The Department of Justice of the United States (DoJ) has commissioned seven officers of the main Intelligence Directorate (GRU) of Russia with global hacking operations financed by cryptocurrency and related disinformation operations. The accusation was filed by the grand jury at the Western District of Pennsylvania on 3 October.
The defendants, all accused of working for the GRU – a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation – have been indicted for alleged "cyber attacks, electronic fraud, identity theft and money laundering" money ", according to a DoJ press release published on October 4th.
It is said that the group belongs to a group of hackers known as "Fancy Bear", and the accusation contains allegations dating back to 2014.
According to the charge, in order to "facilitate the purchase of infrastructure used in their hacking business […] [the defendants] conspiracy to recycle money through a network of structured transactions to capitalize on the perceived anonymity of cryptocurrencies like bitcoins. "
The document states that the use of Bitcoin (BTC) "allows"[ed] the conspirators to avoid direct relations with traditional financial institutions ", allowing them to further hide their identities and sources of funding.
The defendants are also accused of creating "hundreds of different e-mail accounts" to "avoid creating a centralized trail of all their purchases". Several of these accounts have been dedicated to monitoring information on Bitcoin transactions and facilitating Bitcoin payments to sellers.
The prosecution also imposed on the defendants to finance their activities through the extraction of Bitcoin:
"The bitcoin pool generated by GRU mining was used, for example, to pay for a company based in the United States to register the [phishing] domain wada-arna.org through a payment processing company located in the United States. The conspirators used the same funding structure – and in some cases, the same pool of funds – to purchase accounts, servers and key domains used in their doping-related hacking activity. "
This latest reference to anti-doping piracy refers to the DoJ allegation that Fancy Bear has conspired to steal data from 250 international athletes, as well as anti-doping agencies around the world. It is assumed that these attacks were a retaliation for the ban on Russian athletes in the 2018 Olympic Games, following the suspicion of a state-sponsored doping program.
Although these specific allegations are not part of Robert Mueller's investigation into alleged Russian interference in the 2016 US election, in particular three of the seven officials appointed by the Justice Department in this indictment were named in the investigation on Mueller.
As reported earlier, this July the Justice Department accused twelve individuals from two units of the GRU with the use of crypts – alleged miners or obtained by "other means" – to fuel the efforts to hack computer networks associated with Democratic Party, the presidential campaign of Hillary Clinton and state councils and technology companies related to the elections in the United States.