Thursday last week Liberty Reserve went offline. On Friday Arthur Budovsky Belanchuk, the owner, was arrested in Spain after a joint money laundering investigation by US and Costa Rican authorities. The allegations are that Liberty Reserve was financed using money from child pornography websites and drug trafficking.
The Tico Times, an English newspaper in Costa Rica, is reporting that Budovsky has been under investigation since 2011 after a request from a prosecutor’s office in New York. Liberty Reserve is a Costa Rican business and Budovsky is a Costa Rican citizen of Ukrainian origin.
Liberty Reserve had many US customers and was an important player in the Bitcoin economy. The business offered irrevocable and instant payments making it a popular funding option for Bitcoin exchanges. Liberty Reserve was accepted by Mt. Gox and BitStamp and many others.
While Liberty Reserved claimed to be AML compliant and users are asked for identifying information, name, address, DOB, etc., when opening an account, no ID or other proof of identification was required.
It would appear that this shutdown was co-ordinated by US officials. KrebsonSecurity.com is reporting that the Liberty Reserve domain name is now pointing to a service previously used by the Justice Department.
“On Friday, the domain name servers for Libertyreserve.com were changed and pointed to ns1.sinkhole.shadowserver.org and ns2.sinkhole.shadowserver.org. Shadowserver is an all-volunteer nonprofit organization that works to help Internet service providers and hosting firms eradicate malware infections and botnets located on their servers.
In computer security lexicon, a sinkhole is basically a way of redirecting malicious Internet traffic so that it can be captured and analyzed by experts and/or law enforcement officials. In its 2011 takedown of the Coreflood botnet, for example, the U.S. Justice Department relied on sinkholes maintained by the nonprofit Internet Systems Consortium (ISC).“
Krebs also notes 5 online exchange services that have also gone offline last week.
“Libertyreserve.com is not the only virtual currency exchange that has been redirected to Shadowserver’s DNS servers. According to passive DNS data collected by the ISC, at least five digital currency exchanges –milenia-finance.com, asianagold.com, exchangezone.com, moneycentralmarket.com and swiftexchanger.com – also went offline this week, their DNS records changed to the same sinkhole entries at shadowserver.org.”
It would seem that other businesses are worried about US officials as Panama based Perfect Money changed its policy to ban US businesses, residents and citizens shortly after the Liberty Reserve shutdown.
Via the PerfectMoney website.
“Dear Perfect Money Customers,
We bring to your attention that due to changes in our policy we forbid new registrations from individuals or companies based in the United States of America. This includes US citizens residing overseas. If you fall under the above mentioned category or a US resident, please do not register an account with us.
We apologize for inconvenience caused.”