A 26-year-old man, accused of several computer hacking crimes in India, has told Bengaluru police in a statement that he was involved in the first-ever hacking and theft of bitcoins from Bitfinex, the cyptocurrency exchange based in Hong Kong, in 2015 during his stay in the Netherlands.
Srikrishna Ramesh alias Sriki was arrested by the police in November 2020 in a drugs case relating to dark net.
The Bitfinex exchange was hacked twice – in 2015 and 2016 – and bitcoins stolen. While the 2015 hacking was a relatively smaller one, the August 2016 hacking resulted in theft of nearly 1,20,000 bitcoins, valued at around $72 million at the time and now worth around $7 billion. The second hacking is considered one of the biggest bitcoin heists ever.
Srikrishna, who is accused in multiple hacking crimes in Bengaluru, including a Rs 11.5-crore heist from the state government’s e-procurement cell in 2019, has claimed in his statement to Bengaluru Crime Branch police that he was the first person to hack the Bitfinex exchange.
In a voluntary statement, which the police attached to a charge sheet it filed in February this year into his alleged hacking activities, Srikrishna has alluded to hacking the Bitfinex exchange and accessing as many as 2,000 bitcoins.
“Bitfinex was my first big bitcoin exchange hack. The exchange was hacked twice and I was the first person to do so. The second instance was a simple spear phishing attack, which led to two Israeli hackers working for the army getting access to the computers of one of the employees which gave them access to the AWS cloud account,” Srikrishna told the police.
News reports from Israeli media in June 2019 stated that two Israeli brothers were arrested for the 2016 Bitfinex heist.
“In my manner of hacking, I exploited a bug in the datacenter, which gave me KVM (kernel-based virtual machine) access to the server. I rebooted the server into GRUB mode, reset the root password, logged and reset the withdrawal server password and routed the money via bitcoin-cli to my own bitcoin address,” he claimed.
According to Srikrishna’s statement, he made an approximate “profit” of 2,000 bitcoins “from the Bitfinex hack and blew the entire amount on a luxurious lifestyle”.
“The price of bitcoin was around $100 to $200, which was split with my friend Andy from the UK,” he stated.
The police have not yet been able to verify Srikrishna’s Bitfinex hacking claims as no international agency or Interpol has reached out to them in connection with the case. Sources said central agencies such as the ED, which is also investigating him, and CBI have been alerted to the international nature of the hacker’s crimes.
One of the other claims made by Srikrishna to the police is that he hacked a second exchange called BTC-e.com and stole 3,000 bitcoins.
“There are numerous claims made by Srikrishna. There are claims of hacking a university website to modify marks of students but when we checked, the university did not report any such incident. We did not go around trying to verify all the claims,” a police source said.
The hacking claims have, however, resulted in a political furore in Karnataka, with the opposition Congress leader Siddaramaiah raising questions on what happened to the bitcoins that Srikrishna claimed to have stolen.
“In chargesheet filed by CCB police, it is recorded that the accused looted 5,000 bitcoins through unethical hacking. Who holds these bitcoins now? Have they got it transferred to accounts of investigating agencies? Or are they clueless?” Siddaramaiah said on social media a few days ago while insinuating at involvement of politicians in the case.
An activist from the Citizen Rights Foundation, K A Paul, has written to Karnataka High Court, seeking a court-monitored probe into the hacking activities which have national and international ramifications.
Sources in the police denied any wrongdoing in dealing with the hacker’s illegal activities. “Everything he told the police has been recorded and placed in court,” a source claimed in response to questions over alleged disappearance of bitcoins that Srikrishna claims to have stolen.
Incidentally, in his statement Srikrishna suggests that he was aware as a hacker that stolen cryptocurrency transactions can be tracked by blockchain tracing experts. The statement suggests he was aware of obfuscation tactics employed by hackers to cover their tracks while handling stolen bitcoins.
According to Srikrishna’s statement, he was in the Netherlands when the Bitfinex hacking happened in 2015. It occurred after he reportedly lost bitcoins worth $3 million after his laptop was stolen by an associate. “A network of bitcoin traders quickly allowed me to recuperate my losses by marginalised trading after a hack of an exchange (Bitfinex),” he said.
While Srikrishna has not claimed any link to the 2016 hack at Bitfinex exchange, nearly 12,000 bitcoins of the 120,000 bitcoins which were stolen were moved for the first time on April 14 this year while the hacker was still in prison. ”He was involved in stealing small numbers of Bitcoins and not any major thefts,” a police source said.
Srikrishna, who was out on bail in as many as seven cases, was arrested again on November 6 from a five-star hotel for allegedly not intervening in a drunken fracas between his friend and a hotel staff member. He was released on bail on Wednesday.