Finnish authorities traced Monero transactions tied to Vastaamo hack

Finland’s National Bureau of Investigation reportedly tracked Monero (XMR) transactions as part of an investigation over Julius Aleksanteri Kivimäki’s criminal trial. Kivimäki is accused of hacking a private mental health firm’s database and demanding ransom payments in cryptocurrencies. 

According to local media reports, prosecutors dropped on Jan. 22 new evidence showing a crypto trail leading to Kivimäki’s bank account. In October 2022, the hacker allegedly demanded 40 Bitcoin (~450,000 euros at the time) in exchange for not publishing records of over 33,000 patients from psychotherapy service provider Vastaamo.

When the ransom was not paid, Kivimäki allegedly proceeded to target individual patients. As per the Finnish police, the hacker received payments in Bitcoin, sent the funds to an exchange not compliant with Know Your Customer (KYC) guidelines before swapping for Monero and then transferring the funds to a dedicated Monero wallet.

According to reports, the funds were later sent to Binance, exchanged for Bitcoin again, and moved to different wallets. The local authorities are maintaining confidentiality and have not disclosed any further details about their on-chain analysis.

Monero is renowned for its strong privacy features, claiming to be “untraceable,” according to its official webpage. Its privacy-enhancing technologies include Ring Confidential Transactions (RingCT), ring signatures, and stealth addresses.

Related: What is Monero (XMR): A beginner’s guide

RINGCT mixes users’ transactions, concealing the actual source of funds, while ring signatures conceal the sender’s identity by presenting them as part of a group of possible senders.

Another key feature of Monero is stealth addresses, which allow generating a one-time address for each transaction, making it hard to link multiple transactions to the same recipient.

In March 2019, the head of France’s National Assembly’s Finance Committee, Eric Woerth, proposed a ban on anonymous cryptocurrencies, including Monero, due to their ability to completely anonymize users, thus bypassing any identification procedures.

United States authorities had also taken a close look into Monero. In 2020, the Internal Revenue Service offered a bounty of up to $625,000 to anyone who broke purportedly untraceable privacy coins.

Previous research suggests blockchain analysis can trace back transactions with privacy coins, including activities prior to 2017.

Magazine: Deposit risk: What do crypto exchanges really do with your money?