> The 2017 transfers notwithstanding, the majority of the stolen funds remained in Wallet 1CGA4s from August 2016 until January 31, 2022. On January 31, 2022, law enforcement gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage account, which had been obtained pursuant to a search warrant. The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys.
> ...The connection among the VCE 1 accounts was further confirmed upon reviewing a spreadsheet saved to LICHTENSTEIN’s cloud storage account. The spreadsheet included the log-in information for accounts at various virtual currency exchanges and a notation regarding the status of the accounts
> ...Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted
That's backwards. It's how they wrapped it all up. The real trail is pretty clearly AlphaBay 2016/2017 transactions (under gov control around that timeframe), to KYC-flagged accounts at an exchange, with a web of accounts with real info linked together past there.
Or what if he decided to create his own crypto-currency and it just so happened that his dirty wallet was an early investor of ETH to his fund.
Seems like he could have done more to distance himself.
Bitcoin's public ledger makes transactions into prosecution futures.
This is why it's such a poor choice for revolutionaries and funding the marginalized. You leave a permanent indelible public record in posterity that will in the course of time be de-anonymized, automatically, and traced back to you.
*cryptocurrency is too long
That’s “credit card”. We’ve already lost “crypto”(graphy), let’s avoid deliberately giving away other common shorthands.