$3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

Where would you fell $3.4 cardinal worthy of Bitcoin? For James Zhong, the perfect spot was to store it connected a machine — with its circuitry exposed — placed successful a utilized Cheetos popcorn tin hidden successful a bath closet nether a heap of blankets.

Zhong, present 32, was sentenced to a twelvemonth successful national situation past period for a hack that took spot astir 11 years ago. His victim? Ross Ulbricht, the proprietor of the Silk Road acheronian web cause marketplace wherever Bitcoin recovered its archetypal important usage case, arsenic an underground currency. Today, Ulbricht is himself serving 2 beingness sentences positive 40 years for his portion successful operating the amerciable marketplace, but darknet markets proceed to flourish.

Somewhat ironically, billionaire Zhong was caught owed to a transportation of conscionable $1,000 worthy of BTC to an code he’d utilized previously.

Prosecutors stated that Zhong spent lavishly connected luxuries. (Zhong’s societal media)

Lifestyle of a crypto billionaire

How overmuch is $3.4 billion? One could physique different Burj Khalifa — the world’s tallest tower, located successful Dubai ($1.5 billion) — and marque the winning bid connected Leonardo da Vinci’s “Salvator Mundi” — the astir costly coating ever sold ($450 million) — and inactive person implicit a cardinal near implicit to acquisition a sports team, yacht and fleet of backstage jets. It’s astir beyond comprehension.

The machine containing astir of Zhong’s Bitcoin, recovered successful a popcorn tin. (United States Department of Justice)

But Zhong lived successful the American metropolis of Gainesville, Georgia, wherever astir $1 cardinal is capable to acquisition the luxurious four-bedroom lakefront spot helium called home. According to immoderate sources, gaining attraction from women was among the cardinal motivations of Zhong — who is autistic and was reportedly bullied successful school. Court documents hint astatine his lavish lifestyle:

“Indeed, successful the 51 months earlier instrumentality enforcement’s overt hunt of Zhong’s residences, Zhong dissipated astir $16 cardinal of transgression proceeds, spending lavishly connected existent property investments, luxury products, travel, hotels, nightclubs, and different expenses.”

If his online posts are thing to spell by, Zhong tin besides beryllium said to person been thing of a enactment animal, utilizing cocaine connected weekends and bragging astir being drunk portion keeping an oculus connected the markets. Perhaps this comes with the territory of stealing billions from a cause kingpin.

Zhong memed astir his enactment habits connected the Bitcointalk forum.

All this was presumably financed with the astir 2,900 BTC that the authorities did not retrieve from his theft. Zhong stole 50,000 BTC and converted his escaped Bitcoin Cash into different 3,500 BTC. However, lone 50,591 BTC was seized.

Silk Road

Eight months later, successful February 2011, Silk Road opened for concern successful the hidden backmost alleys of the web. “To entree the Tor acheronian web, users request to download peculiar software,” explains Ethan Lou, an occasional Magazine contributor and the writer of Once a Bitcoin Miner. He speaks from experience. Tor, helium notes, has galore morganatic uses for those who worth privacy, including leaking accusation to the press.

“It’s beauteous casual if you person immoderate basal tech know-how. Once you get in, you spot that it looks similar the net from the 1990s.”

Sellers could database their items for merchantability connected Silk Road, and the website would clasp funds successful escrow until items were received by the buyer, who could complaint the point and seller. Often, administrators would adjudicate disputes. In months, the tract grew to big implicit 10,000 listings of controlled substances, yet processing astir 1.5 cardinal transactions. One aboriginal idiosyncratic was podcaster Peter McCormack, who called it “Amazon for drugs” and told Magazine however helium coiled up successful hospital aft 3 grams of cocaine arrived 1 time and helium got carried distant — literally, successful an ambulance.

Authorities adjacent in

By June, U.S. Senators Chuck Schumer and Joe Manchin had written to the lawyer wide and the Drug Enforcement Agency, demanding they instrumentality enactment against the marketplace.

Some of those actions were off-the-books, specified arsenic those by DEA Special Agent Carl Mark Force IV, the “lead undercover agent” who successful 2015 was sentenced to 6.5 years for assorted crimes connected with the case. This included demanding exchanges frost BTC accounts successful bid to retreat the coins for himself arsenic good arsenic faking the decease of tract head Curtis Green, whom helium had really arrested, successful bid to cod wealth from DPR, who allegedly wanted him dead.

Zhong had autism, and prosecutors said helium spent lavishly. (Social media)

The website came to an extremity connected Oct. 1, 2013, erstwhile a mates started bickering successful San Fransisco’s Glen Park Library. This caught the attraction of the adjacent Ulbricht, who turned his caput from the laptop helium was moving on. It was a trap. At that moment, FBI agents swooped successful from down bookshelves and grabbed Ulbricht’s laptop earlier helium could log retired and fastener distant his 144,000 BTC — the impervious helium was DPR.

Ulbricht received a treble beingness condemnation positive 40 years with nary anticipation of parole. Many successful the Bitcoin assemblage and beyond person criticized the condemnation arsenic unjust, peculiarly considering the nonviolent quality of his crime. FreeRoss, an enactment dedicated to advocating for his release, archives statements by politicians and manufacture leaders speaking successful favour of his release. As Lou asks:

“Are 2 beingness sentences tenable for idiosyncratic who did thing that is nonviolent?”

I was arrested astatine the property of 29 and contiguous I crook 39. I’ve mislaid my 30s to prison.

During that time, I’ve done my champion to larn from my mistakes, amended myself, and assistance others bash the same.

I anticipation someday I tin marque amends arsenic a escaped antheral arsenic well.

— Ross Ulbricht (@RealRossU) March 27, 2023

A pirate’s billions

During Ulbricht’s sentencing, the funds earned by the tract were declared proceeds of crime, meaning the Bitcoin was confiscatable by the U.S. government. The astir 144,000 BTC recovered connected Ulbricht’s laptop was present U.S. property.

“Under U.S. law, authorities tin efficaciously bring a lawsuit against wealth oregon different goods and prehend them nether civilian forfeiture laws without needfully arresting the idiosyncratic possessing them. This people extends to integer currencies similar Bitcoin,” explains Jason Corbett, a lawyer whose firm, Silk Legal, specializes successful cryptocurrencies.

Cheetos, really? Where other would you support billions successful Bitcoin? (United States Department of Justice)

The authorities disposed of its newfound Bitcoin via a bid of auctions held by the U.S. Marshals Service successful 2014. Venture capitalist Tim Draper famously purchased 30,000 BTC for $18 million. Functionally, the auctions legitimized Bitcoin by removing each uncertainty regarding its legality: How could the authorities merchantability thing it considers illegal?

But immoderate of the Bitcoin was missing, each traceable from the Silk Road addresses. About 50,000 had been stolen from Silk Road’s blistery wallets backmost successful September 2012.

It was not a blase hack. Zhong deposited 500 BTC into the Silk Road platform, lone to marque 5 withdrawals for 500 BTC a fewer seconds later, tricking the wallet bundle into returning 2,500 BTC to him. This was repeated respective times utilizing antithetic accounts and expanding amounts, netting Zhong “approximately 50,000 Bitcoin retired of Silk Road successful conscionable a fewer days,” according to tribunal documents. At the time, this magnitude of Bitcoin was worthy astir $600,000.

Unexpected Bitcoin Cash windfall

In 2017, Bitcoin was forked successful a determination championed by Roger Ver and Jihan Wu. This allowed each Bitcoin holder to redeem 1 BCH for each Bitcoin they held.

Many proponents believed that Bitcoin Cash was the “true” Bitcoin, but Zhong, penning arsenic the aptly named “Loaded,” took to the Bitcointalk forum to disagree. That summer, helium went connected to speech his 50,000 BCH for 3,500 further BTC. As the U.S. authorities views the stolen Silk Road BTC arsenic proceeds of crime, it likewise views the BCH aboriginal assigned to them arsenic as confiscatable.

Zhong, penning arsenic the aptly named “Loaded” connected the Bitcointalk forum.

As a decennary passed, the worth of Zhong’s stolen treasure grew exponentially into the billions. However, with Zhong’s blockchain signature pointing to the mislaid Silk Road coins, it was lone a substance of clip earlier U.S. investigators took notice. There were, and astir apt inactive are, eyes connected the forum astatine the halfway of the Bitcoin movement, wherever Ulbricht himself had posted nether the sanction “Altoid.”

That’s the way that yet led Trevor McAleenan, a peculiar cause with the U.S. Internal Revenue Service’s Criminal Investigation Division, to rummage done the contents of Zhang’s bath closets successful 2022 successful hunt of “approximately 53,500 [BTC in] Silk Road Crime Proceeds.” He recovered 50,591 BTC, which, “using a blimpish estimation of the lowest spot terms of BTC connected the day of the search,” amounted to $3,388,817,011.90.

Not a tin cookware setup

Though Zhong hid overmuch of his BTC successful a tin, Special Agent McAleenan described his setup arsenic sophisticated, made up of “multiple machine servers, virtual backstage networks, acold wallets, virtual machines, galore layers of encryption, and aggregate Bitcoin nodes.” Over the archetypal respective years pursuing his 2012 heist, Zhong kept his loot connected 2 addresses of astir 40,000 BTC and 10,000 BTC.

Perhaps successful an effort to marque the transportation to the hack look much distant, helium began periodically moving the Bitcoin — for example, splitting the 10,000 BTC code into 10 addresses holding 1,000 BTC each successful 2020.

The lakefront location wherever Zhong kept his treasure. $3.4 cardinal could bargain astir 3,600 specified houses. (Zillow)

In an evident effort to further obfuscate the funds, that aforesaid twelvemonth helium “pushed astir 750 BTC of the Silk Road Crime Proceeds done a decentralized Bitcoin mixer,” which is bundle that efficaciously mixes cryptocurrency from assorted addresses unneurotic to marque it unclear from which root a last equilibrium comes, thereby aiming to interruption a transportation to tracked coins specified arsenic those progressive successful Silk Road.

While technically anyone tin usage a tract similar Blockchain.com to travel transactions — including Zhong’s — connected the Bitcoin chain, it is worthy noting that the IRS went beyond this, utilizing blockchain tracing and forensic software to drawstring suspicious addresses unneurotic much easily. While specified bundle does not adhd immoderate caller information, it makes interpreting the information easier.

Feds swoop in

Despite his VPNs and encryption and assorted attempts to fell the Silk Road coins, Zhong indispensable person slipped up astatine immoderate point, arsenic the IRS was capable to way him by his IP code — a unsocial identifier assigned to each instrumentality that connects to the internet. This IP code was past matched to records held with Zhong’s net work supplier arsenic good arsenic an speech wherever helium sent immoderate coins to beryllium traded, presumably obtained by a warrant requiring these records to beryllium released.

Zhong’s level safe. (United States Department of Justice)

The palmy betterment of the Bitcoin came down to identifying the movements of the coins successful question and pursuing them to an speech wherever Zhong had deposited and sold 119 BTC, worthy determination successful the portion of $1 million, successful 2019. Despite attempts to premix and obfuscate, the coins’ transportation to Zhong and Silk Road was confirmed by a transportation of a specified 0.07750842 BTC — astir $1,000 — successful leftover alteration that was sent from Zhong’s relationship to a Bitcoin code antecedently utilized to determination 1,000 BTC of Silk Road funds.

This suggests that Zhong was caught — losing him $3.4 cardinal — owed to laziness successful reusing an code alternatively of creating a caller one, oregon possibly adjacent for worrying astir 0.08 BTC erstwhile selling 118 BTC, to statesman with. The Swan Bitcoin exchange, for example, explicitly discourages users from reusing addresses owed to “negative implications specified arsenic diminished privateness and diminished security,” which Zhong’s lawsuit appears to demonstrate.

And so, a hunt warrant was issued and executed astir 2 years later, successful November 2021.

“The aforesaid BTC code controlled by Individual-1 that received alteration of astir 0.07750842 BTC successful 2019, arsenic indicated successful the Exchange records, besides is associated with a BTC code that Individual-1 utilized to transportation 1,000 BTC that Individual-1 had unlawfully obtained from Silk Road,” wrote McAleenan.

Zhong’s different loot

In summation to coins held connected a computer, Zhong had different assets dispersed astir his location wrong a room drawer and a level harmless filled with tightly bound stacks of cash. There was besides a tiny magnitude of metallic and golden bullion and a postulation of alternatively peculiar coins known arsenic Casascius coins.

The Casascius carnal Bitcoin recovered successful Zhong’s room drawer, making the U.S. authorities an accidental collector. (United States Department of Justice)

Zhong appears to person done conscionable that, efficaciously trading his red-hot “criminal proceeds” for pre-Silk Road 2011 Bitcoin that appears wholly clean.

As acold arsenic we know, however, Zhong cooperated with authorities and returned each his remaining Bitcoin, a origin that played a relation — on with his young property and autism — successful his getting a abbreviated condemnation and the much superior wealth laundering charges dropped, which would typically pb to galore years successful prison.

In Zhong’s case, the authorities appeared acold much funny successful securing the “criminal proceeds” for themselves alternatively than Zhong, whose transgression enactment amounted to stealing from different criminal.

Had Zhong hacked immoderate different dodgy site, it’s improbable authorities would person been funny successful catching up with him a decennary aft the fact. According to Corbett, ligament fraud is the physics equivalent of message fraud and has go a benignant of catch-all for prosecutors, arsenic virtually immoderate fiscal transgression contiguous involves the usage of the internet.

“Zhong was sentenced for ligament fraud committed against Silk Road, which is simply a reminder that fraud is inactive fraud adjacent if committed against a transgression enterprise.”

The acheronian side

Despite Ulbricht’s sentencing, the Dread Pirate Roberts whitethorn unrecorded on. The sanction came from the movie The Princess Bride, successful which DPR was not a azygous feared oversea skipper but a rubric passed connected from pirate to pirate. True to the myth, Silk Road 2.0 was launched wrong a period of the arrest, operating for 2 years until Blake Benthall, a erstwhile head of the archetypal Silk Road, was besides arrested by the FBI. Despite this, astatine slightest 2 sites calling themselves Silk Road 3.0 were soon again operational, on with a myriad of akin marketplaces utilizing antithetic brands.

In Once a Bitcoin Miner, Lou writes astir his acquisition visiting 1 of these marketplaces retired of curiosity portion a student. He soon spent astir fractional a Bitcoin — astir $100 — to acquisition a tiny magnitude of LSD, which ne'er really arrived. Naturally, determination was acold much than conscionable drugs offered:

“Various marketplaces offered stolen recognition paper details and passwords, drugs and guns. You could besides prosecute idiosyncratic to accidental the close words to the constabulary truthful that a tactical squad would raid a location of your choice, a process called ‘swatting.’ My friends and I adjacent recovered purported assassinations connected connection – conscionable unbelievable.”

According to Carnegie Mellon probe prof Nicolas Christin, arsenic overmuch arsenic “4.5% to 9% of each speech trades” successful the aboriginal days of Bitcoin were related to the acheronian web cause market. Considering this, determination is nary denying that the achromatic marketplace was among the archetypal usage cases of cryptocurrency, a information that inactive fuels apprehension among the nationalist regarding cryptocurrency. Lou, a journalist, takes a somewhat much optimistic view:

“Even if the usage lawsuit is not a precise bully one, I deliberation it inactive is simply a usage case. As they say, immoderate publicity is bully publicity.”