Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account
Coinbase wanted to know how Troia was using bitcoin and his account
"I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it"
The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin. And the documents?
"We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents"
According to Troia, Coinbase "did not like that at all"
Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists
But, "I have my clients authorizing me to do this," he said
Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account. Troia then tried setting up an account with his wife's information, but that too was shut down. Then he tried his brother. Shut down. Then his mother. Shut down
"My entire family is blocked from Coinbase," he said