures that prosecutors, following the Blanche memo, can no longer argue Storm was required to implement. When asked during cross-examination, “This doesn’t prove that the hacker moved [Lin’s] money into Tornado Cash, does it?” the agent replied “No, not at all.”11
Now, this is admittedly a simplified example. A real money corner store money transfer service is required to register and abide by strict regulations as a money transmitting business, including keeping detailed records on who sent money where. Yet these are exactly the compliance measures that prosecutors, following the Blanche memo, can no longer argue Storm was required to implement. When asked during cross-examination, “This doesn’t prove that the hacker moved [Lin’s] money into Tornado Cash, does it?” the agent replied “No, not at all.”11
Now, this is admittedly a simplified example. A real money corner store money transfer service is required to register and abide by strict regulations as a money transmitting business, including keeping detailed records on who sent money where. Yet these are exactly the compliance measures that prosecutors, following the Blanche memo, can no longer argue Storm was required to implement. When asked during cross-examination, “This doesn’t prove that the hacker moved [Lin’s] money into Tornado Cash, does it?” the agent replied “No, not at all.”11
In an attempt to save the situation, the prosecution called in an IRS agent to testify that, using an accounting method called LIFO (“last in, first out”), one could argue Lin’s stolen funds did indeed go to Tornado Cash. While LIFO makes sense in some circumstances, such as its common application by businesses accounting for their inventory, it’s a poor choice in this situation. Essentially, the agent testified that, if you assume that the last funds into a wallet are the also the first funds to be withdrawn, it can be established that the scammer’s deposit into the chainswap service went to Tornado Cash. Let’s use an overly simplistic example to illustrate the problem here. Let’s say you have $1,000 you want to move from one of your bank accounts to another bank account. For whatever reason, you decide the best way to do this is to walk to the corner shop and have them make a money transfer for you. The guy at the counter takes down your account information, puts it on a pile next to him, and you go about your day. Behind you in line, some other person is planning to send $1,000 to an illegal arms dealer. She gives that account information to the guy at the counter, and on the stack it goes. Later that day, the clerk processes the transfers, sending $1,000 to your bank account, and $1,000 to the illicit arms dealer. Later, an ATF agent shows up at your doorstep accusing you of buying illegal guns, because the transaction from the person behind you was the last one in to th
In an attempt to save the situation, the prosecution called in an IRS agent to testify that, using an accounting method called LIFO (“last in, first out”), one could argue Lin’s stolen funds did indeed go to Tornado Cash. While LIFO makes sense in some circumstances, such as its common application by businesses accounting for their inventory, it’s a poor choice in this situation. Essentially, the agent testified that, if you assume that the last funds into a wallet are the also the first funds to be withdrawn, it can be established that the scammer’s deposit into the chainswap service went to Tornado Cash. Let’s use an overly simplistic example to illustrate the problem here. Let’s say you have $1,000 you want to move from one of your bank accounts to another bank account. For whatever reason, you decide the best way to do this is to walk to the corner shop and have them make a money transfer for you. The guy at the counter takes down your account information, puts it on a pile next to him, and you go about your day. Behind you in line, some other person is planning to send $1,000 to an illegal arms dealer. She gives that account information to the guy at the counter, and on the stack it goes. Later that day, the clerk processes the transfers, sending $1,000 to your bank account, and $1,000 to the illicit arms dealer. Later, an ATF agent shows up at your doorstep accusing you of buying illegal guns, because the transaction from the person behind you was the last one in to th
In an attempt to save the situation, the prosecution called in an IRS agent to testify that, using an accounting method called LIFO (“last in, first out”), one could argue Lin’s stolen funds did indeed go to Tornado Cash. While LIFO makes sense in some circumstances, such as its common application by businesses accounting for their inventory, it’s a poor choice in this situation. Essentially, the agent testified that, if you assume that the last funds into a wallet are the also the first funds to be withdrawn, it can be established that the scammer’s deposit into the chainswap service went to Tornado Cash. Let’s use an overly simplistic example to illustrate the problem here. Let’s say you have $1,000 you want to move from one of your bank accounts to another bank account. For whatever reason, you decide the best way to do this is to walk to the corner shop and have them make a money transfer for you. The guy at the counter takes down your account information, puts it on a pile next to him, and you go about your day. Behind you in line, some other person is planning to send $1,000 to an illegal arms dealer. She gives that account information to the guy at the counter, and on the stack it goes. Later that day, the clerk processes the transfers, sending $1,000 to your bank account, and $1,000 to the illicit arms dealer. Later, an ATF agent shows up at your doorstep accusing you of buying illegal guns, because the transaction from the person behind you was the last one in to th