The Bitcoin fog case could put cryptocurrency tracking to the test

If the prosecution does not present clear evidence as the Sterlingov case unfolds, it may have to rely on the more indirect digital connections between Sterlingov and Bitcoin Fog that it describes in the indictment. on facts gathered by the IRS Criminal Investigations Division, much of which was based on cryptocurrency tracking techniques. This affidavit shows a trail of financial transactions from 2011 that allegedly links Sterlingov to payments made to register the domain, which was not Bitcoin Fog’s actual dark site, but a regular website advertising it.

Funds to pay for that domain flowed through multiple accounts and were eventually exchanged from Bitcoin to the now-defunct Liberty Reserve digital currency, prosecutors say. But the IRS says IP addresses, blockchain data and phone numbers linked to the various accounts all link the payments to Sterlingov. A Russian-language document on Sterlingov’s Google account also describes a method of hiding payments similar to the one he is accused of using to register this domain.

Sterlingov says he “can’t remember” whether he started, pointing out that at the time he was working as a web designer for a Swedish marketing firm, Capo Marknadskommunikation. “That was 11 years ago,” says Sterlingov. “It’s really hard for me to say anything specific.”


Although the Govt box evidence that Sterlingov created a website to promote in 2011 – and Ekeland even claims this is based on faulty IP address connections resulting from Stertlingov’s use of a VPN – Ekeland points out that this is very different from running Bitcoin Fog dark web service for the next decade it remained online and laundered the proceeds of crime.

To show Sterlingov’s deeper connection to Bitcoin Fog beyond a domain registration, the IRS says it used blockchain analysis to track Bitcoin payments Sterlingov allegedly made as “transaction testing” for the service in 2011 before its public launch. Investigators also allege that Sterlingov continued to receive income from Bitcoin Fog throughout 2019, also based on their observations of cryptocurrency payments recorded on the Bitcoin blockchain.

Ekeland counters that the defense was given no details of this blockchain analysis, pointing out that it was excluded from the latest damages charge against Sterlingov, which was filed last week. That means, he argues, the government based the crux of its case on an unproven and relatively new form of forensics — one that he says led them to the wrong suspect. “Has it been peer reviewed? No,” Ekeland says of the blockchain analysis. “Is this generally accepted in the scientific community? None. Does it have a known failure rate? None. It is not verifiable. They can talk total nonsense and everyone has to believe it.”

Ekeland says discovery documents in the case show that the prosecution’s cryptocurrency tracking was conducted with tools sold by Chainalysis, a New York-based blockchain analytics startup, as well as the consulting assistance of Excygent, a government contractor specializing in cybercrime and cryptocurrency investigations, which Chainalysis acquired in 2021.

Ekeland alleges that Chainalysis, valued at $8.6 billion in a recent investment round and often used in high-level law enforcement investigations of cybercriminals, had a conflict of interest in the case because of his financial reliance on U.S. government contracts and a stream of former Gov. . investigators. who went to work for Chainalysis. “It’s a story of people profiting off and advancing their careers, throwing people in jail to promote their blockchain analytics tool, which is junk science and doesn’t hold up to any scrutiny,” Ekeland says. He adds that, based on the evidence in Sterlingov’s case, he believes that “Chainalysis is the Theranos of blockchain analytics.”

Leave a Comment