The Man Who Solved Bitcoin's Most Notorious Heist

0

Kim Nilsson in his Tokyo neighborhood.

Kim Nilsson in his Tokyo neighborhood.


Photo:

Shiho Fukada for The Wall Street Journal

Kim Nilsson was seething. It was 2014, and the software engineer discovered someone had disabled access to his bitcoins. A crime had apparently been committed, one that the police seemed unable to comprehend, much less solve.

The coins went missing from a failed bitcoin exchange called Mt. Gox, and hundreds of investors found themselves demoralized, if not broke. More than $400 million had seemingly vanished into cyberspace.

Unlike many victims, Mr. Nilsson resolved to fight back, and he teamed up with a lawyer and another partner who also lost bitcoins to track down the culprits. What ensued was a three-year journey through the internet’s underbelly that ended last summer on a Greek beach. There, in the shadow of a 1,000-year-old monastery, FBI agents arrested a Russian man and charged him with laundering bitcoin worth some $4 billion at recent exchange rates, one of the biggest crimes to be alleged in the brief history of cryptocurrencies.

Wild Ride

Bitcoin’s value in dollars has fluctuated dramatically in the cryptocurrency’s short life.

$20,000

16,000

12,000

5

8,000

4

4,000

3

2

1

0

’17

’12

’11

’13

2009

’14

’15

’16

’18

’10

January 2009

First bitcoins created by mysterious founder known as Satoshi Nakamoto

1

April 1, 2013

Bitcoin hits $100 for first time

2

February 2014

Mt. Gox announces insolvency

3

August 2015

Mt. Gox founder Mark Karpeles arrested on embezzlement charges, which he denies

4

July 2017

Alexander Vinnik arrested in Greece

5

Source: CoinDesk

Mr. Nilsson’s bitcoin odyssey, from an optimistic adherent to a hardened computer sleuth, encapsulates the messy maturing process of cryptocurrencies as their value and use have exploded in recent years. His unearthing of an apparent multibillion-dollar theft and money laundering scheme at the very center of bitcoin’s world shows just how dangerous its largely unpoliced digital wilderness can be for investors.

His work—what he calls “blockchain archaeology”—has become an industry, with a crop of cryptocurrency private-investigation firms now following money flows and detecting possible crime for big banks, exchanges and law enforcement alike. U.S. government agencies—including the Federal Bureau of Investigation, Central Intelligence Agency and Internal Revenue Service—have their own cryptocurrency investigators.

In the nine years or so since bitcoin made its debut, cryptocurrency worth more than $15 billion at peak prices has been stolen, much of it in hacks like those that precipitated Mt. Gox’s collapse. That tally doesn’t include thefts that haven’t been publicized, or cryptocurrency used in other illegal activities, like buying stolen credit cards or paying hackers.

The ​cryptocurrency Bitcoin has a problem as old as money itself​—theft​. And that’s giving rise to a new profession: bitcoin detectives like Kim Nilsson, a victim of the massive Mt. Gox exchange hack. Photo illustration: Heidi Gelover/The Wall Street Journal

The rip-offs represent just one of the threats now facing bitcoin, which has electrified the financial world with its promise of a decentralized, anonymous payment system intended to render banks obsolete.

Anonymity is evaporating as people transact on big, centralized exchanges that collect detailed user data—and provide it to government investigators. Speculators have driven huge price fluctuations that make bitcoin unviable as a currency and dangerous as an investment.

Then there is crime: With little government oversight and no way of reversing bitcoin transactions, thieves have developed creative ways not just of breaking into exchanges, but of using bitcoin to facilitate all sorts of other schemes. Credit-card thieves sell stolen cards for bitcoin; hackers—including some from North Korea—have taken data for ransom to be paid in bitcoin, cybersecurity researchers say. Regulators now want to subject bitcoin to many of the same rules as traditional investments.

For true believers such as Mr. Nilsson—a 36-year-old Swede who lives and works in a cramped Tokyo high-rise—it has been a comedown.

Mr. Nilsson and others in Japan’s enthusiastic digital-currency community crowded into bitcoin in a moment of post-financial-crisis optimism. Founded by an enigmatic coder—or coders—going by the name Satoshi Nakamoto, bitcoin exists only online as a string of code in a digital ledger, called a blockchain, outside the mainstream financial system.

The ledger is maintained by thousands of computers dispersed throughout the world. Transactions on it are publicly viewable, but the people behind them aren’t. The arrangement ensures that a person can’t use the same bitcoin to pay for a good or service more than once. While bitcoins can be seen moving between “addresses” identified by strings of letters and numbers, the names of wallet owners remain out of sight.

In theory, the process is decentralized, and each owner is responsible for keeping track of the password. There is no need for a trusted intermediary, such as a bank or credit-card company, to ensure the validity of exchanges; the blockchain does that.

In practice, many bitcoin transactions are facilitated through exchanges, rather than people directly using the blockchain. Many exchanges, which are largely unregulated, function much like traditional financial institutions, connecting buyers with sellers and holding their currency in online accounts. Those accounts—and the user information exchanges collect—can be susceptible to hacking.

Mt. Gox, based in Tokyo, was one of the first and largest such exchanges. It provided a platform to buy and sell bitcoins as well as a service to maintain users’ password-protected digital wallets, where bitcoins are stored. In 2012, Mr. Nilsson bought his first bitcoin from a friend. A year later he started buying the cryptocurrency from Mt. Gox, accumulating a small cache.

With a tuft of chin beard, and the dark wardrobe of a 1990s hacker or a fan at a Rush concert, Mr. Nilsson has lived in Tokyo on and off for about a decade.

Kim Nilsson ran a bare-bones operation in his quest for answers to the Mt. Gox heist.

Kim Nilsson ran a bare-bones operation in his quest for answers to the Mt. Gox heist.


Photo:

Shiho Fukada for The Wall Street Journal

Unknown to buyers at the time, Mt. Gox was headed for trouble. Hackers gained access to private keys in 2011 and began to steal bitcoins from online wallets—some 630,000 over four years.

Mt. Gox owner Mark Karpelès, a French expatriate in Tokyo, tried to conceal the thefts until early 2014. Mt. Gox halted withdrawals and filed for bankruptcy.

The debacle, the biggest in bitcoin’s short history, left hundreds of victims. A California man lost about $40,000; a Chicago investor more than $50,000. Daniel Kelman, a Brooklyn-educated lawyer who was living in Taiwan, lost 44.5 bitcoins, or about $400,000 today, and traveled to Tokyo hoping to get to the bottom of the theft.

At a bitcoin meetup in a skyscraper bar, the lawyer met Jason Maurice, a floppy-haired Hawaiian. Mr. Maurice, who goes by “Wiz,” passed on the name of a colleague, Mr. Nilsson, who had the programming chops to solve Mt. Gox.

Over dinner at Teddy’s Bigger Burger, one of several Hawaiian chains Mr. Maurice often insisted on, the men hashed out a plan to find the missing cryptocurrency and leverage their success into a business.

“You know those documentaries about the Kennedy assassinations, and you see them 20 years later?” Mr. Kelman, the lawyer, remembers telling his partners. “That’s going to be us in 20 years.”

Messrs. Nilsson, Kelman and Maurice called their company WizSec, after Mr. Maurice’s nickname, and adopted the tagline “Bitcoin Security Specialists.” The business never really took off.

“It quickly devolved to just being me sitting around working on the technical front,” says Mr. Nilsson. Without money for new technology or an office, he conducted the investigation out of his 650-square-foot apartment in a high-rise outside Central Tokyo.

With only his home PC that he’d built for videogaming from parts ordered online, Mr. Nilsson didn’t have the computing power to efficiently search bitcoin’s blockchain. Searches could eat up an entire night.

Instead, Mr. Nilsson developed a program to index the blockchain, which allowed him to quickly search each transaction’s input, output and addresses.

Though patterns began to emerge, they were hard to decipher because the blockchain doesn’t identify who’s behind each transaction and there is no online phone book linking blockchain addresses to real people.

A lucky break kept him going. Parts of Mt. Gox’s database leaked, some of it onto the internet and other portions to journalists. Mr. Nilsson obtained the leaked data—private records of trades, withdrawals, deposits and users’ balances.

Mark Karpelès ran Mt. Gox until the bitcoin exchange imploded in 2014.

Mark Karpelès ran Mt. Gox until the bitcoin exchange imploded in 2014.


Photo:

Akio Kon/Bloomberg NEWS

In May 2014, another programmer published an analysis of that leaked information. It found accounts were buying bitcoin in a way that appeared automated—and set up to prop up the price of Mt. Gox holdings.

Retracing the report, Mr. Nilsson realized he could use the database to figure out how much bitcoin Mt. Gox lost by locating every bitcoin wallet associated with the exchange, then tracing their transactions.

The investigation was dominating his life. Still working his full-time day job, his nights became Coke Zero-fueled sessions before three glowing screens, one with lines of code, another with a spreadsheet to record key information, and a third to write narrative notes.

After months of work, Mr. Nilsson had nearly two million addresses associated with Mt. Gox—but no idea who used each address, or for what purpose. He needed insider help.

By then, Japanese law enforcement was investigating Mt. Gox. Its chief, Mr. Karpelès, was laying low. Mr. Kelman had reached out over a bitcoin channel on the messaging program Internet Relay Chat that he knew Mr. Karpelès frequented. “I got on IRC one day and I just started accusing Mark of embezzling money,” Mr. Kelman says.

Eager to clear his name, Mr. Karpelès agreed to meet with Messrs. Nilsson and Kelman at another hamburger restaurant. He confirmed account information Mr. Nilsson compiled, and helped him develop a complete list of Mt. Gox addresses. The two investors say he also told them something that wouldn’t become public until much later: The suspicious trading on Mt. Gox was the work of a program Mr. Karpelès developed to conceal thefts by unknown perpetrators.

Mr. Karpelès declined to comment, but has previously denied embezzling funds from Mt. Gox.

Mr. Nilsson went through the remaining thousands of wallets and determined that while Mt. Gox should have had about 900,000 bitcoins, it instead had fewer than 200,000. And he saw coins went missing as early as 2011. “Knowingly or not,” he wrote in a 2015 blog post, “Mt. Gox was technically insolvent since at least 2012.”

After those coins left for other exchanges, some seemed to be sold for cash. Mr. Nilsson hadn’t figured out who was stealing or selling them, but felt he was on the trail.

Hoping to shake loose more information, in April 2015 he published findings on the WizSec blog. He outlined what he knew, and his belief that someone other than Mr. Karpelès stole the bitcoins. “So,” the post concluded, “Who did it then?”

Soon after, he got an unexpected message. Gary Alford, an agent with the U.S. Internal Revenue Service, was known in crypto circles as the investigator who identified the owner of Silk Road, an online marketplace where you could buy drugs and weapons with bitcoin. It was one of the biggest-ever bitcoin-related prosecutions, and Mr. Alford followed bitcoin connected to the Silk Road investigation to some of the same places where Mr. Nilsson was searching for his lost currency.

It was an uncomfortable moment. Mr. Nilsson got into bitcoin in part to get away from regulators. “There is a stigma about the IRS, obviously, in the kind of circles I move in,” he says. “The taxman isn’t the most appreciated entity.”

But Messrs. Kelman and Nilsson thought the U.S. government—with its broad reach and superior funding and technology—might be able to help.

Instead, “it was like a one-way street,” Mr. Kelman says. “We gave them everything.” Mr. Alford offered nothing but the assurance that “you guys are on the right track,” Mr. Kelman says.

Kim Nilsson and Jason Maurice, who along with lawyer Daniel Kelman founded a cyber-investigations company,  prepare apple pie in the Tokyo kitchen of Mt. Gox  owner Mark Karpelès in 2015.

Kim Nilsson and Jason Maurice, who along with lawyer Daniel Kelman founded a cyber-investigations company, prepare apple pie in the Tokyo kitchen of Mt. Gox owner Mark Karpelès in 2015.


Photo:

Mark Karpeles

Mr. Nilsson doubled down. He traced the flows of coins that left Mt. Gox into other exchanges, including one called BTC-E. Then he found something unexpected: Wallets where Mt. Gox bitcoins ended up contained bitcoins stolen in other well-known—and seemingly unrelated—thefts from other exchanges.

Mr. Nilsson cross-referenced some of those transactions with information from one of the Mt. Gox data leaks. He saw that some coins stolen from Mt. Gox had been deposited into other Mt. Gox accounts—and that one of those had received a cash deposit with a note attached that read simply “WME.” Mr. Nilsson knew that whoever held the WME account had been in possession of stolen Mt. Gox coins. He just needed to figure out who that person was.

At that point, Mr. Nilsson shifted from blockchain analysis to old-fashioned internet trawling.

Some more digging revealed a WME who claimed to have been operating currency-exchange businesses in Moscow.

“Hello, I am engaged in exchanges for more than 10 years, now I started working with bitcoins. I can exchange them for anything,” WME wrote in 2011 on the Bitcointalk.org board.

“I give preference to large sums,” WME added.

Drilling deeper, Mr. Nilsson found WME wallets were connected to crypto exchange BTC-E.

The Race to Mine Bitcoin

Bitcoin was designed to operate without any central party controlling it. To achieve that, it relies on an intricate competitive process called mining.

Individuals, nicknamed miners,

compete to earn rewards for recording transactions in Bitcoin’s open ledgers.

Miners collect individual transactions into batches called blocks.

Before they can get the reward they have to be the first to solve a complex and random mathematical puzzle.

Other miners

must verify that

the winner’s

answer is correct.

The first miner to collect all the transactions into a block and solve the puzzle wins new bitcoin!

The winning miner adds their block to bitcoin’s transaction history, which because it is laid out chronologically resembles a long chain of these blocks.

block chain

Individuals, nicknamed miners,

compete to earn rewards for recording transactions in Bitcoin’s open ledgers.

Miners collect individual transactions into batches called blocks.

Before they can get the reward they have to be the first to solve a complex and random mathematical puzzle.

The first miner to collect all the transactions into a block and solve the puzzle wins new bitcoin!

Other miners must

verify that the winner’s

answer is correct.

The winning miner adds their block to bitcoin’s transaction history, which because it is laid out chronologically resembles a long chain of these blocks.

block chain

Individuals, nicknamed miners,

compete to earn rewards for recording transactions in Bitcoin’s open ledgers.

Miners collect individual transactions into batches called blocks.

Before they can get the reward they have to be the first to solve a complex and random mathematical puzzle.

The first miner to collect all the transactions into a block and solve the puzzle wins new bitcoin!

Other miners

must verify that

the winner’s

answer is correct.

The winning miner adds their block to bitcoin’s transaction history, which because it is laid out chronologically resembles a long chain of these blocks.

block chain

Individuals, nicknamed miners, compete to earn rewards for recording transactions in Bitcoin’s open ledgers.

Miners collect individual transactions into batches called blocks.

Before they can get the reward they have to be the first to solve a complex and random mathematical puzzle.

Other miners

must verify that

the winner’s

answer is correct.

The first miner to collect

all the transactions into

a block and solve the

puzzle wins new bitcoin!

The winning miner adds their block to bitcoin’s transaction history, which because it is laid out chronologically resembles a long chain of these blocks.

block chain

Some bitcoins from Mt. Gox ended up in BTC-E accounts and never seemed to leave—instead of being exchanged, they remained in wallets linked to BTC-E’s administrator. Could BTC-E be in on the thefts?

The next step was to identify WME.

That seemed tough. A criminal using different wallets for each transaction and being careful to never leave information linking a pseudonym with a real identity could be tough to catch.

WME apparently wasn’t careful. Through what Mr. Nilsson calls “careless identity handling,” there was a trail of clues.

First were the postings linking WME to specific accounts. Then Mr. Nilsson found a 2012 message-board post in which an outraged “WME” claimed another trading platform “scammed and run off with my money.”

“This is a scam report against CryptoXchange, who has stolen $100,000 USD+ from me and refuses to return it,” the post says.

To bolster his case, WME posted messages between himself and CryptoXchange, along with a letter his lawyer sent the company. At the bottom of one message, CryptoXchange told WME where it deposited his money: An account owned by a “VINNIK ALEXANDER.”

Mr. Nilsson was shocked. “I didn’t even trust it was a real name,” he says. “I thought it was an alias or something.” Why would anyone in crypto post his real name and bank information online?”

Mr. Nilsson passed the name—with a typo—to the IRS agent, Mr. Alford. By then it was the summer of 2016. Mr. Nilsson had been working for two years on the case.

Alexander Vinnik, a Russian accused of running a money-laundering operation using bitcoin, was arrested on a Greek beach.

Alexander Vinnik, a Russian accused of running a money-laundering operation using bitcoin, was arrested on a Greek beach.


Photo:

Costas Baltas/REUTERS

What he didn’t know at the time was that BTC-E was a target for government investigators an ocean away. Inside a Kennedy-era federal courthouse on a squalid block of San Francisco’s tenderloin, agents and prosecutors were using the U.S. Justice Department’s subpoena power, technical know-how and budget to arrive at the same place as Mr. Nilsson.

BTC-E was the exchange of choice for criminals world-wide, say cybersecurity researchers. Its banking relationships in Europe let customers buy bitcoin or convert it into euros and rubles. One private-sector blockchain investigator estimates BTC-E appeared in 60% to 70% of all criminal cryptocurrency cases through 2016.

“No one knew who BTC-E was. No one knew who the owners were. We thought it might be in Bulgaria, or maybe Cyprus,” says Tigran Gambaryan, an IRS investigator who is now lead agent on the Vinnik investigation.

What the agents did know was that BTC-E was one of the largest bitcoin exchanges at the time—and that it “didn’t ask any questions” about its users’ identities, Mr. Gambaryan says. Mr. Alford declined to comment.

Federal investigators, court filings show, also identified a “WME” controlling accounts with stolen Mt. Gox coins, and linked to BTC-E.

Agents traced blockchain transactions and subpoenaed bank records. They determined that between 2013 and 2015, an account linked to BTC-E and a Russian citizen was involved in cash transfers to banks in Cyprus and Latvia, jurisdictions money launderers use as a waypoint to major banks on the continent.

By the end of 2016, the prosecutors had enough to indict Mr. Vinnik.

Because Russia generally won’t deport alleged cybercriminals, the U.S. agents looked for a way to apprehend him elsewhere. They filed a sealed federal indictment in January 2017 accusing Mr. Vinnik and unnamed accomplices of laundering about $4 billion via BTC-E. When Mr. Vinnik took a Greek vacation, the FBI and local police were ready.

On July 25, undercover officers in casual clothing encircled Mr. Vinnik on a beach and arrested him. They seized two laptops, two tablet computers, five cellphones and one router—possible evidence in understanding BTC-E, according to a Greek law-enforcement official, citing court filings.

Mr. Vinnik’s future is unclear. The U.S. is trying to extradite him, but Russia objected, saying it wants him back in Moscow to face a €9,500 fraud case.

Kim Nilsson shows charts indicating movement of stolen virtual currency in his Tokyo office.

Kim Nilsson shows charts indicating movement of stolen virtual currency in his Tokyo office.


Photo:

Shiho Fukada for The Wall Street Journal

In Greek court hearings, Mr. Vinnik’s Russian lawyer denied the charges, said his client isn’t a BTC-E employee, and asserted he is fighting the U.S. dominance of the global financial system. The lawyer appealed to Greeks’ and Russians’ shared Orthodox Christian heritage, saying they cannot send “a brother of the same religion” to the U.S. Mr. Vinnik has spent deportation hearings reading the Bible.

On July 30, a panel of Greek judges agreed to extradite Mr. Vinnik to Russia, although different Greek courts have also ruled he should go to the U.S. or France. If Mr. Vinnik’s bid for asylum in Greece fails, it will fall to the justice minister to decide where to send him.

The arrest was among the biggest in the digital-currency world. But as they descended on Mr. Vinnik, agents knew apprehending the Russian was unlikely to halt BTC-E. It isn’t clear whether Mr. Vinnik was BTC-E’s leader or even a particularly important person in the operation, say people involved in the investigation. In fact, they and Mr. Nilsson say it’s possible that its mastermind remains somewhere in the former Soviet bloc, wealthy in bitcoin and still operating.

Within days of Mr. Vinnik’s arrest, BTC-E was back online under a new name. Its latest operators—whose identities couldn’t be determined—retained BTC-E’s client list and many elements of its technology, but say the site is under different management. Earlier this month, those operators announced they were shutting the exchange down. They couldn’t be reached for comment.

Federal prosecutors see Mr. Vinnik as the first of several BTC-E targets, say people familiar with the probe.

Mr. Nilsson was happy about the arrest, but remains frustrated. He feels he found his guy, but his money is stuck in Mt. Gox’s bankruptcy proceeding. Mr. Nilsson expected bitcoin to let him avoid governments, financial institutions and crooks. Instead he and his handful of bitcoins are embroiled with all three. “It’s a bit of a sad, sordid story,” he says.

Write to Justin Scheck at justin.scheck@wsj.com and Bradley Hope at bradley.hope@wsj.com