The Harmon Brothers

In today’s post, we’ll take a look at a crazy story about one of the biggest money laundering crimes in the entire blockchain space, committed by two brothers. Let’s get into it!

It all started when, Larry, the elder of the Harmon brothers, under the nickname “Gramsadmin,” created a search engine in 2014 called “Grams,” which was described as the “Google of the dark net,” as it helps users find illegal narcotics, weapons, and hacking services on the darknet. Using Grams, customers can pay through an illegal mixing service Larry owns known as “Helix.” Helix allows users to send bitcoins to recipients in a manner that conceals the owner of the bitcoin, making it difficult for law enforcement to track any specific wallet. Larry made a 2.5% cut per transaction.

The business grew rapidly when the darknet’s largest markets like AlphaBay, Agora, Nucleus and Dream Market began directing their consumers to make payments through Helix. Helix would process thousands of transactions daily and had a total of 350,000 BTC transacted between 2014 and 2017 valued at around $311 million USD at that time. At the peak of BTC’s price, that amount would actually be worth around $24.1 billion.

The US FBI led an international operation that shut down one of Helix’s core partners, AlphaBay in July 2017 after claiming that it was a major source of heroin along with fentanyl and was in search of the owner of Helix. In response to this, Larry shut down “Helix” a few months later to create a payment software known as Dropit, which he marketed as the Venmo of cryptocurrency for user-to-user transfers.

Through blockchain analysis, law enforcement identified 16 Bitcoin wallets traced to Helix containing 4,877 BTC with tens of thousands of transactions. Agents investigated these transactions and discovered one involving a website where customers could purchase gift cards using Bitcoin and an email connected to Larry that was used to open the account.

Larry

Larry was arrested in February 2020 in his Akron office when authorities executed a search warrant on his apartment, where they found a Trezor crypto wallet with him.

A Trezor crypto wallet can be accessed in two ways. Users can either connect the storage device to a computer and enter a passcode if they have physical access to it, or recreate wallets stored on the device by using recovery seed words. Agents were unable to access the storage device because they lacked the correct passcode. However, they could see from the blockchain explorer that Larry’s addresses held control over the money.

Larry was charged with conspiracy to commit money laundering, operating an unlicensed money transmitter business, and money transmission without a license. Prosecutors claimed Helix laundered $27 million in bitcoin for AlphaBay by integrating its mixing services on-site, which his family denied.

Larry was granted bail in April 2020 pending trial, and the subject conditions of his release included a restriction on cryptocurrency transactions.

A few days after his release, IRS officers discovered Bitcoin had been transferred from some of the addresses linked with Helix. The judge questioned Larry about it when the prosecution returned to court; when he denied any involvement, the judge ordered him to reveal all of his passwords so that agents could transfer the last 4,164 bitcoins—worth $40 million at the time—to a secure wallet. Larry complied to establish his innocence, and the thefts stopped.

Larry was asked to pay a $60 million civil fine, and his attorney made it clear during his guilty plea that Larry was unaware of the quantity or value of the transactions.

But if Larry wasn’t involved in the transfer of BTC from the addresses linked with Helix, the question is, then who was?

It was Gary Harmon, his brother!

Larry revealed to the prosecution that Gary was the perpetrator. Records show that Gary used Larry’s credentials to access the wallets linked to Helix between April 19 and April 24, 2020, and transferred approximately 712 bitcoin — valued at around $5 million at the time. A source later informed the prosecution that Gary had requested his opinion on Bitcoin gaming services.

According to the prosecution, Gary deposited 68 bitcoins with BlockFi, a blockchain service that enabled him to borrow money using his bitcoin as security for a $1.2 million loan. This loan was used to purchase a condo in Cleveland. There was also the infamous photo on his phone, of him in a bathtub full of money. This picture was later presented in the government’s court documents and agents later discovered four emails from noreply@trezor.io that were sent to Gary’s Gmail account, showing how wallets were being recreated on devices.

Garry

Gary was detained in July 2021 and charged with fraud and other offences, which he had denied in the past.

In July 2020, at an interview with agents, he asked, “If I have access to everything, why wouldn’t I take it all?”

Gary’s attorney had recently argued in court that it is not Gary’s concern if the government is unable to keep up with technological advancements.

The prosecution contends that in order for Gary to be released on bail, the Bitcoin seed words must be turned over, while Gary’s lawyer claims that the requirement would violate his Fifth Amendment right to not be incriminated by being forced to confess to crimes, thereby turning down the plea offer.

Garry’s trial is set for February 2023, and although Larry’s sentencing has not been scheduled, his cooperation with the prosecution will probably result in a shorter sentence than normal.

Follow me on Twitter (X): Cryptonalyses