Foreign Intelligence Agencies’ Utilization of Crypto in U.S. Operations
As the digital age advances, so do the tactics employed by intelligence agencies worldwide. Espionage and spying have taken a new shape, with crypto-assets playing a significant role in funding clandestine operations, impacting foreign policy objectives, and posing threats to national security. This article delves into the intricate web of how Iranian, Chinese, and Russian intelligence agencies have maneuvered their way into U.S. operations using crypto.
In the world of international intelligence, the digital landscape has become a hotbed for covert operations. Recent years have seen several instances where countries have used crypto to further their foreign policy objectives and military agendas. These cases offer valuable insights into how cryptocurrencies are becoming an integral part of modern espionage. The involvement of crypto in international espionage is not mere speculation. Concrete examples abound, showing how nations like Iran, Russia, and China have leveraged crypto to further their agendas internationally.
Bitcoin Bribes & Chinese Spies:
In a shocking revelation, the U.S. Department of Justice unveiled documents showing PRC (People’s Republic of China) intelligence officers' involvement in bribing a U.S. government employee with Bitcoin. These officers aimed to obtain documents from the U.S. Attorney’s Office for the Eastern District of New York related to an ongoing criminal investigation against a China-based telecommunications company. The surprising twist in the tale was the revelation that the bribed U.S. government employee was an FBI double agent.
The Chinese agents, Guochun He, and Zheng Wang, stood charged for trying to hinder the company's criminal prosecution and for money laundering related to Bitcoin bribes, collectively amounting to $61,000. Blockchain analytics disclosed that these Chinese spies used Wasabi Wallet, a type of privacy wallet, to hide their transaction trail. All bribe payments could be traced back to this wallet, revealing the extensive use of Bitcoin by Chinese intelligence officers. Reports from Australia have highlighted the use of Bitcoin in bounty against critics of the Chinese Communist Party (CCP). The Chinese People's Liberation Army (PLA), has considered the possibility of rewarding its soldiers with crypto tokens for their performance.
China's alleged influence over the digital currency landscape has raised significant concerns. China's sway over the crypto industry, coupled with its launch of a state-controlled blockchain infrastructure, could potentially undermine U.S.-based companies and innovations. China's activities in this arena have been perceived as part of a broader strategy to dominate global economic leadership. "We cannot allow China to dominate the technologies and innovations that are going to decide who runs the world for decades to come — from artificial intelligence to digital currency, and everything in between.” - Senior Intelligence Official
Iran's DC Crypto Murder Plot of U.S. Official:
Another example came from Iran, where an alleged plot to assassinate former U.S. National Security Advisor John Bolton involved crypto. A Tehran-based member of Iran's Islamic Revolutionary Guard allegedly offered $300,000 in crypto for the operation. According to unsealed court documents, Shahram Poursafi, a Tehran-based member of Iran's Islamic Revolutionary Guard (IRGC), had offered a substantial amount for the assassination. The instructions for the assassination were to be carried out via encrypted messaging, with the transfer set to be made via digital currency.
Russian Meddling in 2020 & 2016 U.S. Elections:
Russian military intelligence officers also found themselves indicted in an ongoing investigation related to interference in both the 2020 and 2016 U.S. presidential elections. Prosecutors claimed that the officers used Bitcoin to fund their operations, which involved hacking computer networks and email accounts associated with the U.S. Democratic Party. Russia stands accused of using crypto to fund its notorious Internet Research Agency (IRA), known for its attempts to influence international political processes, including U.S. elections. The IRA purportedly utilized crypto to finance its operations and possibly avoid detection. These payments were traced back to a Bitcoin mining operation, showing the depth and complexity of these clandestine operations.
Tether (USDT) - A Sanction Evasion Tool for Russia & China:
Russia:
Amidst sanctions imposed on Russia for its invasion of Ukraine, reports have emerged suggesting that Tether, the world's largest stablecoin, may have been utilized as a tool to evade these sanctions. An investigation by DARPA-contractor Inca Digital revealed that numerous USDT-specific trading platforms worldwide, including 79 specifically analyzed, provided financial services to Russian citizens currently under U.S. and EU sanctions. The analysis also revealed a spike in the spread between the Russian Ruble and Tether following the onset of the war in Ukraine. The rise of Tether in Russia has added complexity to the nation's financial landscape, as the stablecoin enables transactions that bypass traditional banking systems.
A report from Chainalysis revealed that several pro-Russian organizations have been using Tether to fund their operations, collecting substantial amounts of Tether and Bitcoin. These funds are utilized to finance various activities, including the purchase of military equipment and the dissemination of disinformation. The use of Tether by these organizations has significantly contributed to their operational effectiveness. Tether has also been associated with sanctioned entities involved in soliciting crypto donations. Alexander Zhuchkovsky, a Russian national sanctioned by the Office of Foreign Assets Control (OFAC), has solicited donations in support of the Russian Imperial Movement, a Specially Designated Global Terrorist group. Similarly, Project Terricon and the Union of Donbas Volunteers, both sanctioned by OFAC, have been found to have connections to Tether.
USDT has faced controversy in its response to the Ukrainian crisis, with the Ukrainian government requesting that the company freeze digital wallets associated with these Russian users. However, Tether declined to do so, citing the preservation of "decentralization" principles underlying the crypto industry. Tether has played a significant role in fostering blockchain development and crypto adoption in Russia. Through strategic alliances and initiatives, Tether is contributing to Russia's digital economy and influencing its geopolitical stance on crypto regulation. As Russia's stance on crypto evolves, it remains crucial to monitor the impact of USDT on the global financial landscape and Russia’s influence on geopolitical dynamics.
Transparency International's investigation highlighted the presence of OTC brokers in Moscow who sell large sums of Tether directly for cash, allowing individuals to move significant amounts of money across borders without declaring them at customs control. This mechanism has reportedly facilitated the repatriation of wealth by Russian oligarchs. Russian oil companies have also leveraged Tether to repatriate profits from oil sales in India. Due to the Indian Rupee's restricted convertibility, these companies purchase Tether stablecoins to transfer funds, which are then exchanged for rubles. This mechanism provides a safe way for Russian oil companies to repatriate revenue, avoiding exposure to unstable developing economies. Consequently, Tether has emerged as a significant tool for Russian oil companies operating in India.
China:
Tether's connections extend beyond Russia to include ties with the Chinese Communist Party (CCP). Reports have indicated that Tether may be in collaboration with the CCP, contributing to speculation about the potential manipulation of the stablecoin's value. Chinese companies play a significant role in Tether's operations, raising questions about the extent of Tether's relationship with the Chinese government. Tether's expansion in China has not been without consequences for the American people. A report by blockchain analytics firm Elliptic revealed that Chinese businesses selling chemicals used to manufacture Fentanyl were accepting payment in USDT.
Hong Kong has been a strategic base for Tether and parent businesses like Bitfinex. Bitfinex, a crypto trading platform and a key player in Tether's universe, was initially started in Hong Kong as Bitfinex Limited in 2013. These connections raise concerns about potential manipulation of the stablecoin's value, given the Chinese government's control over the country's economy and financial systems. Interestingly, Chinese merchants selling goods in Russia rely on Over-the-Counter (OTC) desks like Huobi Russia to convert cash into USDT for easy transfer back to China. According to various reports, millions of dollars in Tether have been crossing the Russia-China border daily, indicating that Tether is playing a crucial role in the financial transactions between these two countries.
Binance’s Ongoing Partnership With Russian Federal Security Service (FSB):
In the heart of Moscow, in April 2021, an unusual meeting occurred. The world's largest crypto exchange, Binance, was invited for discussions with Russia's financial intelligence unit, known as Rosfinmonitoring. The Russian intelligence agency wanted to trace millions of dollars in bitcoin, raised by the jailed Russian opposition leader, Alexei Navalny. The agency sought Binance's cooperation to share client data, including names and addresses, to aid in their investigations. The Binance official who attended the meeting was Gleb Kostarev, the head of Eastern Europe and Russia. As per the text messages sent to a business associate, Kostarev agreed to Rosfinmonitoring's request to share client data.
It appears that Binance was actively seeking compliance in Russia, which necessitated it to respond to appropriate requests from regulators and law enforcement agencies. The encounter with Russia's intelligence agency was a part of Binance's efforts to strengthen its ties with the Russian government, as it aimed to expand its growing business in the country. It is also noteworthy that despite the initiation of the war by Russia on Ukraine, Binance continued to operate in the country. Binance's trading volumes in Russia have surged since the start of the war. The exchange has dominated the Russian crypto sector, boasting an estimated 80% of all trading volumes, according to market data.
Russian Intelligence Ties to 1inch & ISPsystem:
1inch, a decentralized exchange (DEX) developer and crypto price aggregator is intricately tied to the FSB. According to the leaked documents, both 1inch and ISPsystem had entered into cooperative agreements with the FSB. The agreements reportedly involved the provision of technical support and consultation for projects related to Russia's decentralized financial system (DeFI). A user of ISPsystem had reportedly received official communication from the company, stating its close cooperation with Russia's FSB and highlighting the involvement of the 1inch exchange. While the press release's authenticity remains uncertain, the links between the founder of 1inch and the FSB are undeniable. This finding inspired an extensive investigation by the Molfar team, unraveling an intricate web of cryptocurrency, cybersecurity, and state interests. 1inch was established in May 2019 by Anton Bukov and Sergei Kunts, both Russian nationals, at the ETHGlobal hackathon in New York. Anton Bukov, a co-founder and architect of 1inch, is a key figure in the story.
Bukov graduated in 2011 from the Institute of Cryptography, Communications, and Informatics of the FSB Academy of the Russian Federation, specializing in high-performance computer systems engineering. His connections to several government agencies and individuals related to the Russian Quantum Center in Skolkovo further hint at his ties to the FSB. It has been reported that Bukov's academic background, combined with his role at 1inch, could potentially expose the platform's users to the FSB's influence. Another noteworthy fact is Binance Labs' investment in 1inch during the Seed round. In April 2022, Reuters published an article claiming that Binance had collaborated with the Russian FSB, sharing customer data. Among the investors in the 1inch Network, the Blockchain Fund Chelyabinsk stands out.
Tornado Cash Developer Connections With Russian Federal Security Service (FSB):
Alexey Pertsev, the developer of the crypto mixer, Tornado Cash, was formerly employed by a company linked to the Russian security agency, FSB. Pertsev's arrest sparked concerns over privacy as protesters gathered in Amsterdam demanding his release, chanting that open-source code is not a crime. The revelations about Pertsev's background suggest a complex situation with national security implications. The Treasury Department of the United States sanctioned Tornado Cash for allegedly being used by hacking groups, including North Korea's Lazarus Group, to launder billions of dollars.
Chinese Bitcoin Mines in the U.S:
As the Bitcoin mining industry continues to grow, Chinese companies with ties to the Chinese state are establishing crypto-mining operations in close proximity to significant U.S. facilities such as data centers and nuclear missile bases. These operations put immense pressure on power grids due to the high energy consumption of the specialized computers used for mining. These computers typically operate around the clock while mining for digital coins, adding to the electricity strain. Chinese Bitcoin mines have recently surged across the U.S., causing concern over potential intelligence-gathering and pressure on power grids. Some of these operations are equipped with computers made by Bitmain, a Chinese company with no apparent direct connection to the Chinese authorities.
Still, according to import records, some shipments to the U.S. have been sent through a subsidiary located at a Communist Party site in southern China. Given the significant security concerns, Microsoft alerted the Committee on Foreign Investment in the U.S., a federal body that monitors threats posed by overseas investors, about a crypto-mining operation in Cheyenne, Wyo. The operation was located next to a Microsoft data center that supported the Pentagon and near an Air Force base that controlled nuclear-armed intercontinental ballistic missiles. Targeted blackouts and cyberattacks are potential threats if these operations decide to disrupt the power grid. Furthermore, digital connections with grid operators could allow intrusions into critical systems if not managed appropriately.
Tracking & Mitigating Threats:
The use of crypto-assets in intelligence operations is a clear indication of the evolving tactics of espionage, and its implications are far-reaching. Furthermore, the Pentagon has launched an effort to assess the threat of crypto to national security, and North Korean scammers are constantly devising new tactics to target crypto users and their wallets. The U.S. intelligence community has expressed concerns about the role of crypto in foreign operations targeting the country. Efforts have been taken to curb such activities, including blocking access to certain crypto services linked to sanctions violations (Binance, Tether (USDT), etc.). The interplay between Binance, Tornado Cash, and intelligence agencies of Russia and China are just some of the instances that highlight the intricate connections in this cryptic world.
The race to dominate the digital currency landscape has turned into a geopolitical power play, with nations like China looking to gain an edge in the emerging field. The potential power over digital currency is viewed as a new battlefield, with nations vying to seize the first track. It allows state actors to covertly finance malicious operations, undermine democratic processes, and even carry out assassinations. This could potentially escalate geopolitical tensions and trigger conflicts. As the world becomes more digitally interconnected, the stakes become higher. It is imperative that intelligence agencies, law enforcement agencies, corporations, and governments remain vigilant and proactive in mitigating these threats to maintain national security and achieve their foreign policy objectives.
