Skip to content(if available)orjump to list(if available)

Feds seized $311M in Bitcoin, then hacker stole it back


> The prosecutors accuse Harmon of a very unusual crime: remotely swiping Bitcoin...

As opposed to what, "locally" swiping Bitcoin?

> ... Bitcoin stored on a computer device the government had already seized in another case

Yeah that's your problem Mr. Prosecutor, you have no idea where bitcoins are "stored" or what the device you have seized is. Which leads me to think you are not qualified to "seize" this type of assets.

It's 2022, Bitcoin has been working practically non-stop since 2009, and governments and the medias have been claiming that only criminals/terrorists use Bitcoin for almost as long... you would think people in his position would know what private keys are and how to secure Bitcoin funds they pretend to "seize".

It's simple, like all crypto newbies this prosecutor has just learned: Not your keys, not your coins.

This apllies if you have keys and you are not certain you are the only one to have them... anyone else with these keys can/will most likely claim them before you.


Uh, those are the reporter's words, not the prosecutor's.

If you read the indictment [1], the word "remotely" never appears, and it's pretty clear the prosecutors understand how Bitcoin works.

If anyone's clueless here, it's Gary Harmon, who showed up at his brother's court hearing, learned that the government had not yet secured the Bitcoin that it legally had a right to, then almost immediately moved that Bitcoin to other wallets, and... just figured nobody would notice?



Government had bo legal right to the bitcoin. Innocent until proven guilty, means the government stole the bitcoin in a criminal attempt to deny him an adequate defense.

You can’t “steal” your own property.

The government agents involved are all felons under 18 U.S. Code § 241. Conspiracy against rights - and 18 U.S. Code § 242. Deprivation of rights under color of law -

The problem us our country is so corrupt you have forgotten we have a constitution and have probably never heard of the above two statutes.


As I understand it your (incorrect) reading of 241 is that when the government securely holds your property pending the final outcome of your trial that violates the clause of 241 that forbids a conspiracy to "injure, oppress, threaten, or intimidate any person".

If that was true detaining a person would be a much more serious violation than detaining your property.

Now I happen to believe that pretrial detention is almost never moral. However, it's pretty obviously not a federal crime for a judge to order someone accused of murder to be held in jail until their trial.


It's always funny to see someone who first talks about the presumption of innocence then going on to call huge groups of people felons without even knowing the details of the case.


Even without knowing the letter of the law to a T I'm aware that in a criminal case evidence is confiscated, assets are frozen, etc. during prosecution. It's standard procedure. I don't see how holding bitcoin from a money laundering case is evidence of government corruption. Sure, the CJ system is broken and awful... but your ideas of why are just incorrect.


> The government agents involved are all felons

Pretty ironic this appears just a couple words after "innocent until proven guilty."

This is borderline sovereign citizen nonsense. The prosecutors and government agents did nothing wrong here.


Hey Trump is looking for a lawyer who will tell him just that. No qualifications necessary (or desirable) except that you just tell him everything he wants to hear, and trust he won't decide not to pay you, lie to you expecting you to repeat it in court, throw you under the bus, say racist shit about your wife, then send an angry mob of confederate surrender flag wielding MAGA mouth breathers to burn your house down. Give him a call, he'll be pleased to her from you! Have fun.


On the other hand it's unthinkable that FBI has to bribe anonymous chinese miners and beg to confirm a transaction in a timely manner to seize bitcoins. What if they don't?


>It's simple, like all crypto newbies this prosecutor has just learned: Not your keys, not your coins.

The US government can throw your ass in prison for the rest of your life so yes, it is their coins. This is the basis of all government power and in a lot of cases, like this, it's good


Ah the old “violence makes it moral” argument.

The government cannot do those things under the law, but only by violating the laws.

Problem is they have done it so much you think its not only legal, but moral!

Innocent until proven guilty.


In democratic societies, the state has the monopoly on violence. This is, as opposed to totalitarian regimes, governed through laws passed by the people either directly or indirectly. Crypto or smart contracts do not circumvent those principals.


My passport has the wrong color. Banks often ask me for bullshit documents.

People are guilty by default on AML world and the burden of proof ALWAYS fall to the accused. This type of perversion of democratic values is loved and applauded by "well mannered and civilized" tech types whom are totes ok with de-risking strategies that are pretty much based on xenophobia. I'm yet to debate one of those oh-so-enlightened persons that didn't resorted to the "its your fault to have been born in the wrong place!" argument.

You know those people who love and pray to the altar of the almighty GDPR? They don't bat an eye to the fact that it doesn't apply to financial records.


> The government cannot do those things under the law, but only by violating the laws.

They can and they do

Feel free to explain to your lawyer how you're digging your own hole even further

Then we're supposed to hear sob stories about people who thought it was "just a prank" and got in serious trouble because they didn't know when to stop?


It’s moral because he’s a scammer who stole money and violated the law. He shouldn’t keep ill-gotten gains because he’s good at using computers and his victims weren’t. If this were Edward Snowden (say what you want about his dealings with Russia in exile, what he did should not have been a crime) I’d have a very different opinion, but as it stands this guy is a scammer getting his just desserts


I'm unsure this is as reliable of an offensive strategy as it would seem.

For a lot of people, there is no amount of money they'd be willing to spend the rest of their life in captivity for - but for a great many with dependents I imagine there's probably a number at which you'd go "yeah, OK, I'll take that deal".

That being said, rotting in prison doesn't protect any of your stuff from seizure anyway so we're back to the parent's point again.


What happened to Kevin Mitnick is a cautionary tale that you can be held for at least five years without bail before you get the opportunity to plead your case.


Except he was in jail because he was fugitive from violating probation on a earlier fraud conviction


Imagine sending in a hard-core, 2009-era bitcoiner with a single address containing 10k bitcoin. The bitcoiner isn't going to hand over his coins for any reason (including torture, torture of family members, bribery, etc). How does the US government own the coins by incarcerating the bitcoiner?


Just because you hide a big bag of cash where no one can find it, it doesn’t necessarily mean it’s yours, just that you have it.

If the US government says that it has lawfully seized your bitcoin, then by law the US government owns the bitcoin, even if they don’t possess it. If you’re successfully keeping it from them, they can and will punish you for it. Again, as FormerBandmate said, that’s the basis of their power.


>The bitcoiner isn't going to hand over his coins for any reason (including torture, torture of family members, bribery, etc).

Lol. Lmao, even. Let's just suppose a completely different kind of human.


Isn't this just textbook rubber hose decryption? Nerds with families are easy to manipulate or intimidate.


of course now anyone who can be traced to a wallet that interacts with these coins is now a criminal for receiving stolen goods, or obstruction of justice or probably a dozen other things.


How is this not the kill-switch for bitcoin? Every bitcoin comes with the risk of having been in a wallet of a criminal. Since all transactions are kept forever, shouldn't every bitcoin be at risk of being seized?


Government doesn't even have to physically seize anything. They just have to say "transacting with these particular coins is illegal". The blacklisted bitcoin is now worth zero USD, as many individuals receiving money from sanctioned people discovered.

I honestly have no idea why bitcoin is still the most valuable cryprocurrency when projects like Monero exist.


To be pedantic, the BTC freshly mined has clean history.


A lot of crimes require mens rea, ie. being guilty would require knowing the bitcoins are shady.


While perhaps not criminal, receiving them could subject a person to asset seizure. Usually stolen things are seized whether the receiver knows they are stolen or not. The burden is then on the receiver to persue criminal, or more likely, civil action.


And as the media keeps repeating bitcoin is heavily used for illicit & illegal activity so not only bitcoin itself (that none of the jury holds because those that hold it have been excluded, let alone any of them actually understand it) and then probably exchanging with very specific wallets in this case.. probably guilty despite what the defendant has to say for their actions..


>> you would think people in his position would know what private keys are and how to secure Bitcoin funds they pretend to "seize"

How exactly would you have handled this differently? They were well aware the account could be recovered via mnemonic, but they couldn't move the funds because they didn't have the PIN.


Sounds like they did not truly secure the crypto then. Shouldn't call it seizing if you don't have it digitally in your own secure wallet.


But what will they say at the press conference then?


Wait until the prosecutors learn about gas fees. XD


Don’t call it seizing then.


obviously if they call it seizing and are willing to make the case in court that they had it seized, then the 'stealing' of it is a separate crime that probably has even worse penalties given that the argument would be it was stolen from government secured storage. Which I guess would make for an interesting case.

If they don't charge for another theft then it would be obvious that they don't believe enough in that they had it 'seized' and that what happened was a 'theft'.

on edit: I guess I need to go find it on to figure out if that has happened or not though.






Locally swiping = physical access to media with the keys. Remote = remote access to such media, or getting the key some other way remotely.


> as opposed to what?

There are more words in that sentence. Are there other examples where someone "remotely [swiped] Bitcoin stored on a computer device the government had already seized in another case?"

They seem to define "stored on service" in this case as "accessible only with access to device." It's an interesting case: is it harder to recover physical assets from a police storage locker than digital?


> It's an interesting case because it's harder to recover physical assets from a police storage locker than digital.

I feel like you missed the whole point the comment you replied to made. If the person who stored the cryptocoins on the physically seized computer had a copy of the private keys on another computer (COMPLETELY NORMAL) and the prosecutor never transferred the coins making the assumption that physically holding them was good enough, then that is an invaluable lesson they just learned.

As the previous comment says, if two people have access to the private keys for a wallet, whoever gets to it first is the real owner.


>and the prosecutor never transferred the coins making the assumption that physically holding them was good enough, then that is an invaluable lesson they just

The prosecutor didn't make that assumption. The prosecutor was unable to move the bitcoin because the prosecutor didn't know the PIN.


It’s a moot point. If BTC is seized or forfeited to the US government, and the (co-)owner later transfers them out of the original wallet, it will likely only accomplish the addition of felony criminal charges. It is an assist to the federal prosecutors. Case in point, Gary Harmon, who probably wouldn’t be on trial otherwise.


> if two people have access to the private keys for a wallet, whoever gets to it first is the real owner.

I'm not a lawyer, but I'm pretty sure that's not how laws work. My son has a key to my car, but if he took it and ran off to seek his fortunes, that doesn't make it his car.


So let's flip it: how long will it stay that way: where law enforcement is unaware they've left ostensibly seized assets unsecured?


It’s like ‘seizing’ a copy of digital pictures by a well known photographer (or a hard copy of the camera film reel) without actually being in control of the original pictures.

And being surprised that another person got access to the photos and sold the originals on the market to another buyer.

It didn’t require breaking into the police evidence locker to make copies.

The key difference here in this analogy is that with pictures the cloned digital assets might have some value but not securing the original keys is like not securing the copyright.


80% of the way through the article you can read what actually happened. It's not that the Feds were incompetent and kept a "seized wallet" thinking only they had the private keys or something like that.

The wallets were simply protected by a passphrase and Larry couldn't be compelled to give the passphrase. The feds even told the judge they didn't have control of the funds and they could be moved to family/friends before it happened.


Which means the feds didn't actually seize anything. A copy of the wallet without the passphrase is nothing. If the feds don't have the keys, they don't have the coins.

It sounds like Michael Scott declaring bankruptcy - the feds declared "I seize Bitcoin" but nothing happened.


> Which means the feds didn't actually seize anything

Seizure is tied to possession, a legal concept [1]. Not control. Courts commonly authorize the seizure assets not yet under the government's physical control. (I agree the terminology is misleading.)



"Feds seize song 'Stairway To Heaven' from Florida Man, surprised to find him listening to it anyway".

Point being, lawyers can pretend that information is property, but some things obey physical laws and other things don't.

(edit) Maybe I'm being unclear, but your link defines seizure as "removes property from an individual's possession" and none of these terms apply here.


Ok, but they still didn’t actually seize anything. This is like saying they seized your bank account because they took the wallet which has your debit card in it.


So when i read that a suspect was seized by police; They might have just recovered a picture of the person..? But then the real person can't change addresses as they would be charged with escaping from police custody..

Doesn't seem right.


But they still didn't "possess" anything, except a meaningless blob of data... of which there are probably copies of out there.


That's good to know!

But the title is the part that is so misleading that it's essentially inaccurate - you can't steal something back that was never taken away.

This would be like the feds "seizing" a car, and you drive it away before they actually come take possession of it. Hardly stealing it back, they simply never had it.


> If the feds don't have the keys, they don't have the coins.

Having the keys is necessary but not sufficient. Namely, if other people have the same keys you don't really hold the bitcoins in any practical sense.

It's like ten people all holding a $1000 check drawn against a bank account with only $1000 in it. Whoever cashes the check first has the money, everyone else don't have anything.


This was bound to happen eventually. People have been noting for awhile how often law enforcement just leaves the "seized" coins in the original wallet somehow thinking that no criminal would ever make a backup copy of their private keys.


> People have been noting for awhile how often law enforcement just leaves the "seized" coins in the original wallet

Do you have any source on that?



Come on.

I clicked on this link expecting to actually get some evidence.

You just wasted my time. Thank you not.


You got me.


The FBI has a bitcoin wallet, and they routinely used to store seized BTC there. I'm not sure what they are doing now, I don't really pay attention, but last I looked that address was basically empty.


Yeah, FBI wallets regularly get sold at GSA auctions.


> Agents built a detailed financial picture of Larry. Inspecting his cloud accounts, they found a Google Glass photo of a computer screen showing the Helix administrator page

Wow, a picture taken with google glass is one of the things that got him


Sounds like parallel construction.


I'm not sure it's very good parallel construction. They say they only got the picture after subpoenaing data from his cloud account. So the police talking about this picture doesn't eliminate any public discussion of how the police got enough suspicion and evidence in order to get a subpoena in the first place.


The purpose of parallel construction is to not disclose the actual methods used by law enforcement because they may be illegal and/or disclose sources of information that they would like to keep confidential. It only needs to be minimally believable as a “stroke of luck” to the court. Law enforcement doesn’t particularly care if the public believes it or not as long as the methods aren’t disclosed.


Likelihood that these are always on, dumping data directly to the Feds?


They don’t need to. Just mail over a warrant and Google will happily do the data collection for them.


Zero, given that anyone can sniff the traffic.


There can never be a problem with OpenSSL or Log4j, they’re open source. Too many eyes on it to be a problem. Absolutes, cut it out.


Besides what other people said, if a device is always on, dumping data directly to the Feds then it will be hot and its battery life will be very short.


Maybe smart phones would last a week on one charge if they weren't running the fed rootkit? :-p


Based on the replies you received, somewhere between zero and 101%.

Jokes aside, my guess is zero. Transmitting that much data would probably be a lot. Maybe you could take a picture every 30 minutes and hide it away with other data if you really wanted to, but Google Glass was so short lived I imagine they had bigger things to worry about.


Well, Google Glass was a niche product and monitoring its users may have been of particular interest.




> remotely swiping Bitcoin

In other words, he used his own private key to send a transaction. How is that "hacking"?


Because Bloomberg articles are apparently written by clowns.


> Agents built a detailed financial picture of Larry. Inspecting his cloud accounts...

Scariest part of the article.


scary? did you just wake from a 15 year coma?

you store anything in a big-corp cloud, which you haven't personally encrypted, with keys that only you possess, then assume it's all backed up in fed repos (somewhat hyperbolic, especially for non-crims, but not far fetched by any means)

that's neither new, nor news (sadly)


This is why I don’t bother with RAID (besides 0). If a drive ever fails I just FOIA NSA and all my data shows up a few weeks later, usually with a nasty letter about how this is the last time


I actually did this when it was time to renew my SF 86. I didn’t want to remember all the names and addresses and phone numbers from the last time. So I just did a FOIA on myself and the emailed me my last form already filled out.


This legitimately made me guffaw. Well done.


"New" isn't a prerequisite for "scary".


I never said it was new nor news, I said it was scary.


why? i'm sure they had a warrent



Irrelevant. If they have a warrant they can physically knock down your door and search your underwear drawer.


> To US prosecutors, it’s evidence that he suddenly came into a lot of money.

it's a tub full of singles :_D

i've seen strippers leave the stage with more


There’s at least 20 bucks there!


Dude, that guy's got to have like, 200 bucks! Wild!


No, Blooomberg. The "hacker" never "stole" the money back. The feds never seized it in the first place. All they seized was an encrypted wallet.

Putting it in terms you might better understand: What the feds seized is equivalent to a foreign, chip-only banking card. They never seized the money behind it or the pin required to move that money.


This reminds me of that time that a governor claimed a journalist hacked the state via right-click => view source.


That was, what a year ago? 2?


If you find yourself in the similar situation, use RenVM to get your bitcoin over to an EVM (Ethereum Virtual Machine, many networks use EVMs now), then you have many more options.

You can still use Tornado cash. You can still withdraw from Tornado cash to new addresses. You can use those funds in those new addresses to buy and pump the price of the the smallcap tokens you already owned with your salary money. Decentralized exchanges that utilize liquidity pools remove the need for matching orders, liquidity pools are mixers on their own. It doesn't matter who you sell your pumped tokens to, you are just depositing them in the liquidity pool and getting the more liquid token back - USDC, Ether, etc.

A couple 8,000% gains later and you're just another crypto trader that got in early and believed.


(other things to note:

- for the bitcoin transaction, you should do this from a machine or VM running Tor system wide.

- for the EVM transactions, you can do this from the Tor machine as well, but also consider running your own node because in EVMs the nodes do not know which node saw a transaction first. Whereas using a remote note such as Infura or Alchemy has lots of records. Most of the Ethereum stack is Javascript heavy so this undermines the desire to use Tor browsers and operating systems, but it doesn't really require Javascript, thats just what the communities built. It is tricky (but not impossible) to run an Ethereum node over Tor, as the default behavior is that the protocol cannot find the other nodes - but once it does it can download blocks just fine, so either tunnel or hardcode some nodes to connect to. But remote nodes over API connected via Tor may fit your use case well enough. Just things to be conscious of.)


Does pumping really work when the whole market is crashing?


in what I described, you can control this

the liquidity pool is the market


Always good to have a post with someone explaining to engage in illegal money laundering and thus indirectly explain the NFT, ICO, and 1/4 of the altcoin ecosystem.


thanks for your contributions to the space

the capital will not be controlled and the government will have to find new tools to “promote a change of behavior” as they delightfully put it

anyway, I’m all for walking away from the dirty funds that are stuck with the illiquid token, but even bigger fun to be had if the other 75% of the market buys into your token just because the price rallies so hard, then your tornado cash funded addresses can cash out again and be ready for the next play.

Or even better, the token gets so popular that the token and/or liquidity pool shares can be staked in another legit protocol to borrow against or earn passive income.

Capital games, capital gains. Like most patient or dead capital, you can still use it to validate ideas and causes you care about. “Wow the TVL is so large, now I need to use it too” for example.

The idea of policing capital is gone, whether the documentary on this reality has come out or not.


It's a thing, for sure, and something that a lot of people would like to hide. I don't understand why you sound so -- proud? about it. Even if we ignore that the laundering is only sometimes ethically neutral the people being scammed into buying the illiquid assets due to the deceptive cover are getting defrauded. This brings the whole ecosystem into ill-repute.


I'm sorry, this sounds like they essentially grabbed the post-it note with someone's bank account login from their screen, and then been surprised that the person logged in and then Zelle'd their money to a different bank account?

(obviously replace bank+passcode with wallet seed or whatnot)

Because it really seems like the obvious thing would be to immediately move the bitcoin or whatever from the original elsewhere on the assumption that they'd be recouping the transaction cost?