Slashdot Mirror
Is Coinbase Closing Accounts For Paying Ransoms With Bitcoins? (coindesk.com)
Even as some comparnies are stockpiling bitcoins so they can quickly pay ransom demands, security firms that try paying those ransoms may face losing their accounts on Coinbase. Slashdot reader Mosquito Bites quotes a report from CoinDesk:
Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account. Coinbase wanted to know how Troia was using bitcoin and his account. "I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it," Troia told CoinDesk. The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin.
And the documents? Troia said, "We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents." According to Troia, Coinbase "did not like that at all." Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists. But, "I have my clients authorizing me to do this," he said. Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account... "My entire family is blocked from Coinbase," he said.
And the documents? Troia said, "We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents." According to Troia, Coinbase "did not like that at all." Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists. But, "I have my clients authorizing me to do this," he said. Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account... "My entire family is blocked from Coinbase," he said.
Vote with your feet. There are other exchanges.
Good.
It's because asshole pricks like your clients buy bitcoins, pay the ransom, then go complaining to their bank or credit card provider that the payment was unauthorised or a result of blackmail, and try to do a chargeback against the innocent bitcoin merchant. Or gets them locked out of their accounts while being investigated for fraud.
So you can just fuck off and buy your bitcoins somewhere else.
Security companies should not be allowed to act as front companies for cybercriminals anymore than they should be allowed to assassinate people for pay. Let's hope there's a criminal investigation as well. Perhaps this one was even directly involved in the original crimes, not only encouraging them...
As discussed here Cyber extortion - legality of ransom payments and the approach of businesses and insurers it shows under international law, cyber extortion payments arent illegal unless they are terrorism related.
I dont believe Coinbase should be denying access to legitimate funds, that arent terrorism related, unless they want to get regulated... this would be the first step to ruining their little monopoly.
It's not a typo if you understood the meaning!
Looks like I am changing my wallet provider.
Unless you're going to mine, then you need some way to acquire bitcoin, generally this is by converting fiat currency at an exchange.
Since everything in bitcoin is public, the exchange could easily track what happens to the bitcoins after they leave their wallet.
Bitcoin becomes more restrictive than the traditional banks
Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account.
That seems reasonable. Coinbase is an american company. There are laws against financing or facilitating the financing of terrorist and/or criminal activities.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Not to mention the latest terrorist attack in London was perpetrated by a non-Muslim, targeting Muslims.
a "security" expert that owns a "security" company should know better than to respond to "form", one not required by any federal law or regulation, asking questions from the exchange. don't hire them, folks. they don't know shit from rainbows.
and the "news site" linked to in tfs is partially owned by that same exchange.. so is hardly unbiased. "Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Coinbase." -- not even any actual copies of the "compliance form" or email exchanges between them and their (former?) client -- ya know, things a "real" news outlet would publish to back their story.
Everyone who needs to know it knows what "Ia" means!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I think you misunderstood the rolling news feed. The attack last night was a muslim attack in that muslims outside a mosque were attacked not that muslims were the perpetrators.
>> The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years.
Well, duh. Maybe if they didn't make it a successful business model in the first place, it would go away.
I'm thinking what those companies actually need to spend their money on is better backup solutions.
That Coibase is asking for "a letter from the DoJ" seems very strange; especially if this isn't actually obtainable. If I was running a security company that ran into such a requirement, I would immediately engage my legal council...especially if Coinbase closing my accounts actually cost me "real world loss" in the form of me loosing access to my bitcoin wallet stored on their system. Requirements that are impossible to fulfill might constitute fraud, especially if there is a demonstrable "loss of income" due to Coinbase's activities from Troia's (currently) legal activities. Right now, there has only been a (A HREF="https://coincenter.org/entry/it-should-not-be-a-crime-to-help-victims-of-ransomware">single court case in the New York southern district court that has touched on the idea that paying ransom with bitcoin violates 18 U.S.C. 1960.
The irony of this is that the FBI itself has no good answer to ransomware and has even themselves recommended that people pay the ransoms: http://www.businessinsider.com...
Yet the same government regulations make it nearly impossible for Coinbase to let people use their Bitcoin like that, ironically forcing people to unregulated or dark markets to buy Bitcoin.
He does, actually, and what he describes happens all the time.
This is an interesting pattern (which often becomes also an antipattern) which I like to call "deregulated regulation": private enterprise takes over things which used to be done by the executive and (hopefully) double-checked by courts.
You find many examples out there, like DMCA takedown, firmware lockdown in WIFI devices, "censorship" by dominant platforms (technically not censorship, but when a platform has near-monopoly position, well... tough luck), ISP "blocking" of "pirates", yadda, yadda.
As the "anorectic state" becomes more and more fashionable, we'll see more of that. Watch, e.g. the German justice minister telling Facebook to suppress "hate speech". Now I don't like hate speech. I'm even of the position that free speech isn't absolute and that each society has to find some kind of balance, which will always be a difficult process. But outsourcing that to a private company, with all their conflicts of interests and that? And this in halfway democratic societies, which have taken so long (and so much blood, sweat and tears -- excuse my dramatic language) to find out about democracy, state of right, separation of powers, checks & balances?
I don't think that's a good idea.
There are, AFAIK, only two exchanges that 1) mind your privacy, 2) are out of reach of U.S. gov, and 3) comply with regulations for financial institutes, and that's Paymium and Bitstamp in the EU.
Use Coinbase and you risk losing your Bitcoin and your personal detaisl to the U.S. gov.
I think you misunderstood the rolling news feed. The attack last night was a muslim attack in that muslims outside a mosque were attacked not that muslims were the perpetrators.
Sounds more like they misunderstood a trolling news feed. If the attack is against muslims, and not by muslims, That is not a muslim attack. That is an anti-muslim attack. This is what happens when people fundamentally fail to comprehend English.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Again with the Amazon spam link whoring.
Okay, but why would it be just the Los Angeles branch closing these accounts?
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
Why the hell are people paying the ransoms in the first place? This is just encouraging more people to make these types of viruses. Make fucking backups of your shit, fire the moron that unleashed the virus in your network, restore from backup, and carry on with life.
Holy shit you really don't get it.
This is what they do. They infiltrate countries under the guise of refugees, then slowly manipulate and demand their way to instigate Shariah Law. Once they've done that, you'd better fucking believe the sword awaits anyone who dares stand against them.
This. Is. What. They. Do.
They do *exactly* what you lefties claim to hate, "meddling in the business of people who aren't part of their own religion", and yet you still let them in to your countries, get your warm fuzzies about supporting an apparently underprivileged minority, then wonder why they won't integrate into your society. It's just cultural, you tell yourself.
They are worse in every measurable way than the Christians whom you apparently despise so much, but you can't see the cognitive dissonance.
You still think "we" are the bullies? You almost deserve what's coming.
If only there was a way to conduct financial transactions beyond the reach of 3rd-party interference!
Yep.
Ia! Ia! Cthulhu fhtagn! Ph'nglui mglw'nfah Cthulhu R'lyeh wgah'nagl fhtagn!
Learning HOW to think is more important than learning WHAT to think.
We know the government is dangerous because they've got the biggest guns but what about corporations? We've seen Facebook deciding what you can say (real name policy, Compulsory Facebook email) plus actual censorship result in alarming control over someone's online existence. The current situation of a few corporations making the internet work, means one can easily be ostracized. What if PayPal (there are PayPal-only shops) or VISA/MasterCard decided you couldn't shop online? What if all supermarkets decided to close your online accounts?
How quickly should someone be blacklisted be they might be supporting, enabling or inciting a crime? We've faced similar questions over trolls and SJW on Twitter and Reddit: But Twitter and Reddit aren't essential like banking or grocery shopping. Twitter refusing to spread hate speech causes no damage unlike PayPal deciding someone can't pay their bills.
What's a "half-cent"? Oh, you mean a Dogecoin!
#DeleteFacebook
There speaks someone who is totally clueless and has been radicalized by Alex Jones and his ilk.
I was brought up in a multicultural area of a large city. I had (and still have) friends who are Muslims, Jews and probably other religions. Guess what, they are no different from my Christian family. They may worship differently from me, but they have the same values and the same outlook on life. They certainly have no interest in changing the law to fit their beliefs or converting the country to their religion.
They go to work every day, they love their families, they give to charity, they have the same concerns as me, and they enjoy life in the community. In short, they are fully integrated and indistinguishable unless you look at the way they worship.
There are extremists of all faiths. Including Christians. The post I'm replying to is a prime example. He (or she) probably doesn't know any Muslims and is an avid reader of alt-right web sites spewing incorrect garbage - no different in their aims from the ISIS sites doing the same.
Hate is the enemy. The people who want to create a religious war are the enemy. These are the people who look for the lonely, the people who are easily persuaded, the people who are marginally ill mentally, the people who were brought up in households that advocated violence. They use them to foment more hate in the hope that a religious war will be the eventual result.
In some jurisdictions it is illegal to knowingly do business with criminals... By giving criminals money you are encouraging further crime by demonstrating that crime does pay, and many police forces will come down pretty hard on this.
Obtaining documents that you believe may have been illegally obtained from your clients is also questionably legal, you are collecting evidence which is the job of law enforcement, and there is also the chance that those aren't your clients documents and your obtaining something totally illegal.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
And what percentage of Muslims believe that the Quran is the word of Allah? 100%?
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
Catch22, you cannot know until you buy them if you are committing a felony or not.
You'd think the fat asshole's arms would be too tired to type after his 8000 pound cable row sessions.
Cable rows affect the middle back muscles and makes me tired in a good way. I've been typing on typewriters and keyboards since kindergarten, so my finger muscles are will developed.
You have no fucking clue what a 'public ledger' does, do you?
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Yeah, they had "typewriters" in kindergarten.
The IBM Selectric II was in the principal's office. I was fascinated with spinning silver ball that put black letters on white paper. I later got a toy typewriter. As I got older, I had two manual and one electronic typewriters from Brother. The electronic typewriter lasted 20 years and carried me through college when instructors weren't accepting printouts from NLQ dot matrix and laser printers. Never got around to owning an IBM typewriter.
You were sent to the principal's office ... in kindergarten? You were a gangster!
I was BATMAN! And got a couple of goose eggs from jumping off the slide the wrong way.
Yeah, because the principal of an elementary school 40 years ago would totally have said [...]
That I was mentally retarded, needed to go to special ed classes and may never live a normal adult life. Except I wasn't mentally retarded, skipped high school to go into community college, and I'm living a normal adult life.
I was brought up in a multicultural area of a large city. I had (and still have) friends who are Muslims, Jews and probably other religions. Guess what, they are no different from my Christian family. They may worship differently from me, but they have the same values and the same outlook on life. They certainly have no interest in changing the law to fit their beliefs or converting the country to their religion.
There are all sorts of people, and there are many people who don't follow what their religion teaches. If you picked about any random belief, you might find people of every religion who agree with that belief. However, you're missing a very critical fact. The people who are killing people in the name of Allah are generally doing so in perfect agreement with Islamic teaching and the Quran. There are few religions out there which truly demand that you kill people. Most consider it a sin or place other heavy restrictions on it. To the contrary, devout following of the Quran means that you should be seeking total subjection of other religious people and even killing them. The "good" people who you speak of may in fact not view these actions as acceptable, but when they disagree with Jihad, they disagree with Muhammad, and they disagree with their holy book, and their disagreement is not based on religion, but personal preference.
They go to work every day, they love their families, they give to charity, they have the same concerns as me, and they enjoy life in the community. In short, they are fully integrated and indistinguishable unless you look at the way they worship.
One other difference with their religion and our culture's expectation is that their religion does not teach honesty, but deception. They believe that Allah is a trickster type of god who has no problem causing deception or allowing his followers to deceive. I don't believe this is one of his most notable attributes, but you can find indication in the Quran where he caused deception and you can find where Muslims are instructed to deceive where it accomplishes a goal in line with their teaching. Therefor, it is quite possible that some of them, even the ones who seem sincere, are deceiving you because they believe fervently that such deception is the truly good thing to do. Most of the time, the liars we know of would also be people without much of a moral framework. It would be harder for us to detect deception from people who fervently think it's a good thing.
There are extremists of all faiths. Including Christians.
Once again, the difference is whether the "extreme" behavior is inspired by the religious belief or in contradiction to it. Yes, a person can kill and claim it to be caused by any religion. They could kill and claim Dr. Sues told them. But these extreme Muslims can give good, solid, and complete explanations from their holy book which not only point to historical example, but direct scripture which tells them to do so. Christians could, at best, use some very fuzzy logic and have to ignore massive amounts of their holy book to be able to excuse killing somebody, and I don't even know the fuzziest of logic they could use to justify terrorist activity. The same is probably true of many religious groups other than Muslims.
There are 10 commandments: 01)Thou shalt love the Lord Thy God 10)Thou shalt love thy neighbour as thyself.Matt22:34-40
Since when is community college a badge of honor?
When you're the first one in your blue collar family to graduate from college.
The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity.
I really do not understand this. I've never heard of a bank closing someone's account because they used the money in it to pay a ransom. Surely if there is no danger to the bank from facilitating payment of a ransom in fiat currency why would there be any danger to Coinbase for doing the same in Bitcoin? The people committing the crime here are those extorting the ransom, not those who pay it whatever your position may be on paying ransoms.
Are you claiming to be Jesus Christ or claiming to quote something said by him? If the latter, please provide a source.
The quote is one translation of a line from the Bhagavad Gita by the way. Nothing to do with Islam, Jesus Christ, let alone the subject at hand.
Your family understands that it requires no special ability or intelligence to attend, right, just the ability to pay the fees?
My parents refused to support my decision to go to college. I spent my first year collecting bottles and cans after classes to pay for classes and books. I later got a job at the bookstore warehouse and worked my way though college. My parents didn't accept my decision to go to college until after I graduated.
It's like touting being the first person in your family to go to Wal-Mart.
I may come from a family of rednecks but we're not white trailer trash.
Shariah law could only *ever* exist in the context of family law, and only if both parties agree to it. In other words, divorce/custody proceedings. EVEN *IF* voters in some city overwhelmingly voted to impose "Shariah Law" on residents, it would never pass court muster, any more than a city with a majority of Orthodox Jews could make it a crime to violate Shabbat, or a city run by Evangelicals could criminalize consensual sex by unmarried adults.
A law might end up on the books, but it would be overturned almost instantly, for the same reason why a high school that insisted upon public prayer before football games would eventually have to tolerate invocations by Mormons, Scientologists, Satanists, Hindus, Buddhists, and Pastafarians (just to name a few diverse religious sects). The evangelicals who push for those prayers can barely even grudgingly tolerate an occasional Rabbi or Catholic Priest. You could get the friendliest American Imam who's a die-hard midwestern football fan to give a prayer for the local team to crush its opponents on the field, and they'd still go into convulsions if they heard the word, "Allah".
This is off-topic and you're a horrible person, but community colleges are great. Not everyone needs a 4-year degree and the claim that we do is just one symptom of our completely fucked-up economy, but community colleges are good for people who don't need/can't afford a 4-year, and also people who just want to do their first 2 years very cost-effectively.
Can I mod something +1 Scary if it's true but I wish it weren't?
Cancelling ransomware payouts, pffbt of course, I ran into the same problem when I tried paying for drugs with my coinbase account.. they're so touchy! jeez, no illicit substances, no shady malware authors, what the fuck coinbase.
640k ought to be enough for anyone.
Don't use Coinbase. Ever. When they dry up, they'll have nobody to blame but themselves and their ignorance.
The first prohibited use in their terms of use
Unlawful Activity: Activity which would violate, or assist in violation of, any law, statute, ordinance, or regulation, sanctions programs administered in the countries where Coinbase conducts business, including but not limited to the U.S. Department of Treasury's Office of Foreign Assets Control ("OFAC"), or which would involve proceeds of any unlawful activity; publish, distribute or disseminate any unlawful material or information
Paying someone to obtain stolen goods is illegal in many places.
The user didn't have authority from DoJ to recover stolen goods on someone else's behalf.
If you see someone with your stolen stuff, you tell the police. You don't pay some random guy to do your dirty work.
Repo agents, etc, are authorised by the government to do their work.
Buying stolen goods from someone that you know are stolen is illegal.
Where I'm from it is perfectly legal to pay a hooker. What backwards country are you from?
This asshole should be in prison! You DO NOT pay ransoms. It should be against federal law to pay ransoms like this. You're supporting terrorists, drug dealers, and at the very least, criminal groups overseas. That in itself is illegal so why not extrapolate it to making paying ransoms illegal. Every single ransom this asshole pays encourages more people to do the same thing because it makes money. This idiot needs to be stopped.
The same courts that blocked quite a few executive orders from Obama, Bush, Clinton, Bush, Reagan, and every president before them.
Executive orders are just a way for Congress to humor the current president to do things they approve of, but don't want to personally support themselves. All that's changed in recent years is the willingness of Presidents to push their luck, and the willingness of courts to support plaintiffs' assertions that the President is overstepping his bounds (basically telling Congress, "have the balls to make this an explicit law so the President *can* do it, or get out of the way and let this action of questionable merit die").
Executive Orders aren't some magical power. If the President issues an EO to which Congress objects, the law that implicitly authorized that EO will be changed within days or weeks... and Congress' *own* actions to revoke/change such a law can itself justify a court putting an immediate hold on such an order pending the outcome in Congress.
Democracy is NOT synonymous with "gotcha, I found a loophole today that I can exploit in the 3 weeks it'll take you to notice & fix it! Na, na, na, na, na!". It's part of the reason why so many actions in American democracy require supermajorities, and why so few things can be authoritatively decided by a first-past-the-post plurality... it was part of the founding fathers' strategy for constraining future tyranny and mob rule.