This post is a republication of a Twitter thread. For discussion, please refer to the original publication and discussion thread on Twitter


So you pulled off a successful blackhat hack, or you just happen to run a profitable ransomware operation. How to convert your profits to Lambos?

Let the daddy godfather @moo9000 to tell you, a thread.

2/ This is in the light of the the recent OFAC notice against Suex (on paper in Prague, in practice in Russia) money-laundering front. They laundered BTC for the ransomware gangs.
3/ Read this excellent fresh post by @trmlabs on the topic…
4/ Contrary to popular belief, criminals that use cryptocurrencies are not very secretive. The criminal actors are quite well known: we approximately know who they are and where they are.
5/ Unsurprisingly, you find alot of activity based from Russian and Eastern European.

Chinese do hacking as well, but Chinese hacking is more political / human right activitism issues whereas Russian tend to just want to earn some #bitcoin for their hard work.
6/ As an evidence of this, the best protection against malware is either keep your computer disconnected from Internet, or just use Russian keyboard layout, as @briankrebs tells…
7/ So we know the criminals, but we cannot get them. Because the country, where they are located, really does not care about what happen to Western individuals or corporations.
8/ In fact it is even geopolitically beneficial for these countries to see the West to suffer.

This has a name. It is called privateering, or state sponsored robbery. It has 500 years legacy, from the era of pirates.
9/ "Privateering allowed sovereigns to raise revenue for war by mobilizing privately owned armed ships and sailors to supplement state power.
10/ We have privacy coins like @monero and @zcash - but criminals do not bother with them, as public BTC works well. BTC is more customer-friendly, the customer being the ransomware victim.
11/ After all, it is not like the US or Europeans will send Blackhawks copters to pick up targets from Russia.
12/ The only exception is so-called on-chain crime, or DeFi hacks. Smart contract hacks on ETH and getting away with your stash.

With no exception, there funds seem disappear to @tornadocash or converted to BTC using e.g. @WrappedBTC
13/ Why is this? Well the #defi community would complain loudly if a large exchange were to be directly caught laundering money for the same community they claim to be a proud member of.

On-chain crime funds have too many eyeballs on them.

Now the juicy part.

15/ First, why to cash out in the first place?

Turns out that having high wealth in crypto is not that interesting. You need a lambo and a lot of bling bling in Moscow night to get all those hot Russian chicks. They are not attracted to NFTs.

Why be criminal AND poor?
16/ As you know all BTC transactions are public, so you cannot just send them a Coinbase...?
17/ Well, it turns out, you mostly can.

While Coinbase is one of more legit exchanges, you will find avenues to convert your BTC to Lambos and wealth in London real-estate market.
18/ Some large Asian exchanges, namely Binance, Huobi, OKEx, et. do not do source of funds check. As long as you have a legit passport picture, you can happily cash out.
19/ Even until very recently, Binance had a working banking relationship with Clearbank for EUR and GBP withdrawals.

I guess Binance debit card still works and is good for cashing out.
20/ But if you are a known criminal and you just march into Binance and cash out, there is a small risk your account might get frozen.
21/ However there are a lot of "OTC desks" or smaller exchanges that are happy to offer better customer services for you. The OTC desk has a semi-legit bitcoin brokerage business, a working bank account and an account in Binance.
22/ An OTC desk also gets a banking account. After all, as a criminal, you need some Dollars for the Pattaya holiday and some Sterlings for your London house.
23/ An OTC desk can get a bank account open easily from a small bank that is specialised for high-risk customers. As long as the transaction volume is low and within the bank liquidity, all good.
24/ For money-laundering banking I recommend Swiss banks:…
25/ Ransomware is such small scale problem that it does not even register when you are serving South African, Venezuelan and Arabian kleptoratic dictators.
26/ Some OTC desk style operation examples from the near history

27/ In the recent OFAC announcement the named business was Suex (on a paper registered in Prague)
28/ In India, WazirX, the largest Indian exchange, is known to be a money laundering friendly…
29/ It used to be a case that you can transact with Hong Kong OTC desks with just a made up of Certification of Incorporation, but not sure if even criminals want to do business in Hong Kong anymore.
30/ So these OTC desks have a corporate account open in Binance and mix some legit Bitcoin trades with illegitimate ones. Or just be 100% illegitimate.

Binance does not care as long as they claim plausible deniability.
31/ They are not requesting the source of funds from corporate customers, or they do not ask any questions from their customers.
32/ Even though @tornadocash offer a compliance tool for the source of funds, these OTC desks do not ask for it. They, by default, assume you are a criminal and fewer questions asked means less legal liability.
33/ Does Binance know their services are used for money laundering? Yes.

How would they know?

34/ You look at the transactions on the freaking blockchain.

They are public. It is pretty easy to find out, especially after the fact. As long police and courts publish these addresses.
35/ So let's look at some of the addresses on the recent OFAC notice.

36/ Here is the actual notice and the list of addresses.…
37/ #Ethereum transactions are easy to analyse, because Ethereum uses account model, not UTXO transaction model like #Bitcoin.

Let's pop open some of the addresses.
39/ FCoin was a $130M Chinese scam.

How many Lambos $130M buys for you?

All laundered through Binance.…

Did a Lambo cost you 700k USDT? Cashed out through Binance.…
41/ Suex BTC wallet address, first from the OFAC list.

Ooh transacted out through the Binance hot wallet.…
42/ So let's warp this up and have some conclusions here.

43/ Because these regulatory companies are full of spineless lawyers who are afraid of defamation lawsuits, let me translate the text from the press release:

44/ Fin.

I think it was a good rant. Have I deserved a glass of Rioja?
45/ Ps. Subscribe to. my newsletter