
I spent all that time and all that electricity and all the money for inflated pricing on graphics cards and all I got was this file folder on a server with nothing in it.
When Gerald Cotten, CEO of Canadian cryptocurrency exchange QuadrigaCX, died late last year, we were told no one at his company knew how to access the offline digital wallets storing his customers' digital dosh. These "cold wallets," the biz said last month, "are highly encrypted and were kept off the QuadrigaCX server for …
"the sixth was emptied in December 2018."
"Cotten died while traveling through Jaipur on December 9"
Why is there no mention of what date in December the sixth wallet was emptied? Whether it was before or after the 9th is rather critical. If it was after then either someone else had the key codes or the death was faked.
So somewhere over in India or some other place is a guy named Jim Bob who looks like Gerald Cotton and who now is sitting back and enjoying his riches. As long as he stays out of the public eye, away from anyone who knew him, and has ensured that a certain coroner keeps his mouth shut, all will be well.
Then again, that could just be fiction and the guy really died but the money was taken by someone else on the inside of the operation.
My question is if the wallets were securely encrypted, how do the auditors know what is in them?
This post has been deleted by its author
"if the wallets were securely encrypted, how do the auditors know what is in them?"
Bitcoin is public, so you can read all transactions associated with a wallet if you have the ID of that wallet. The key to access the wallet would be the encrypted thing. Therefore, you could see how much was in each wallet but you couldn't spend any of it without breaking the encryption. I'm glad to see that this company is knowledgable enough to figure this out without, you know, waiting three months for some external auditor to do something so simple for them. It really helps my estimation of their competence and trustworthiness.
So somewhere over in India or some other place is a guy named Jim Bob who looks like Gerald Cotton and who now is sitting back and enjoying his riches.
It'd not be the first fake death fraud. Given the wallets are empty, it was either the dying stages of a pyramid fraud, or its a fake death fraud. I'd expect the merry widow will be watched closely for at least the next decade though, as if she drops off the radar then it becomes more possible that she's in on it rather than simply another victim of any deceit that may have happened.
As long as he stays out of the public eye, away from anyone who knew him
Easy to do in the short term, but considerably harder in the longer term. I've bumped into people I used to know all over the world, and in some very out of the way places. I imagine that if this is a scam, a new face will be high on Cottons agenda.
ensured that a certain coroner keeps his mouth shut
The coroner will always be the primary weak link in the fraud, if there is one. He should possibly be very careful crossing the road.
Then again, that could just be fiction and the guy really died but the money was taken by someone else on the inside of the operation.
Indeed - I'd be interested in seeing a full timeline of events from the auditor. Though I'd have expected if someone else was involved and not Cotton, that he'd have noticed the money being stolen as far back as April 18, given he didn't die until much later.
My question is if the wallets were securely encrypted, how do the auditors know what is in them?
I'm guessing the keys were on the laptop and the laptop has now been broken into by whomever the auditor tasked with same.
Why? That will trigger a lot of immediate big investigations - and you may leave too many evidences around.
An inconspicuous death is all you need - as nobody would mind to investigate, the less person involved the better, no need of "special items" like weapons or explosives harder to get while can leave too many traces, and you'll have more time to disappear and cover your tracks.
Grandstanding criminals are easier to catch - they could be useful for blockbuster movies, though....
It's possible, if he's faked his death and from reading the report it sounds quite plausible he has, he'll have emptied them before his death so as not to flag that they were emptied after his death.
Could this almost be the perfect heist. Stealing cryptocurrency that will be harder to trace than real money and which he can then attempt to "clean" through trades with other people wanting to "clean" theirs?
This will be interesting to watch.
Up to a point. Nicking the whole lot does put a ;lot of pressure on both the authorities who certified his death and those looking for the missing moolah. Maybe greed - grabbing such a lot of money (and there appears to be an enormous amount missing in the report) might prove to have been a greedy error.
The authorities would be in India, and there's not going to be any penalty for this. All the coroner has to say is the guy looked like the passport picture, and now he's been either cremated or sent down the Ganges. There isn't going to be a body, and there isn't going to be a paper trail. He probably converted to gold, then cash so the money can no longer be tracked, and is either growing a beard (or shaved it off) or is sitting in Thailand waiting for the surgery to heal. For that matter, he may even be a she now.
So far as his wife goes, she may not have known. If she disappears in the next year or remarries a rich guy with about 180MM, then she was in on it.
I assume a body was produced and identified but I haven't checked details. But this is reported as medically caused (which could be faked, yeah), not missing at sea or unrecognizably disfigured (faceless) corpse.
A current BBC radio melodrama serial "Blackwater" has an amnesiac Irish woman returning to family home in present day having been believed dead due to teenaged faceless corpse in party dress being found in river ten years earlier and a week after disappearance. (xvqanccrq ol tlcfvrf) Point repeatedly returned to of why no DNA test on body. Reason, costs money, also, mother's husband was not actual father of missing girl, senior local policeman was. Still pretty unbelievable More at:
https://www.bbc.co.uk/programmes/m0001x8d/episodes/player
In crypto case, slight possibility that what was buried was coffin full of potatoes, we will find out if they come up this autumn. Cremation unlikely due to unmistakable delicious smell of roast potato during memorial service.
Bitcoin, like most kleptocurrencies, is entirely transparent as far as the funds associated with each public key. Presumably they needed access to the wallet file to confirm those public keys, at which point they could check how many dunning-krugerrands the wallet contained, but you only need to know the private key if you want to move the funds.
But we're supposed to believe that this guy went to India to help set up an orphanage (what an angel!) for an organisation that doesn't require donors to do anything beyond donate money, in a state that apparently has a reputation for its fake death certificate industry, then died of a manageable chronic disease and was immediately cremated? Okay then.
Who says someone else got in? Probably the founder stole it, and depending on which sort of conspiracy theory you prefer he either:
1) faked his own death and is living the high life under a new identity
2) was murdered by someone trying to steal his ill gotten gains
3) was murdered by someone for stealing their ill gotten gains
4) died of a drug overdose because $190 million buys a lot of drugs
Those strike me as the most logical ones, but for the sake of completeness, let's add these possibilities too:
5. Someone else forced him to transfer the funds and then killed him.
6. Someone else obtained the keys because he wasn't so competent after all, and stole all the money. Then, he either died of something unrelated or committed suicide after realizing there was no way for him to repay that.
7. One of the people currently running the business stole the money and arranged for the death metadata to suit them (for example, getting a post-dated death certificate after he died naturally or arranging the death), and are setting this up to slowly blame him such that everyone wants to find him and cannot while they escape.
Whatever happened, the people running this business were extremely negligent, and their creditors have every right to be extremely angry. When the courts stop giving them extensions, I am confident that lawyers will quickly make this point.
And the lawyers sue a dead company and none of the employees pay a penny since they weren't in charge and the boss, who took sole responsibility, is dead. The employees can't be held accountable for a boss, the guy who signs the paychecks, telling them that he would be the only one with access.
8) in the process of managing the exchange, someone lost significant funds during transactions and currency fluctuations. i.e. they either weren't very good at running the exchange or didn't realise they weren't good at it until too late
Unfortunately, none of these options helps.those that lost money
"8) in the process of managing the exchange, someone lost significant funds during transactions and currency fluctuations Isn't the "Uncle Quido" theory? The "Mafia plays Hardball" also comes to mind."
I was just trying to distinguish between deliberate fraud and a failed business plan.
Often in investment fraud cases, the intent to defraud isn't present, but the result is indistinguishable i.e. when the losses are discovered, attempts are made to make up for the losses with ever riskier investment strategies eventually resulting in investor alarm and attempts to withdraw their money and the investment company vanishing.
That theory doesn't explain why all the wallets were empty. If he had the only key, he must have emptied them before he died. Even if he died of natural causes, he must have stolen the money first, and while 150,000 may die of "normal" causes every day, most of them are far older.
when we discussed the options in-house a couple of days ago, another one was suggested: some of his customers (Russian / Chinese / any other mafia), at some point in 2018, were not happy to find out their funds became "temporarily unavailable", and decided to take the matters into their own hands.
But the winning theory is, obviously: He went to India, died there, no password, funny-money gone.Right. (I'm sure there's already been several scripts on the subject, pushed towards netflix, rather than hollywood, these days. So, expect a spat of more or less crappy films "based on true events", etc.)
It also seems it's not embezzlement proof.
Is anything embezzlement proof? Using the "word" proof like "bomb proof" "break proof", etc. doesn't mean it can't be broken into. Still this has the feel that it was an inside job now the date of the last transaction was just a few days before the guy allegedly died. I use the term allegedly as no one mentioned in any article ever saw his body.
"Fractional reserve banking"
Thank you for your deposit. Here's one eighth in interest for you, three quarters for me, one quarter for the system. "Look punters - that one eighth is interest you could earn ..." Thank you Sir, one eighth for you, three quarters for me one eighth for the system ... ad infinitum
Which is all well and good until Mr Punter O'Mafia asks for all his money which is secured in "special, not on the books, non-liquid assets" - the Mercs, the BMWs, the three villas, two yachts, the contents of Mrs O'Scammer's jewellery box, a long list of excess cocktail bar bills in Monaco, an ex-Maharajah's palace in India called "Orphanage" ...
After beating the passwords out of him, that is.
The security problem that Proof of Waste doesn't ever solve, https://xkcd.com/538/.
"...Busang's gold resource was estimated by Bre-X's independent consulting company, Kilborn Engineering (a division of SNC-Lavalin of Montreal), to be..."
Interesting that SNC was involved in shady stuff back then. Not surprising when you consider the legal mess SNC is in these days.
But do you think he or the people that emptied his accounts (and possibly bumped him off) covered their tracks well enough to hide from blockchain analysis?
This reeked of fraud from the start, doubly so in the absence of a body, but the people that try these heists often underestimate the ways to get caught or have things to go sideways.
The EY report also notes that the auditors have not found any formal financial records held by the company. To date, the outfit has been "unable to locate or provide any such records."
I don't suppose it had many employees but did none of them consider that a bit strange? Or even worrying?
I was interested in Quadringa a couple of years ago and registered an account on-line with them. I noted they originally had an "office" in a decent part of town, but that they had moved to another area. Since I was going to be in Vancouver, I thought that I'd just drop by their office to validate my account before I did any actual transactions with them. It turns out their address led to a small postal box outlet and there was no office at all. At that point my confidence in them dropped like a stone.
That is an important point. According to the terms of service, users of the service weren't depositing actual money into their accounts, they were purchasing "Quadriga Bucks". The actual money, as you say, is long gone. It's likely that QCX had been insolvent for quite some time.
It is often said that criminals get caught because they get greedy and continue for too long.
I speculate, but i guess this guy knew that and, possibly, got out when appropriate.
It's certainly becoming something of a whodunnit. Or a dunwhat.
And how the hell can someone's legal bills, for a relatively simple legal issue add upto $300,000 in such a short space of time? .
And how the hell can someone's legal bills, for a relatively simple legal issue add upto $300,000 in such a short space of time?
I don't think it was a "relatively simple legal issue". A personal bankruptcy after a spouse dies, tangled up in a corporate bankruptcy with numerous complications (inaccessible assets, lack of records), is likely to be pretty complicated.
And $300K since the end of December is only ~30 billable hours / week, at $1000 / hour, which is hardly an unusual rate for a partner or senior associate at a successful firm. At least not in the US. Presumably not all of those hours would actually be billed by the senior attorney involved, but throw in various lower associates, paralegals, etc, and it's not hard to see how you'd reach that total. And it's likely there are filing fees and court costs and the like.
Based on the empty Bitcoin wallets, the scam likely went:
- get people to invest
- steal their money or invest it really badly. Note that it is sometimes difficult to determine which option was intended, particularly given the dramatic rises and falls, but the end result is the same.
- smile reassuringly as you tell "investors" their money is safe
- empty Bitcoin wallets!
- "die" taking all knowledge of company with you. Try not to make it too convincing or involve people you may have defrauded in this part of the plan...
- profit? You did remember to take some money for yourself didn't you? As "fees" or "getting out before the market crashed"
If you peel the Bitcoin label off this scam, it's not exactly new and there's no need for the congratulations.
So happy that all those financial rebels have such a secure and reliable solution, well away from the prying eyes and overbearing regulation of pesky government.
Funny, but I'm not all that bothered about government oversight when it comes to ensuring that my money remains in my possession.
These people weren't trying to use bitcoin or any other cryptocurrency as a currency, which was its original goal. They simply wanted to jump on the bandwagon of thinking it would soar in value once again because blockchain, which sounds technical and people like to talk about on TV. They probably didn't have any specific distrust of government, unlike those who want to replace fiat currencies with cryptocurrencies, for whom trust is a very different issue. Those two groups must really hate one another.
El Reg treads the lines carefully—
Since Cotten's reported death, at the age of 30 while traveling in India ... ... According to a death certificate, Cotten died while traveling through Jaipur ...
—but is obviously noticing a stench resembling that of half a ton of dead fish rotting in the Jaipur sun.
I'm reminded of Rabbie Burns: "Ah what a tangled web we weave / when we seek to deceive"
We can't all be D.B.Cooper, and he at least had the sense to 'spend' some of his ill-gotten gains by chucking them in a ravine to stir the possibility that he hadn't survived his parachute drop. If perchance this is a larcenous enterprise, it might have been better not to make that 3 December transaction, which may prove a fatal undoing ....
From chepicap.com,
"The statement by Pragya, an official spokesperson of Fortis Escorts Hospital in Jaipur stated "The patient died here in Fortis and was brought in an extremely critical condition,"
New Indian Express states that the press release surrounding Cottens passing, explains that Cotten was brought to the facility December 8, 2018 around 9:45 PM. The patient had a history of Crohn's disease and was on monoclonal antibody therapy. Cotten was diagnosed at the hospital with a case of septic shock, perforation peritonitis, and intestinal obstruction.
Read more: The QuadrigaCX timeline: as it happened
Cottens condition deteriorated from there, the press release states "At 2:45 pm, Cotten suffered a cardiac arrest but was revived by CPR. he also suffered two subsequent episodes of ventricular tachycardia (fast heart rhythm) for which cardioversion was conducted," the report indicates that Cotten suffered a second cardiac arrest, but could not be saved. He was declared dead at approximately 7:26 PM on December 9, 2018. "