Mueller Report: Russia Used Bitcoin to Fund DNC Hacks

An intelligence branch of the Russian government used bitcoin to fund its cyberwarfare efforts to interfere with the 2016 U.S. presidential election, the Mueller Report claims.

The culmination of a two-year investigation, the “Report On The Investigation Into Russian Interference In The 2016 Presidential Election” details the findings that Special Counsel Robert Mueller and his team uncovered during their inquiry into whether or not the Trump campaign colluded with Russia to hamper Hillary Clinton’s 2016 run for the presidency. United States Attorney General William Barr claimed in late March that the investigation found no evidence of such collusion, and the U.S. Department of Justice (DOJ) released a redacted version of the full report on April 18, 2019.

Within the mammoth write-up, a small section details bitcoin’s role in bankrolling the Russian government’s cyberwarfare endeavors.

“… cyber intrusions (hacking) and releases of hacked materials [were] damaging to the Clinton Campaign,” the report reads on its fourth page. “The Russian intelligence service known as the Main Intelligence Directorate of the General Staff of the Russian Army (GRU) carried out these operations.”

Two military units of the GRU, the report continues some 30 pages later, hacked into computer hardware belonging to Clinton’s campaign, the Democartic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC), leading to email leaks that revealed the DNC gave Clinton preferential treatment during the 2016 Democratic primaries.

A subunit of one of these two subdivisions ran “a bitcoin mining operation to secure bitcoins used to purchase computer infrastructure used in hacking operations,” the report states. Others ran “spearphishing campaigns” or developed specified malware to gain access to DNC hardware and data.

According to the report, this IT unit stored these bitcoin on the U.K.-based CEX.io, a cryptocurrency cloud mining service and exchange. They also used a portion of the mined bitcoin to anonymously purchase the domain name “dcleaks.com” on April 19, 2016.

Some of these findings were previously noted in a 2018 indictment from the DOJ. But with its report, the Mueller investigation corroborated suspicions that autocratic regimes like North Korea and Russia are using bitcoin and other cryptocurrencies to bypass U.S. and international sanctions. This shadow economy, in effect, allows these regimes to fund illicit activities without immediately alerting international governments, precisely the role bitcoin filled for Russia during its interference in the 2016 election. While Russia extracted its reserves from mining, North Korea has orchestrated numerous South Korean crypto exchange hacks to fill its own coffers.

When asked at the Economic Club of Washington in January 2018 whether or not such activity is a cause for concern, U.S. Treasury Secretary Steven Mnuchin affirmed, “I don’t think that’s a concern,” adding that cryptocurrency exchanges are held to the same KYC regulations as banks.

While CEX.io employs a strict KYC/AML policy, this didn’t impede Russian government agents from maintaining an account. But Mueller’s team eventually discovered Russia’s activity, even if it evaded CEX.io and the regulations that are meant to keep tabs on such exchanges.