#DeleteCoinbase: Exchange Users Respond to Acquisition of a Firm Run by Former Spyware Developers

Published at: March 3, 2019

Last week, Coinbase announced that it had acquired Neutrino, a blockchain intelligence startup, which at first seemed like a regular purchase for the ever-growing United States cryptocurrency exchange.

However, soon the crypto community learned that Neurino’s key staff are directly affiliated with Hacking Team, a controversial information technology outfit that sells offensive surveillance capabilities to governments, law enforcement agencies and corporations across the world.

A hashtag #DeleteCoinbase has been launched as a result, prompting users to cut ties with the platform. However, some clients have since reported that they are struggling to delete their accounts.

Coinbase has confirmed that they were aware of Neutrino senior employees’ background, but found their technology “industry leading.” Interestingly, Coinbase has also admitted that their previous providers were selling client data to outside parties.

Neutrino’s key staff have been involved with Hacking Team, the Italy-based controversial outfit

On Feb. 19, Coinbase reported acquiring the Italy-based firm Neutrino to improve safety and boost its Anti Money-Laundering (AML) and Know Your Customer (KYC) measures. The accompanying statement read:

“By analyzing data on public blockchains, Neutrino will help us prevent theft of funds from peoples’ accounts, investigate ransomware attacks, and identify bad actors. It will also help us bring more cryptocurrencies and features to more people while helping ensure compliance with local laws and regulations.”

Neutrino was founded in 2016 by Giancarlo Russo, Marco Valleri (also known as “NaGa”) and Alberto Ornaghi (also known as “ALoR”). All of them are directly related to Hacking Team.

First, in 2001, ALoR and NaGa created Ettercap, a "comprehensive suite for man-in-the-middle attacks." The program has since been widely used for intercepting traffic, capturing passwords and eavesdropping, becoming “the Swiss army knife" for remote hacking.

Eventually, ALoR and NaGA were allegedly contacted by the Milan police department, who asked the developers to create a Windows driver that would enable them to monitor Skype calls. To put such cooperation on a larger scale, in 2003, ALoR and NaGa founded Hacking Team, a commercial hacking software company. As of now, the company’s technology is “used daily to fight crime in six continents,” as per its website.

According to Russo’s LinkedIn profile, he joined the company in 2009 as its chief financial officer, later becoming its chief operating officer.

In 2015, Hacking Team was hacked, and 500 GB of client files, contracts, financial documents and internal emails were leaked online. At the time, the company was reportedly selling its spyware to countries including Ethiopia, Morocco, the United Arab Emirates and the U.S. — with the Drug Enforcement Administration and Federal Bureau of Investigation among its customers — according to a Motherboard investigation. Following the security breach, Hacking Team purportedly lost some of its key clients.

Notably, Hacking Team’s software has reportedly been used by authoritarian governments to spy on journalists and activists. For instance, according to Motherboard, the firm has been involved in hacking UAE human rights activist Ahmed Mansoor, who was then detained and sentenced to 10 years in prison.

In May 2016, Russo, Valleri (NaGa) and Ornaghi (ALoR) founded Neutrino. The company took a somewhat similar course, albeit on the field of cryptocurrencies. Thus, its key product, XFlow nSpect, has been designed “specifically for Law Enforcement agencies,” representing a “comprehensive solution for monitoring, analyzing and tracking cryptocurrency flows across multiple blockchains,” the website states.

In 2017, Neutrino tracked funds associated with the ransomware hackers known as WannaCry and concluded that they converted their Bitcoin (BTC) into Monero (XMR), a privacy-oriented cryptocurrency, via Switzerland-based crypto exchange ShapeShift.

Community and Coinbase reaction

Soon after Coinbase announced its acquisition, crypto community members started to point out that Neutrino was founded by Hacking Team’s former employees. For instance, Amber Baldet, co-founder and CEO of the startup Clovyr and former lead at JPMorgan Chase's Blockchain Center of Excellence (BCOE), tweeted:

“When I said it would be great to have more infosec people involved in the ‘crypto’ space, I didn’t mean the largest US exchange should acquire an analysis tools company run by a former Hacking Team member, but here we are.”

Around Feb. 20, crypto community members kicked off the hashtag #DeleteCoinbase, which has amassed hundreds of tweets as of press time.

Interestingly, Coinbase has commented on the issue, admitting that they knew about Neutrino’s roots. By Feb. 26, the exchange’s spokesperson told Motherboard that his firm “does not condone nor will it defend the actions of Hacking Team,” adding:

“We are aware that Neutrino’s co-founders previously worked at Hacking Team, which we reviewed as part of our security, technical, and hiring diligence.”

The Coinbase representative further explained that Neutrino’s technology basically seemed too good to be ignored:

“Increasingly, third-party blockchain analysis companies are requesting customer data from cryptocurrency companies that they serve. It was important for Coinbase to bring this function in-house to fully control and protect our customers' data and Neutrino’s technology was the best we encountered in the space to achieve this goal.”

On March 1, Christine Sandler, Coinbase’s director of institutional sales, expanded on that statement in an interview with Cheddar. First, she confirmed that her company was aware of Neutrino’s connection to Hacking Team, but wanted to employ their technology nonetheless:

"We are aware of the backgrounds of some of the folks that were involved in Neutrino and we are looking into that. The compelling reason for making the acquisition was that Neutrino had some really industry leading and best-in-class technology.”

Notably, Sandler also admitted that previous providers of Coinbase were selling customer data. Having Neutrino’s technology will allow the administration to keep that information safe, she added:

“It was important for us to migrate away from our current providers. They were selling client data to outside sources and it was compelling for us to get control over that and have proprietary technology that we could leverage to keep the data safe and protect our clients."

Further problems: Users struggling to delete their accounts

While the number of people who have actually deleted their Coinbase accounts during the #DeleteCoinbase campaign is unknown at the moment, some users have reported having technical problems with deactivation.

Many of those complaints revolve around the fact that in order to close a Coinbase account, a user is required to have a zero balance. Therefore, those users who have “dust” — tiny amounts of cryptocurrencies left from previous transactions — in their accounts are allegedly unable to send it to an external wallet, because the amount is too small to send. As a Coinbase spokesperson explained to Motherboard, those limits have been introduced to “ensure the fees incurred when sending money over the blockchain are covered.”

That issue has prompted Coinbase users to start yet another hashtag, #DeleteCoinbaseTrustChain. Essentially, it helps the exchange’s clients to coordinate and exchange dust in order to close their accounts. The hashtag was initiated by independent developer Udi Wertheimer and resembles a play on #LnTrustChain, a hashtag used by crypto enthusiasts who send small portions of their funds via the Lightning Network trustchain. Wertheimer said:

“I hope that this message makes Coinbase understand that a press release won't fix this. They need to disassociate themselves from Hacking Team if they have any hope of earning people's trust again. I don't know if this can happen, so the alternative is that people at least know about it and get to decide for themselves.”

Moreover, some users claim that they can’t close their accounts even if their balance is free of dust. For instance, Singapore-based Twitter user Saifuddin Jalil argues that his Coinbase account has had no funds “for a more than a year,” but he still can’t close it down. He has allegedly contacted Coinbase support and asked them to delete his private information, to which the exchange replied that they won’t be able to complete his request within 30 days of receipt due to its “complexity.” Similar difficulties were reported by other users.

Tags
Related Posts
IEOs, ICOs, STOs and Now IDOs — How to Raise Funds for Crypto in 2019?
The crypto community has seen a tectonic shift in fundraising trends: from the decline of initial coin offerings (ICOs) to the hype around security token offerings (STOs) and then the rise of initial exchange offerings (IEOs). The inclination for fundraising seems to evolve every year. Similarly, 2019 brought with it a new way for crypto businesses to launch their tokens. Fundraising is the key to any business to take off. Crowdsourcing trends have taken off globally across all sectors, especially in the decentralized world of cryptos — though the way to crowdsource changes as technology progresses and as society progresses. …
Decentralization / Sept. 1, 2019
Coinbase Exploring Eight New Assets in Bid to Expand Market Access
Major crypto platform Coinbase announced today that it is exploring support for eight new digital assets. The expansion is part of a larger agenda by the exchange to give customers access to 90% of the aggregate market capitalization of all digital assets. Coinbase announced its plans in an official blog post on Aug. 5. As part of the announcement, Coinbase noted that they may roll out public-facing APIs and show other indications of engineering work during the exploratory phase. Per the announcement, the exchange is currently exploring support for Algorand (ALGO), Cosmos (ATOM), Dash (DASH), Decred (DCR), Matic (MATIC), Harmony …
Bitcoin / Aug. 5, 2019
Coinbase Wallet Users Can Now Back Up Their Private Keys on Google Drive and iCloud. How Safe Is It?
On Feb. 12, San Francisco-based cryptocurrency exchange Coinbase announced that users of its Coinbase Wallet can now back up their private keys on cloud storage, namely on Google Drive and iCloud. The move has received mixed reaction from crypto community and cybersecurity experts, some of whom seem skeptical about the idea of storing private keys on centralized servers. Others are confident about the new feature, stressing that it entails encryption. A brief introduction to Coinbase Wallet, formerly known as Toshi Coinbase Wallet differs from the main app, Coinbase (or Coinbase.com). With the latter, the cryptocurrencies purchased by customer and their …
Bitcoin / Feb. 17, 2019
Coinbase Moves $5 Billion, Reports Largest Crypto Transfer on Record
Major cryptocurrency exchange and wallet Coinbase recently made what it claims is the largest transfer of crypto on record, a company blog post reports Dec. 19. According to the post, 5 percent of all Bitcoin (BTC), 8 percent of all Ethereum (ETH), and 25 percent of all Litecoin (LTC), along with “many other assets” were moved to new cold storage infrastructure in what the firm “believe[s] is the largest crypto migration on record.” Coinbase reports that last week, the firm “completed an on-blockchain migration of approximately $5 Billion (as valued the week ending Dec. 7, 2018) of cryptocurrency from Generation …
Bitcoin / Dec. 20, 2018
Coinbase Patent Shows Exchange Is Refining Security for Bitcoin Payments
A patent by U.S. crypto exchange and wallet provider Coinbase proposes a new mechanism for further securing Bitcoin (BTC) payments, according to a filing published by the U.S. Patent and Trademark Office (USPTO) August 14. The filing claims that existing systems do not adequately address concerns “that the private keys of [users’] Bitcoin addresses may be stolen from their wallets,” when making payments, and in particular when checking out on a merchant page. Coinbase is therefore applying to patent a so-called “key ceremony” solution, which would involve encrypting private user passphrases into “masterkey key shares.” These shares are then combined …
Bitcoin / Aug. 17, 2018