BRATISLAVA, June 6 (Reuters) – In September 2020, a North Korean hacking staff identified as Lazarus broke into a small Slovakian crypto exchange and stole virtual forex value some $5.4 million. It was one among a string of cyber heists by Lazarus that Washington said had been aimed at funding North Korea’s nuclear weapons programme.

Several hours later, the hackers opened at least two dozen anonymous accounts on Binance, the arena’s largest cryptocurrency exchange, enabling them to convert the stolen funds and vague the cash trail, correspondence between Slovakia’s national police and Binance reveals.

In as runt as 9 minutes, the usage of totally encrypted email addresses as identification, the Lazarus hackers created Binance accounts and traded crypto stolen from Eterbase, the Slovakian exchange, according to account records that Binance shared with the police and that are reported here for the first time.

Register now for FREE limitless access to”Binance had no idea who was intriguing cash via their exchange” because of the anonymous nature of the accounts, said Eterbase co-founder Robert Auxt, whose firm has been unable to locate or enhance the funds.

Eterbase’s lost cash is part of a torrent of illicit funds that flowed via Binance from 2017 to 2021, a Reuters investigation has came upon.

For the duration of this era, Binance processed transactions totalling at least $2.35 billion stemming from hacks, investment frauds and illegal drug sales, Reuters calculated from an examination of courtroom records, statements by law enforcement and blockchain data, compiled for the news agency by two blockchain analysis companies. Two trade experts reviewed the calculation and agreed with the estimate.

Separately, crypto researcher Chainalysis, hired by U.S. authorities agencies to track illegal flows, concluded in a 2020 portray that Binance acquired criminal funds totalling $770 million in 2019 alone, more than any assorted crypto exchange. Binance CEO Changpeng Zhao accused Chainalysis on Twitter of “bad commercial etiquette.”

Binance declined to make Zhao available for an interview. Responding to written questions, Chief Communications Officer Patrick Hillmann said Binance did now not take into account Reuters’ calculation to be accurate. He did now not answer to requests to produce Binance’s contain figures for the cases identified on this article. He said Binance was constructing “the most sophisticated cyber forensics team on the planet” and was looking for to “additional toughen our ability to detect illegal crypto activity on our platform.”

As Reuters reported in January, Binance kept weak cash-laundering assessments on its users until mid-2021, regardless of concerns raised by senior company figures starting at least three years earlier. In accordance with that article, Binance said it was serving to force greater trade standards and the reporting was “wildly outdated.” In August 2021, Binance compelled unusual and existing users to post identification.

With around 120 million users worldwide, Binance processes crypto trades value hundreds of billions of dollars a month. The sphere was hit by a sharp correction in May, its overall value slumping by a quarter to $1.3 trillion. Zhao said he saw “unusual came upon resiliency” within the market.

Meanwhile, his company is extending its reach into traditional commercial, announcing a $200 million investment in media staff Forbes this year and committing $500 million to Tesla boss Elon Musk’s relate to take over Twitter. Forbes abandoned its plans to checklist publicly last week and a Forbes spokesperson said Binance’s investment would now not take place. Musk did now not answer to requests for comment.

The float of illicit crypto via Binance, identified by Reuters, represents a small portion of the exchange’s overall trading volumes. Yet as policymakers and regulators, together with U.S. Treasury Secretary Janet Yellen and European Central Bank President Christine Lagarde, insist challenge over the illegal use of cryptocurrencies, the trade demonstrates how criminals have grew to change into to the know-how to launder soiled cash.

For this article, Reuters interviewed law enforcement officials, researchers, and crime victims in a dozen international locations, together with in Europe and the United States, to assess the enduring impact of past gaps in Binance’s anti-cash laundering principles.

Reuters reviewed detailed data about Binance client transactions on “darknet” web pages – marketplaces for narcotics, weapons and assorted illegal items. Many of the data was supplied by Crystal Blockchain, an Amsterdam-based analysis firm that helps companies and governments trace crypto funds. The data showed that from 2017 to 2022, traders and sellers on the arena’s largest darknet drugs market, a Russian-language dwelling called Hydra, weak Binance to make and receive crypto payments value $780 million. Reuters deplorable-checked these figures with another analysis firm, which agreed with the findings.

In April, the U.S. Justice Department announced that U.S. and German law enforcement had seized Hydra’s servers. The U.S. indicted the servers’ alleged administrator for conspiring to commit cash laundering and distribute illicit drugs. The location was closed down and the alleged administrator arrested by Russian authorities.

The data compiled for Reuters incorporated crypto that passed via more than one digital wallets before reaching Binance. For crypto companies, such “oblique” flows with hyperlinks to identified suspicious sources are red flags for cash laundering, according to the Financial Action Task Force, a global watchdog that sets standards for authorities combating financial crime. Cash launderers usually use sophisticated tactics to create complicated chains of crypto transfers that quilt their tracks, the FATF and the International Monetary Fund have said.

Hillmann, the Binance spokesperson, said the Hydra settle was “inaccurate and overblown” and that Reuters was wrongly together with oblique flows in its calculation.

Reuters then asked how Binance views its responsibility to video display its oblique exposure to soiled cash. Hillmann spoke back that “what’s important to explain is now not the place the funds come from – as crypto deposits cannot be blocked – but what we enact after the funds are deposited.” He said Binance makes use of transaction monitoring and threat assessments to “make particular that any illegal funds are tracked, frozen, recovered and/or returned to their rightful proprietor.” Binance is working carefully with law enforcement to dismantle criminal networks the usage of cryptocurrencies, together with in Russia, he said.

Reuters reviewed documentation from criminal and civil cases. A calm begin civil case within the United States alleges that in 2020 Binance declined a quiz from investigators and lawyers, acting on behalf of a hacking sufferer, to permanently freeze an account that was being weak to launder stolen funds. Binance, which disputes the U.S. courtroom’s jurisdiction, confirmed to Reuters that it totally achieve a temporary freeze on the account. Hillmann blamed a failure by law enforcement to post a successfully timed quiz via Binance’s web portal and then answer the exchange’s observe-up questions.

In Germany, police said investigators began seeing criminals in Europe flip to Binance in 2020 to launder a few of the proceeds from investment fraud schemes that caused victims, many of them pensioners, to lose in total 750 million euros ($800 million). The criminals’ use of Binance has now not been previously reported.

Reuters reporting also reveals for the first time how North Korea’s Lazarus weak Binance to launder a few of the cryptocurrency stolen from Eterbase. A smaller portion of the funds had been laundered at the same time via another major exchange, Seychelles-based Huobi, which declined to comment.

After another heist in March this year, when Lazarus stole over $600 million from an on-line game engaging cryptocurrencies, Zhao said North Korean hackers had transferred an unspecified amount of the funds to Binance. Hillmann advised Reuters that Binance has identified and frozen more than $5 million and is assisting law enforcement with its investigation. He did now not present additional details.

The United States sanctioned Lazarus in 2019 over cyber attacks designed to reinforce North Korea’s weapons programmes, calling it an instrument of the nation’s intelligence provider – an accusation Pyongyang called “vicious slander.” North Korea’s mission to the United Nations did now not answer to emailed questions. Blockchain researcher Chainalysis estimates that Lazarus stole crypto value $1.75 billion by 2020 that largely flowed via unidentified exchanges.

“THE HYDRA IS THRIVING”Zhao, identified as CZ, started Binance in Shanghai in 2017. Three months later, he unveiled a unusual strategy, on an internal chat staff, for the company’s next phase of pattern. “Carry out all the pieces to increase our market share, and nothing else,” Zhao wrote.

The precedence, he said, was to make particular Binance overtook larger cryptocurrency exchanges and fended off rivals from smaller rivals. “Profit, revenue, comfort, and many others, all come second.”

Asked to elaborate on this remark, Hillmann said, “Neither CZ nor any assorted Binance commercial leader has ever suggested that increasing market share may calm supersede compliance obligations.”

Among the international locations Zhao sought to expand in was Russia, which Binance described in a 2018 weblog as a major market on account of its “hyperactive” crypto community. A Reuters article in April detailed Binance’s efforts to dominate the crypto market there and how, within the back of the scenes, the exchange was constructing ties with Russian authorities agencies.

Binance has persisted to produce puny companies and products in Russia for the reason that nation’s invasion of Ukraine this year, regardless of requests from the authorities in Kyiv for exchanges to ban Russian users as part of efforts to isolate Russia financially. Russia calls its actions in Ukraine a “special operation.”

Reuters’ unusual reporting following the April article presentations that many of us that signed as a lot as Binance in Russia weren’t the usage of it for trading. Instead, Binance became a key payment supplier for Hydra, the giant darknet marketplace, according to the blockchain data compiled for Reuters, a review of Hydra person forums, and interviews with illegal drug users and researchers.

After it was space up in 2015, Hydra allotted narcotics on behalf of drug dealers, all priced in bitcoin, to hundreds of thousands of traders, largely in Russia.

German police, in coordination with U.S. authorities, seized Hydra’s servers in Germany in April, closing the positioning down. The U.S. indicted a Russian resident, Dmitry Pavlov, for administering the servers. A week later, Russian authorities arrested Pavlov for allegedly dealing in drugs, a Moscow courtroom said, adding he had filed an appeal. Before his arrest, Pavlov advised the BBC he ran a licensed server company and was now not aware it was web web hosting Hydra. Pavlov did now not answer to messages from Reuters sent via his company.

The Justice Department, describing Hydra as “the arena’s largest and longest-working darknet market,” said the positioning had acquired in total around $5.2 billion in cryptocurrency. Neither Binance nor any assorted payment supplier linked to Hydra was named by the Justice Department, which declined to comment on Binance.

Hillmann advised Reuters that Binance “works carefully with law enforcement to target the illicit drug trade daily.”

Websites fancy Hydra are totally accessible on a clandestine part of the earn, identified as the dark web, that requires a browser that hides a person’s id.

As early as March 2018, Hydra users advised on the positioning’s Russian-language forums that traders use Binance to make purchases, citing the anonymity Binance afforded its possibilities at the time by allowing them to register with suitable an email address. “Right here’s the fastest and cheapest way I’ve tried,” a person wrote.

Cryptocurrency traders exchanged dozens of messages in 2021 and early 2022 about the usage of Hydra on Binance’s contain Russian community Telegram chat. “The Hydra is thriving,” wrote one last year.

Hydra transformed the narcotics market in Russia, researchers said. Beforehand, drug users tended to purchase from road dealers with cash. With Hydra, users chosen substances on the positioning, paid the seller in bitcoin, and acquired coordinates to recall up the “treasure” at a discreet location. Investors, identified as “treasure hunters,” came upon their purchases buried in forests at the fringe of metropolis, hidden in garbage dumps, or stuffed within the back of loose bricks in abandoned structures.

According to a portray by the United Nations Place of labor on Drugs and Crime, Hydra increased the availability of drugs in Russia and drove a surge in demand for stimulants, such as methamphetamine and mephedrone. Drug-related deaths rose by two-thirds between 2018 and 2020, figures from Russia’s state anti-drug committee reveal.

At the time of the U.S. and German operation to engage Hydra’s servers, the Drug Enforcement Administration, which supported the investigation, said the marketplace’s companies and products “threaten the safety and health of communities far and large.” The DEA referred Reuters to the Justice Department for additional comment.

Aleksey Lakhov, a director at Russian charity foundation Humanitarian Action, which researches drug use, said he was “alarmed” by how Hydra fuelled addiction. “For the duration of the days I weak drugs, you had to grasp somebody at least” in uncover to obtain narcotics, Lakhov, a recovered addict, added.

Alexandra, a 24-year-outdated office manager in Moscow, started procuring mephedrone and ketamine on Hydra in 2019 to aid deal along with her bipolar disorder. Several guests who weak Hydra advised her Binance was the safest way to pay dealers, Alexandra advised Reuters, speaking on situation she be identified totally along with her first name. A few of them weak fake personal information to begin Binance accounts, she said, but she uploaded a replica of her passport. Binance by no means blocked or queried any of her payments. Asked about her account, Binance said it was continually strengthening its know-your-customer capabilities.

The machine’s anonymity made it easy to purchase drugs on the darknet, Alexandra said. “It was fancy procuring chocolate within the store.”

As her drug use became an everyday habit, she went days with out sleep, wracked by hallucinations and depression. “I felt fancy I was death, and I beloved that feeling,” she said. Eventually, she sought psychiatric aid and acquired therapy. Since then, she suitable weak Hydra to purchase cannabis.

State Department experiences from 2019 and 2020, with out pointing out Hydra or Binance, warned that drug traffickers in Russia had been the usage of virtual currencies to launder proceeds. A State Department spokesman declined to comment on Hydra and Binance.

As reported by Reuters in its January investigation, an internal doc presentations that Binance was aware of the threat of illegal finance in Russia. Binance’s compliance department assigned Russia an “excessive” threat rating in 2020 in an assessment that was reviewed by Reuters. It cited cash-laundering experiences by the U.S. State Department. Hillmann advised Reuters Binance had taken more action against Russian cash launderers than any assorted crypto exchange, citing a ban it imposed on three Russian digital forex platforms that had been sanctioned by the United States.

Crypto flows between Binance and Hydra dropped sharply after the exchange tightened its customer assessments in August 2021, the data from Crystal Blockchain presentations.

Reuters Graphics Reuters Graphics”FINANCIAL FREEDOM”

For the past 5 years, Binance has allowed traders on its platform to purchase and promote a coin called Monero, a cryptocurrency that provides users anonymity. While bitcoin transactions are recorded on a public blockchain, Monero obscures the digital addresses of senders and receivers. A Beginner’s Book to Monero by Binance, available on its online page, said such coins had been “desirable for these looking for accurate financial confidentiality.”

Zhao has spoken in favour of “privacy coins,” of which Monero is the most traded. For the duration of a 2020 video call with staff, a recording of which Reuters reviewed, Zhao said privacy was part of of us’s “financial freedom.” He did now not level out Monero, but said Binance had funded assorted privacy coin tasks.

Monero proved to be popular among Binance users. As of late May, Binance was processing Monero trades value around $50 million a day, far more than assorted exchanges, according to data from the CoinMarketCap online page.

Law enforcement agencies in Europe and the United States have warned that Monero’s anonymity makes it a potential instrument for cash launderers. The U.S. Department of Justice, in a 2020 portray, said it regarded as the use of “anonymity enhanced cryptocurrencies” fancy Monero “a high-threat activity that is indicative of conceivable criminal conduct.”

On several darknet forums that Reuters reviewed, over 20 users wrote about procuring Monero on Binance to purchase illegal drugs. They shared how-to guides with names fancy DNM Bible, a reference to darknet markets.

“XMR is essential to anyone procuring drugs on the Dark web,” wrote one person on the forum Dread, referring to Monero’s ticker image. It’s now not conceivable to contact users via the forum so Reuters was unable to reach these of us for comment.

Hillmann advised Reuters there had been “many legitimate reasons why users require privacy,” such as when opposition teams in authoritarian regimes are denied safe access to funds. Binance opposed anyone the usage of crypto to purchase or promote illegal drugs, he said.

Hackers have weak Binance to convert stolen funds into Monero.

In August 2020, hackers hijacked a cryptocurrency wallet belonging to an Australian man named Steve Kowalski by tricking him into downloading malware, Kowalski said in a look statement to Australian police. They withdrew the 1,400 bitcoin he held within the wallet, value some $16 million at the time. Kowalski advised police he had supplied the bitcoin for $500,000 six years earlier and they had been a significant portion of his assets.

Investigators hired by Kowalski traced most of his bitcoin via a series of wallets to six Binance accounts, the place the coins had been exchanged for Monero, according to testimony and blockchain analysis experiences filed as part of an ongoing civil complaint Kowalski submitted last year against Binance in Miami-Dade County, Florida. Kowalski declined to comment.

Kowalski’s investigation showed that a U.S. software consultant called Brandon Ng, then residing in Florida, managed many of the Binance accounts. Ng testified to the courtroom that a crypto trading partner, who he knew on-line totally by the username MoneyTree, deposited the bitcoin in his Binance accounts. MoneyTree, Ng said, paid him a 1% commission to convert the bitcoin into Monero on Binance and then transfer it back. A lawyer for Ng, Spencer Silverglate, said MoneyTree seemingly traded via Ng to defend his id from Binance. Ng testified that he was now not aware he was laundering stolen bitcoin.

MoneyTree did now not answer to emails sent by Reuters to an address that Ng supplied to the courtroom. Silverglate, the lawyer, said Ng did now not steal or launder Kowalski’s bitcoin and was an “harmless downstream trader.”

Ng’s Monero trading had earlier raised alarms at another crypto exchange called Poloniex, based within the United States, the place he also had an account. In mid-2019, his Poloniex account was frozen after it was flagged for “high threat exposure” to cash laundering on account of Monero withdrawals totalling over $1 million, according to a summary filed with the courtroom. Poloniex did now not answer to a quiz for comment.

Binance dealt with Ng another way. Kowalski’s private investigators and lawyers contacted Binance soon after the theft, before Ng transformed all the funds, and repeatedly asked Binance to permanently freeze Ng’s accounts, their written communications reveal. The letters, filed with the courtroom, also accuse Binance of now not responding to police requests to stable the assets for the duration of their investigation.

Binance imposed a seven-day freeze on the accounts, but then lifted it, allowing Ng to exchange the stolen bitcoin for Monero over several months. In his response to Reuters, Hillmann said law enforcement failed to quiz a permanent freeze via Binance’s web portal at some level of the seven-day duration and then did now not answer the exchange’s observe-up questions.

A Binance investigation team member advised one among the private investigators in a message that “while it is extremely seemingly the paths leading to this account are malicious,” Binance may now not explain the accounts had been “created to facilitate laundering.” When the investigator persisted, the team member scolded him for “several points with your tone.”

In a submission last December to the courtroom in Florida, Binance said the case wants to be brushed aside as the courtroom did now not have jurisdiction over the company. To settle the matter, the think has granted discovery, a route of the place parties quiz paperwork from each assorted.

Hillmann advised Reuters that Binance investigates all allegations of misconduct on its platform and takes appropriate action if its investigators reveal wrongdoing.

Eterbase, the Bratislava-based exchange hacked by the North Koreans, sought Binance’s aid, too.

After news of the hack by Lazarus, Zhao tweeted on Sept. 9, 2020: “Will enact what we can to assist.” Nonetheless when Eterbase emailed Binance’s reinforce centre, a Binance team member said they may now not share any account data with out a law enforcement quiz, according to communications between the two companies viewed by Reuters.

Eterbase submitted a criminal complaint to Slovakia’s National Crime Agency. In June, 2021, the agency wrote to Binance asking for information and saying the funds had been stolen by “anonymous attackers united beneath the Lazarus hacking staff.” Binance spoke back that it may now not name accounts linked to the hack. In July, after another, more detailed police quiz, Binance sent the agency records on 24 accounts, adding they had been empty for over 9 months as “the assets have instantly been traded.”

Hillmann said Binance fully cooperated with requests acquired from Slovakian authorities and helped them to name the relevant accounts.

The records, reviewed by Reuters, showed the totally personal information Binance held on the account holders was their email addresses, many of which had been based on misspelt successfully-identified names, such as “bejaminfranklin,” the American founding father, and “garathbale,” the Welsh soccer player. The hackers weak virtual private networks to vague their gadgets’ locations, the records reveal.

Internal around 20 minutes of opening many of the accounts, the hackers passed an unspecified “safety test” allowing them to withdraw crypto, according to the account records. Each account then transformed parts of the stolen funds into suitable beneath two bitcoin, the withdrawal limit at the time for a basic account with out identification.

After the hack, Eterbase stopped its operations and later filed for bankruptcy. Auxt, the company co-founder, said the losses meant Eterbase may now not quilt its costs. “The hack killed our commercial,” he said. Victims of the hack are but to be reimbursed.

“BLACK HOLE”In private, Zhao has bemoaned that Binance wants to carry out assessments on its possibilities. For the duration of the 2020 video call, Zhao advised staff that know-your-customer principles had been “unfortunately a requirement” of Binance’s commercial.

At times, the compliance team struggled with its workload. In a message to staff in January 2019, Zhao asked assorted departments to aid the compliance team escape background assessments on account of an “overwhelming” variety of unusual users.

According to a staff chat among Binance staff, the compliance team typically approved accounts with inadequate documentation. A team member complained to colleagues that one person was able to begin an account by submitting three copies of the same receipt from a meal at an Indian restaurant. Hillmann said Binance’s know-your-customer assessments are now “extremely sophisticated” and that it views such principles as each “mandatory and welcome.”

Novel and former police officials in 5 international locations advised Reuters that criminal teams had been among Binance’s rising customer base in contemporary years.

In late 2019, Konrad Alber, a retired family lawyer in Germany, invested most of his savings on a trading platform he came upon on-line. He advised Reuters he hoped it may supplement his small pension and allow his wife to pause working to reinforce their lifestyles in a village within the Black Forest.

The platform, called Grandefex, promised to “unleash” his cash’s potential via a sophisticated algorithm. In an email, a sales representative advised Alber, who had runt investing journey, that he may double any deposits interior a year. Over 18 months, he wired almost 35,000 euros to Grandefex’s bank accounts.

Then, last June, when he asked Grandefex to pay him his anticipated earnings, he stumbled on his cash had been transferred to Binance, emails and bank account records reveal. Alber begged Grandefex by email to come back his funds, telling their finance department he had a “mountain of debt” and was suffering a “nervous breakdown.”

In response, Grandefex advised him, “You will merely now not receive your cash.”

Reuters’ emails and calls to Grandefex went unanswered. In June 2020, Germany’s regulator said the platform was unauthorised and ordered its closure.

Grandefex was one among a string of fake trading web pages space up by organised crime teams that have scammed some 750 million euros from European electorate, many of them pensioners, according to German, Austrian and Spanish authorities. Six of us enthusiastic in police investigations into the scams advised Reuters that the teams, which operate call centres in Eastern Europe, have shifted to laundering their gains via crypto exchanges, particularly Binance.

Hillmann said Binance is tackling investment fraud by figuring out victims and suspects, and whenever conceivable, freezing criminal proceeds.

A Vienna-based non-revenue organisation, the European Funds Recovery Initiative, which supports victims of investment fraud, has acquired around 220 complaints from of us whose stolen savings had been transformed into crypto. Almost two-thirds lost cash that was funnelled via Binance, totalling 7.4 million euros, said the initiative’s co-founder, Elfi Sixt. Various investment frauds targeting of us in Turkey, Britain and Pakistan also weak Binance, authorities have said.

Law enforcement officials and lawyers advised Reuters that it is harder for fraud victims to enhance lost funds after they pass via a crypto exchange. In many international locations, customers can ask their banks to freeze or reimburse stolen funds. Binance requires victims to signal non-disclosure agreements as a situation for temporarily freezing assets and insists on the state involvement of law enforcement to route of claims, according to its online page.

Sixt said she has followed this route of to no avail. “I’ve by no means succeeded at getting cash back from Binance.” Asked about this, Hillmann did now not straight answer.

Alber, the retired lawyer, sent a letter to Binance, but said he by no means heard back. In June 2021, the 67-year-outdated reported the theft of his savings and their transfer to Binance to local police. The prosecutor’s office within the nearby metropolis of Baden-Baden said his case remains beneath investigation. Binance said it had no portray of Alber’s letter.

At a police station within the Lower Saxony metropolis of Braunschweig, the state cyber crime unit is investigating a similar scam that weak Binance. Chief Inspector Mario Krause, two of his investigators and the prosecutor leading the probe detailed the case to Reuters.

Last October, the unit coordinated with Bulgarian authorities to raid a call centre within the capital Sofia, which police said ran hundreds of fake on-line trading platforms.

They obtained proof, reviewed by Reuters, together with a database showing the operators had taken in deposits totalling 94 million euros. Videos police seized from an employee’s phone depicted what Krause described as a “Wolf of Wall Avenue” atmosphere at the call centre. Staff rang gongs and popped champagne bottles after they secured mountainous deposits. A scoreboard showed which employee had raked within the most cash each week. They partied on yachts and private jets.

In a statement at the time of the raid, the prosecutor’s office said one suspect was arrested. The case prosecutor, Manuel Recha, advised Reuters the organisation’s leaders are calm at large. The company that ran the call centre, Dortome BG, did now not answer to requests to comment.

For the duration of the investigation, the cyber unit sought to trace the place the stolen funds ended up.

Investigators tracked the cash via many layers of bank accounts to Binance and another exchange, U.S.-based Kraken, police said. By the time Binance and Kraken supplied account records, the police said the funds had been withdrawn or sent to a “mixer,” a provider which anonymises crypto transactions by breaking them up and mixing them with assorted funds. The personal information held by each exchanges on the accounts was usually fake or stolen from victims, the officers said.

Kraken advised Reuters it has “bank-grade” customer assessments and tough tools to forestall fraud. Kraken disputed that customer information supplied to Braunschweig police was fake, saying “every indicator we have suggests these accounts had been weak by legitimate possibilities.”

The Germans’ cash trail went wintry.

Krause said his team was struggling to make progress. “We’re searching for a way out of the black hole,” he said.

Register now for FREE limitless access to Reuters.comReporting by Angus Berwick and Tom Wilson; additional reporting from Michelle Nichols in Novel York; editing by Janet McBride

Our Standards: The Thomson Reuters Trust Principles.