Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Feds Arrest Bitcoin Celebrity In Money Laundering Case

Bitcoin Foundation vice chair Charlie Shrem accused of changing $1 million into bitcoins for users of Silk Road marketplace.

9 Notorious Hackers Of 2013
9 Notorious Hackers Of 2013
(Click image for larger view and for slideshow.)

The Department of Justice shocked the Bitcoin world Monday when it announced the arrest of Charlie Shrem, a well-known figure in the community, on charges that he helped launder more than $1 million for users of the notorious illegal products and services "darknet" marketplace known as Silk Road.

Shrem (a.k.a. Yankee), 24, was arrested Sunday at New York's JFK Airport. He formerly served as the CEO and compliance officer of BitInstant, a Bitcoin exchange company, which operated from Dec. 2011 to Oct. 2013. The firm, which employed 16 people before closing, enjoyed a measure of notoriety, with Shrem appearing on the cover of BusinessWeek in April 2013 in a "Meet the Bitcoin Millionaires" feature. In May 2013, Cameron and Tyler Winklevoss announced that in late 2012, they'd invested $1.5 million into the company.

According to a criminal indictment filed Friday and unsealed Monday, Shrem provided illegal bitcoin-exchange services to Robert M. Faiella (a.k.a. "BTCKing"), 52, who ran a Bitcoin exchange on Silk Road, which was reachable only via the Tor anonymizing network. Faiella was arrested Monday.

"Both defendants are charged with knowingly contributing to and facilitating anonymous drug sales [and] earning substantial profits along the way," James J. Hunt, the Drug Enforcement Agency's acting special-agent-in-charge, said in a statement.

[Are Bitcoins the currency of the future, or too risky to catch on? Read 7 Reasons Why Bitcoin Attacks Will Continue. ]

According to the indictment, operating under the username 'BTCKing,' Faiella sold bitcoins -- the only form of payment accepted on Silk Road -- to users seeking to make drug buys on the site. Faiella allegedly used BitInstant to fulfill his bitcoin purchases, with the exchange firm earning a commission on each purchase.

Shrem allowed buyers, including Faiella, to use BitInstant pay cash for bitcoins without verifying their identity, despite federal regulations forbidding that practice for any deposits involving $3,000 or more. Faiella reportedly then sold those bitcoins on Silk Road at a 9% markup.

In a statement issued Monday, the Winklevosses disavowed any knowledge of the money laundering that allegedly occurred via BitInstant. "When we invested in BitInstant in the fall of 2012, its management made a commitment to us that they would abide by all applicable laws -- including money laundering laws -- and we expected nothing less," they said, noting that the company itself hadn't been named as a target in the indictment.

Indeed, to date the investigation appears to be focused solely on Faiella and Shrem. Shrem helped found and serves as vice chairman of the Bitcoin Foundation, which helps promote the cryptographic currency. According to Shrem's biography on the foundation's website, he "found the need for a more secure, fast and convenient way of transferring funds between and within payment networks around the world." As the CEO of BitInstant, the site reads, Shrem "led the firm through the complex compliance, licensing, and regulations of the worldwide banking system."

But the Department of Justice accused Shrem and Faiella of flouting those regulations. According to the indictment, Shrem's bitcoin-exchange firm serviced BTCKing's bitcoin buying, "which involved the transportation and transmission of funds known to Shrem to have been intended to be used to promote and support the unlawful ... operation of an unlicensed money transmitting business on 'Silk Road,'" as well as narcotics trafficking.

Shrem was also charged with failing to file any suspicious activity reports with the Treasury Department's Financial Crimes Enforcement Network, with which BitInstant was registered as a licensed money services business. Authorities said Shrem's oversights weren't accidental. According to the indictment, by Jan. 17, 2012, Shrem knew that BTCKing was reselling bitcoins via Silk Road. "Shrem first purported to ban BTCKing from doing business with the company, copying the cash processor and Shrem's business partner ... on the message," it said. "However, Shrem thereafter wrote to BTCKing privately with a different message, advising him how to continue using the company's services surreptitiously."

The business partner referred to in the indictment -- never by name -- is UK-based Gareth Nelson, who helped found BitInstant. He's quoted several times in the indictment requesting that Shrem ban BTCKing's email address, along with several other email addresses that the same person appeared to be using, "because so many of his transactions smell like fraud or money laundering."

According to the indictment, Shrem was himself intimately familiar with the services provided by Silk Road. "Wow, silk road really works," Shrem allegedly wrote in an online chat with an unnamed party, reporting that he'd just used the site to successfully receive a shipment of marijuana brownies.

Both Faiella and Shrem now face up to 20 years in prison on a charge of conspiracy to commit money laundering, as well as another five years for operating an unlicensed money transmitting business. Shrem has also been charged with purposefully failing to file a suspicious activity report, which carries a maximum sentence of five years.

Having a wealth of data is a good thing -- if you can make sense of it. Most companies are challenged with aggregating and analyzing the plethora of data being generated by their security applications and devices. This Dark Reading report, How Existing Security Data Can Help ID Potential Attacks, recommends how to effectively leverage security data in order to make informed decisions and spot areas of vulnerability. (Free registration required.)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Exploiting Google Cloud Platform With Ease
Dark Reading Staff 8/6/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15138
PUBLISHED: 2020-08-07
Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism >=v1.1.0 that use the _Previewers_ plugin...
CVE-2020-9490
PUBLISHED: 2020-08-07
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerab...
CVE-2020-11852
PUBLISHED: 2020-08-07
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM syste...
CVE-2020-11984
PUBLISHED: 2020-08-07
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
CVE-2020-11985
PUBLISHED: 2020-08-07
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...