The Ministry of Justice accused Tian Yinyin and Li Jiadong laundered more than $ 100 million in cryptocurrency for the benefit of co-conspirators in North Korea. The Treasury Department placed their names (and 20 of their Bitcoin accounts) on a list of foreign natural and legal persons who are prevented from doing business in the United States.
The government also unsealed a legal document explaining why he wants to seize 113 cryptocurrency accounts associated with North Korean money laundering. This document paints a detailed picture of Tian and Li’s alleged crimes. And it has raised the curtain on a high-tech cat-and-mouse-style conflict going on behind the scenes, in which launderers have turned to elaborate automated schemes. to obfuscate their cryptocurrency transactions and enforce the law.
Kim Jong-un’s regime is economically isolated by sanctions aimed at hampering its nuclear weapons program. In recent years, he has turned to the cryptocurrency world to generate income, mainly by stealing it. In August last year, sanctions experts told the United Nations not only that North Korea had used “widespread and increasingly sophisticated” cyber attacks to steal up to $ 2 billion from crypto exchanges and to other financial institutions, but also that it was using the money to finance its weapons program.
North Koreans have also apparently become experts in the dark art of digital money laundering. It makes sense: very few companies accept cryptocurrency, so North Koreans need a way to convert their stolen cryptocurrency into good ol ‘dollars or some other fiat currency.
This is where the newly convicted Tian and Li come in: they were said to have been the cogs of an elaborate money laundering machine that would have successfully cashed in $ 100 million in stolen cryptocurrency. The United States claims that at the end of 2018, hackers working for Kim Jong-un stole around $ 250 million in cryptocurrency from an unnamed South Korean exchange. Much of this money, mostly Bitcoin, apparently landed in accounts at various exchanges owned by Tian and Li, who converted it into fiat currency. But it’s what happened before it happened to them that is really telling.
Anyone attempting to launder illicit cryptocurrency funds faces at least two big challenges. First of all, you can’t just deposit huge sums of Bitcoin on different exchanges without raising red flags. Second, and perhaps more importantly, Bitcoin transactions can be traced; they are all registered on its public blockchain. Users are pseudonyms, represented on the blockchain by strings of numbers and letters called addresses. But if investigators can link an address to a real identity, they can track every one of its transactions.
To overcome these hurdles, North Korean hackers sent the stolen Bitcoin through a long chain of transfers to new addresses, each of which removed a small piece of the whole and sent it to a different address, often associated with a account in an exchange.
According to the government, North Koreans have engaged in “hundreds of automated transactions” with new Bitcoin addresses to create “peel chains” leading to four different exchanges, making them difficult to follow.
Peel chains can get very complicated when they get long, and especially when money launderers generate new ones using money peeled from the original – “peel chain peel chains” says Philip Gradwell, chief economist at Chainalysis, a blockchain analytics company. They make it difficult to determine when the money actually changes hands and when it is simply transferred to another address controlled by the money launderer, he says.
Meanwhile, the use of exchanges to launder stolen cryptocurrency appears to be a growing problem. According to Chainalysis, in 2019, criminal entities transferred $ 2.8 billion worth of Bitcoin to exchanges, up from around $ 1 billion the year before. How is that, given that most exchanges are required by anti-money laundering rules to keep track of their clients’ identities? Chainalysis concluded that money launderers have found a workaround: a small number of “rogue” brokers who use their accounts that appear legitimate on exchanges to help them cash out. It sounds a lot like how the US government describes the work of Tian Yinyin and Li Jiadong.