Is Coinbase Closing Accounts For Paying Ransoms With Bitcoins? (coindesk.com)

← Back to Stories (view on slashdot.org)

Is Coinbase Closing Accounts For Paying Ransoms With Bitcoins? (coindesk.com)

Posted by EditorDavid on Sunday June 18, 2017 @07:34PM from the blaming-the-victim dept.

Even as some comparnies are stockpiling bitcoins so they can quickly pay ransom demands, security firms that try paying those ransoms may face losing their accounts on Coinbase. Slashdot reader Mosquito Bites quotes a report from CoinDesk: Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account. Coinbase wanted to know how Troia was using bitcoin and his account. "I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it," Troia told CoinDesk. The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin.

And the documents? Troia said, "We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents." According to Troia, Coinbase "did not like that at all." Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists. But, "I have my clients authorizing me to do this," he said. Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account... "My entire family is blocked from Coinbase," he said.

27 of 202 comments (clear)

Min score:

Reason:

Sort:

Punt coinbase? by Ritz_Just_Ritz · 2017-06-18 19:37 · Score: 4, Informative

Vote with your feet. There are other exchanges.
1. Re:Punt coinbase? by michelcolman · 2017-06-18 21:23 · Score: 5, Informative
  
  Why do you even need an exchange for this kind of thing? Just use a wallet app, nobody can tell you what you can and cannot do with it.
  (That doesn't mean I endorse paying ransoms, of course)
2. Re:Punt coinbase? by harryk · 2017-06-19 01:42 · Score: 3, Insightful
  
  The issue is really about purchasing bitcoin (especially at significant volumes). Coinbase is more of a retail outlet, while GDAX is the exchange. And yes, you can use Local Bitcoin at about a 17% markup (depending on location) but if he's trying to run a business having a mark-up that high sucks.
  Really the issue is Coinbase and they super paranoia for risk avoidance. On the one hand, you can't blame them for protecting their business from auditors/regulators and the power they weild. On the other hand, they're really the only reputable place you can buy bitcoin in the US without paying ridiculous fees. Sure, you can setup accounts at Cex.IO, or Bitfinex (the latter of which is not currently accepting US deposits) but international wires are kind of a pain to deal with.
  What really needs to happen, IMO, is Coinbase needs to be clearer on activity they will and will not tolerate/accept risk for and there should be more of a discussion on how that risk is evaluated. Risk/Compliance departments aren't always so harsh on what they don't accept, Coinbase is definitely taking the extreme position in many of these cases making it more and more difficult for reputable purchasers to make legitimate buys.
  
  --
  think before you write, it'll save me moderator points.
3. Re:Punt coinbase? by shaitand · 2017-06-19 02:31 · Score: 2
  
  Since when does a bank have liability or say in how you spend your funds? At worst they have a reporting obligation for suspicious transaction patterns and since they don't deal in cash I don't see that applying here.
4. Re:Punt coinbase? by stabiesoft · 2017-06-19 02:39 · Score: 2
  
  Ask the pot growers
5. Re:Punt coinbase? by tazan · 2017-06-19 02:43 · Score: 4, Informative
  
  You're in the wrong century. The feds now have the right to determine how a bank's customers use their funds. Or at least they think they do, which is the same thing, I guess.
6. Re:Punt coinbase? by david_thornley · 2017-06-19 04:17 · Score: 2, Insightful
  
  This is Coinbase trying to avoid the Feds poking into their business.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
7. Re:Punt coinbase? by darth+dickinson · 2017-06-19 07:33 · Score: 2, Informative
  
  Operation Choke Point
  To quote Wikipedia:
  "Operation Choke Point is an initiative of the United States Department of Justice that was announced in 2013, which is investigating banks in the United States and the business they do with payment processors, payday lenders, and other companies believed to be at higher risk for fraud and money laundering.
  This operation, disclosed in an August 2013 Wall Street Journal story, has been accused of bypassing due process; the government is pressuring the financial industry to cut off the companies' access to banking services including access to capital(loans), without first having shown that the targeted companies are violating the law. As reported by the St. Louis Post-Dispatch, critics say, "it's a thinly veiled ideological attack on industries the Obama administration doesn't like, such as gun sellers and coal producers."
Good by Anonymous Coward · 2017-06-18 19:41 · Score: 3, Interesting

Good.
It's because asshole pricks like your clients buy bitcoins, pay the ransom, then go complaining to their bank or credit card provider that the payment was unauthorised or a result of blackmail, and try to do a chargeback against the innocent bitcoin merchant. Or gets them locked out of their accounts while being investigated for fraud.
So you can just fuck off and buy your bitcoins somewhere else.
1. Re:Good by swb · 2017-06-18 23:37 · Score: 4, Insightful
  
  When I read the summary, I thought to myself that "white hat" hackers are merely facilitating a security economy by buying hacks, documents, etc. They may not specifically commit criminal hacks and may actually be "defenders" of their clients, but in a lot of ways they kind of look like just middle men.
  I'm pretty sure there's been plenty of cons run where "the bad guys" steal something and a person claiming to be a "good guy" approaches the victim and says "I'm a white hat, I have contacts and can get your stuff back" and then they transfer the money to the bad guys in exchange for the goods. Meanwhile, does it matter in this transaction whether they belonged to the bad guys all along or whether they were independent good guys?
  From an economics perspective, it sounds like a distinction without a difference. Same transactions take place, with the only difference being that if the "good guy" really is an independent agent, it might actually cost more because the good guy will extract their own fee for handling the transaction (which, if he was a bad guy, may have also been rolled in for appearance sake).
Is it illegal? by muphin · 2017-06-18 19:50 · Score: 4, Informative

As discussed here Cyber extortion - legality of ransom payments and the approach of businesses and insurers it shows under international law, cyber extortion payments arent illegal unless they are terrorism related.

I dont believe Coinbase should be denying access to legitimate funds, that arent terrorism related, unless they want to get regulated... this would be the first step to ruining their little monopoly.

--
It's not a typo if you understood the meaning!
1. Re:Is it illegal? by mrbester · 2017-06-18 20:01 · Score: 2
  
  And everybody can choose to tell Coinbase to mind their own fucking business when it comes to what funds are being used for. They aren't a regulatory body.
  
  --
  "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
2. Re:Is it illegal? by Richard_at_work · 2017-06-18 20:35 · Score: 3, Informative
  
  Could it possibly be that Coinbase are themselves concerned that they will get into trouble for aiding and abetting due to the very transactions this guy wants to do, as currently they are not regulated and therefor have no scope within any regulation to be allowed to permit transactions to known fraud accounts while holding no responsibility for that transaction.
  A basic cover your ass situation. "Cyber extortion payments" may not strictly be illegal, but certainly an aiding and abetting criminal activity case can be made against any exchange which facilitates them...
3. Re:Is it illegal? by Shoten · 2017-06-18 23:41 · Score: 2, Insightful
  
  As discussed here Cyber extortion - legality of ransom payments and the approach of businesses and insurers it shows under international law, cyber extortion payments arent illegal unless they are terrorism related.
  I dont believe Coinbase should be denying access to legitimate funds, that arent terrorism related, unless they want to get regulated... this would be the first step to ruining their little monopoly.
  They aren't worried about "international law" (which, incidentally, is barely a thing unless you are a war criminal or something else so egregious that most of the world is willing to support a method around prosecuting you.) They're worried about local laws, which are a lot more real. The absence of relevant criminal statutes under international law will not protect you against regulatory or criminal proceedings in nations where you operate.
  They're worried about being blamed for money laundering, so they're being proactive and trying to catch anything in their system that they can possibly tie to criminal activity. Unfortunately for everyone, not too many options for doing this exist outside of going after ransomware payments...so that's what they've gone after. I can sort of understand it...bitcoin isn't exactly transparent, and the day is coming when regulators will be deciding who is good and who is bad here. It does make good business sense to demonstrate a "best effort" to steer clear of being designated as "bad," or at least "bad-friendly." I think it's a dick move, but I do understand the motivation behind it.
  
  --
  
  For your security, this post has been encrypted with ROT-13, twice.
4. Re:Is it illegal? by GrumpySteen · 2017-06-18 23:59 · Score: 2
  
  There was that $586 million settlement and the FTC adding prohibitions against telemarketers using those services.
  But they... that was Obama era stuff. I'm sure it'll be rolled back as quickly as possible in the name of helping "small businesses"
5. Re:Is it illegal? by Antique+Geekmeister · 2017-06-19 00:28 · Score: 2
  
  The article you cite seems to be based on ignoring _local_ law and its interaction with federal and international law. In the USA, extortion is normally considered a state matter, not a federal or international one. But as soon as the offence crosses state or international lines, it can easily become one.
  Please, be careful what you read from such an article. At least in the USA, there is considerable _state_ law about extortion. Much of it is easily discoverable at http://statelaws.findlaw.com/c.... While not every state has specifically mentioned computer extortion, the older extortion statutes should still apply with little confusion. As soon as money or goods cross state lines, it becomes a matter of federal interest to US law enforcement. If it crosses international lines, it becomes of interest the the UN FACT, which is concerned with money laundering.
  It's completely understandable that an exchange like Coinbase would not want state or federal investigators involved in their operations in any way.
6. Re:Is it illegal? by mysidia · 2017-06-19 01:07 · Score: 2
  
  A basic cover your ass situation. "Cyber extortion payments" may not strictly be illegal, but certainly an aiding and abetting criminal activity case
  It is probably bad for the long-term viability of cryptocurrency to be associated/understood as a medium for making ransom payments.
  On the other hand: Once you have your coins, is it ANY of Coinbases' fucking business what you choose to use your money for after you take it out of the exchange?
  This would be as stupid as the bank questioning what you will do with$10,000 cash you are withdrawing occassionally. Why withdraw? Because it's my fucking money, and my right to privacy in my business affairs is a fundamental right.
  Okay, so maybe you buy the XXXX on a cryptocurrency exchange then hold coins unused for a long period of time, then you can answer you are spending the coins to holding wallets, and then for products and services as you need them.
Re:Use a real node. by Lanthanide · 2017-06-18 19:57 · Score: 2

Unless you're going to mine, then you need some way to acquire bitcoin, generally this is by converting fiat currency at an exchange.
Since everything in bitcoin is public, the exchange could easily track what happens to the bitcoins after they leave their wallet.
Abiding by the law by petes_PoV · 2017-06-18 20:39 · Score: 3, Interesting

Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account.
That seems reasonable. Coinbase is an american company. There are laws against financing or facilitating the financing of terrorist and/or criminal activities.

--
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Bizzare by l0n3s0m3phr34k · 2017-06-18 21:30 · Score: 2

That Coibase is asking for "a letter from the DoJ" seems very strange; especially if this isn't actually obtainable. If I was running a security company that ran into such a requirement, I would immediately engage my legal council...especially if Coinbase closing my accounts actually cost me "real world loss" in the form of me loosing access to my bitcoin wallet stored on their system. Requirements that are impossible to fulfill might constitute fraud, especially if there is a demonstrable "loss of income" due to Coinbase's activities from Troia's (currently) legal activities. Right now, there has only been a (A HREF="https://coincenter.org/entry/it-should-not-be-a-crime-to-help-victims-of-ransomware">single court case in the New York southern district court that has touched on the idea that paying ransom with bitcoin violates 18 U.S.C. 1960.
Using Coinbase is asking for trouble by Anonymous Coward · 2017-06-18 22:18 · Score: 2, Informative

There are, AFAIK, only two exchanges that 1) mind your privacy, 2) are out of reach of U.S. gov, and 3) comply with regulations for financial institutes, and that's Paymium and Bitstamp in the EU.
Use Coinbase and you risk losing your Bitcoin and your personal detaisl to the U.S. gov.
Re:Well Done, Coinbase! by Shoten · 2017-06-18 23:25 · Score: 5, Insightful

Security companies should not be allowed to act as front companies for cybercriminals anymore than they should be allowed to assassinate people for pay. Let's hope there's a criminal investigation as well. Perhaps this one was even directly involved in the original crimes, not only encouraging them...
You're not paying attention.
The security company wasn't accepting payment on behalf of ransomware actors. They were facilitating the payment TO ransomware actors on behalf of companies that aren't familiar with bitcoin and have no accounting methodology to make such a payment before the ransomware runs out. They were a front for the victims, not the criminals.
It's akin, in a rough way, to what K&R companies like Control Risk do when it comes to ransoms in the real world. There are right ways and wrong ways to pay a ransom, and they are intimately familiar with the difference. As a result, they step in when one of their clients has a kidnapping situation and manage the whole thing to help get the person back safely. And yes, this usually does involve paying the ransom.
The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity. Bitcoin exchanges are on the narrow edge of falling under regulation, but it could also go another way (*cough*Liberty Reserve*cough*) for any particular exchange if the regulators in their country feel that they are guilty of money laundering. As a result, Coinbase is taking proactive measures to be able to prove that they, well, proactively avoid facilitating crime. I don't necessarily agree with it, but I can at least see where it came from.

--

For your security, this post has been encrypted with ROT-13, twice.
Re:Well Done, Coinbase! by Antique+Geekmeister · 2017-06-19 00:07 · Score: 2, Informative

> The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity. Bitcoin exchanges are on the narrow edge of falling under regulation,
I suspect that, since many exchanges do facilitate quasi-legal and illegal activity, it's important in business terms for them to avoid any involvement in clearly illegal activity that has the kind of paper trail or provenance that a security firm such as Control Risk might provide. An exchange for an illegal activity, such as laundering money paid for extortion, would seem to make a company ripe for examination by the FCC, the IRS, the FBI for participating in extortion, and the CIA for exchanging in wire fraud helping conceal the identity of the extortionists, and the UN Financial Action Task Force
Re:"la" Coinbase? by chill · 2017-06-19 00:16 · Score: 2

Yep.
Ia! Ia! Cthulhu fhtagn! Ph'nglui mglw'nfah Cthulhu R'lyeh wgah'nagl fhtagn!

--
Learning HOW to think is more important than learning WHAT to think.
Re:Why? by EvilSS · 2017-06-19 01:00 · Score: 2

Why the hell are people paying the ransoms in the first place? This is just encouraging more people to make these types of viruses. Make fucking backups of your shit, fire the moron that unleashed the virus in your network, restore from backup, and carry on with life.
Do you really think they are paying if they have good backups? Or do you expect them to rent a time machine and go back and fix/implement the backups? Yes, they should have good backups but when they don't, and when the documents that get encrypted are make or break for their company (and yes, such a thing does exist) then you pay.

--
I browse on +1 so AC's need not respond, I won't see it.
Re:Why? by Kjella · 2017-06-19 01:07 · Score: 4, Insightful

Why the hell are people paying the ransoms in the first place? This is just encouraging more people to make these types of viruses. Make fucking backups of your shit, fire the moron that unleashed the virus in your network, restore from backup, and carry on with life.
Do you really have to ask? The number of people who'll just use anything until it breaks without proper maintenance is staggering. I'll gladly admit that while computers is "my thing" there's probably something about some filters on my washing machine or leather care for my couch or oiling the terrace boards I don't do. If you start asking when somebody last checked my electrical system, plumbing etc. I get even more "eh..." and if my car didn't have to be checked every two years by law I'd probably forget all about that too.
Backups are the computer equivalent of painting the garage, it's always almost at the top of your list but mysteriously enough never reaches the top. I finally caved in and decided to hire a maid service not because I can't scrub a toilet but whenever that floated to the top of my TODO list I kept putting it off over and over again. So I understand people, should have had backups. Should have tested the backups. Should have patched Windows. Should have updated their anti-virus. Except they never got around to it.

--
Live today, because you never know what tomorrow brings
Doing business with known criminals by Bert64 · 2017-06-19 01:26 · Score: 2

In some jurisdictions it is illegal to knowingly do business with criminals... By giving criminals money you are encouraging further crime by demonstrating that crime does pay, and many police forces will come down pretty hard on this.
Obtaining documents that you believe may have been illegally obtained from your clients is also questionably legal, you are collecting evidence which is the job of law enforcement, and there is also the chance that those aren't your clients documents and your obtaining something totally illegal.

--
http://spamdecoy.net - free throwaway anonymous email - avoid spam!