Coinbase CSO says ‘good ol’ fashioned police work’ landed the FBI the private keys.
Coinbase’s Chief Security Officer has refuted suggestions the U.S. crypto exchange was involved in any seizure of crypto assets related to recent Colonial Pipeline ransomware attack.
CSO Philip Martin took to Twitter on June 8 to explain the firm’s involvement, or lack of it, with the Department of Justice warrant for the seizure of Bitcoin.
“Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet.”
1/ I've seen a bunch of incorrect claims that Coinbase was involved in the recent DOJ seizure of bitcoin associated with the Colonial Pipeline ransomware attack. We weren’t. a thread:— Philip Martin (@SecurityGuyPhil) June 8, 2021
The official seizure story, in which government officials recovered 63.7 BTC, worth roughly $2.3 million at the time, had a number of irregularities. Federal investigators claimed to have obtained the Darkside group’s private keys but did not disclose how the FBI was able to commandeer them.
The #Bitcoin associated with Ransomware / Darkside / Colonial Pipeline Co. hack went through the Californian servers of @coinbase and likely seized by U.S. investigators there.— This is Bullish (@thisisbullish) June 8, 2021
Not your keys, not your 63.7 #BTC. pic.twitter.com/4RwZLFww5c
According to the affidavit, the private key for the subject address was in the possession of the FBI in the Northern District of California. This led to the connection with Coinbase which has servers in the area as a number of Twitter users pointed out. Martin refuted these claims stating:
“I’ve also read that because the seizure warrant specified property in the Northern District of California, it had to be targeted at Coinbase. Nope. What this likely means is that the private key is located at one of the many Northern California FBI field offices.”
He added that due to the exchange’s storage mechanisms which use a pooled hot wallet, it “wouldn't make a ton of sense” to hand over a specific private key.
Questioning how the investigators acquired the private key he guessed that it was “some good ol' fashioned police work to locate the target servers,” followed by a mutual legal assistance treaty (MLAT) request and/or some political pressure to get access.
Concerns arose over the abilities of authorities to access the cryptographic keys which played a role in yesterday's market drop. However authorities have a variety of innovative ways to access private information. On the same day, reports surfaced detailing a fake encrypted communications app used by criminals that was secretly operated by the FBI in order to surreptitiously collect messages, private information, and monitor criminal activity on a massive scale.
In a newsletter on June 8, the founder of Quantum Economics and a former Senior Market Analyst at eToro Mati Greenspan, stated that the recovered ransom was actually bullish for Bitcoin as many had expected U.S. politicians to use crypto as a scapegoat for the attack and to enforce some heavy-handed regulations.
“Instead, they were clued in to what we already knew, that it is easier for authorities to catch criminals who use crypto than anything else.”
Greenspan added that the “only valid explanation for prices to be falling is that markets are random, especially in the short-term.” At the time of writing, BTC was trading down 2.2% over the past 24 hours at $33,000 after slumping over 10% since the beginning of the week.