On Tuesday, someone emptied out one of the most mysterious and most valuable Bitcoin wallets in existence, which contained almost $1 billion dollars linked to the notorious Silk Road dark web market.
We now know who did it: the U.S. government.
On Thursday, the Department of Justice announced that it had seized the wallet.
“Silk Road was the most notorious online criminal marketplace of its day,” U.S. Attorney David Anderson said in a press release. “The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go? Today’s forfeiture complaint answers this open question at least in part. $1 billion of these criminal proceeds are now in the United States’ possession.”
In the civil forfeiture complaint, Anderson explained that the government took control of the wallet on Monday, after an unnamed hacker agreed to forfeit the cryptocurrency. The hacker, who is only identified as "Individual X," allegedly broke into Silk Road's website and stole the bitcoin in 2012 or 2013. The hacker then transferred to the infamous wallet with the address "1HQ3Go3ggs8pFnXuHVHRytPCq5fGG8Hbhx," according to the complaint.
It's unclear who Individual X actually is, and the complaint does not explain how the feds found them. A spokesperson for the United States Attorney's Office of Northern District of California, which is prosecuting the case, declined to answer any questions about the hacker known as “Individual X.”
Investigators identified several interesting Bitcoin transactions thanks to a "third party bitcoin attribution company" that found 54 transactions sent from Silk Road wallets to two other wallets. On April 9, 2013, these two wallets sent 69,471.082201 bitcoins to the wallet now seized by the feds.
Do you have any information on this case? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wire/Wickr @lorenzofb, on OTR chat at firstname.lastname@example.org, or email email@example.com.
One company that helped the investigators was Chainalysis, according to the government's press release.
“We provided investigative assistance and the agency used our software to follow the funds,” Chainalysis co-founder and CSO Jonathan Levin told Motherboard in an online chat.
For at least a year, hackers had been trading a file that allegedly contained the Bitcoin, in hopes that someone could crack the password protecting it and steal the loot. Clearly, the feds got there first.
This article was updated to add a comment from Jonathan Levin, and to include the response from a U.S. Attorney's Office spokesperson.
Joseph Cox contributed reporting for this story.
Would you like to read more stories about hacking, privacy, and surveillance? Subscribe to our pop-up 'zine The Mail. The next issue is about hacking culture.