Tracking cryptocurrency transactions is getting easier for law enforcement agencies. On Oct. 16, Cointelegraph reported on how authorities in the United States successfully shut down an international child pornography site. To identify the criminals, the investigators used tools developed by analytic company Chainalysis, which helped to track the Bitcoin (BTC) wallets, used by the criminals to receive payments from customers.
As authorities find more and more ways to track cryptocurrencies, criminals use new techniques, and many sites remain beyond government control. Who will win this battle and can the fight against financial crimes grow into total control over users?
Cryptocurrencies are not anonymous
Before cryptocurrencies gained worldwide popularity, they attracted the attention of criminals who accepted Bitcoin payments in exchnage for drugs and weapons, while others used it to financing terrorism and launder money. As a result, for some time, most had been under the impression that cryptocurrency transactions are anonymous.
In reality, digital currency is far from anonymous. Every transaction carried out in a decentralized network is forever recorded on a public blockchain. Indeed, in order to become the owner of a crypto wallet, users are required to provide personal data.
This is where anonymity ends, though. Any movement of the cryptocurrency — whether it is payment for goods or services, exchange or transfer — becomes visible to all users, and the history of these transactions is tied to each coin, even if it changes its owner later.
According to cybersecurity firm Ciphertrace, its software can track 87% of the global cryptocurrency transaction volume, which may mean that authorities can use monitoring methods not only against criminals but also against ordinary people.
Largest illegal cryptocurrency transactions detected
Cryptocurrencies’ anonymity and their use for criminal purposes no longer seems to be a difficult task for law enforcement agencies. The largest operations to dismantle criminal structures and the confiscation of illegally obtained cryptocurrencies are indicative in this regard. One particular report for 2013–2018 shows, for instance, that global authorities have confiscated over 453,000 BTC, with the U.S. alone accounting for 200,000 BTC.
Sale of illegal goods
The leader in facilitating illegal cryptocurrency transactions is the infamous darknet, a shadow marketplace where hundreds of thousands of illegal goods are sold, including drugs, weapons and crypto malware.
The first such marketplace called Silk Road was liquidated in July 2013. The FBI initially managed to seize about 26,000 BTC, but by the end of that October, the figure had reached 144,000 BTC. As of today, this amount is equivalent of about $5 billion. Four years later, in July 2017, the FBI detected and shut down the AlphaBay platform, confiscating 1,605 BTC, 8,309 Ethereum (ETH), 3,692 ZCash and some Monero (XMR).
Shortly after the AlphaBay arrest, the owners of another marketplace — Hansa Market — were apprehended by U.S. authorities and the platform was shut down. During the operation, the police confiscated more than 1,200 BTC and transferred data about the buyers and sellers to authorities throughout Europe.
Theft and money laundering
In February 2019, U.S. law enforcement agencies not only detected and confiscated but also returned 119,756 BTC (about $65 million at the time) to the Bitfinex exchange, which had been hacked in 2016.
Notably, the FBI demonstrated the highest efficiency in terms of the number of cryptocurrency crimes investigations. During one of them, the founder of the Bitcoin Savings and Trust exchange was identified and accused of organizing a Ponzi scheme in 2016. The fraudster earned more than 720,000 BTC by illegally selling securities. Later, in 2017, investigators dismantled the Coin.mx crypto exchange, the owners of which managed to illegally exchange more than $10 million in cryptocurrency.
The biggest crime that has been investigated by tracking cryptocurrency transactions is probably the laundering of 530,000 BTC stolen from the Mt. Gox exchange. For more than three years, U.S. authorities, together with a group of independent Bitcoin security experts called WizSec, carried out an investigation, which resulted in the case against Alexander Vinnik in 2016.
Related: BTC-e’s Vinnik Case Drags on as New Accusations Continue Emerging
Vinnik allegedly used various exchanges to sell Bitcoins, thus leaving a lot of tracks that supported the case against him. Therefore, as soon as the police discovered where the Bitcoins stolen from Mt. Gox were deposited to, the investigators said that it became much easier to link Vinnik to the case — and over time, experts were able to piece together a timeline of events. However, the question still remains, who were the people behind the attack?
How they track
In most cases, authorities use traditional methods for tracking cryptocurrency transactions that are no different from those used to monitor any other suspicious financial operations. This is the identification of the user through the data obtained during Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures, the mapping of IP servers, withdrawal data comparison, and other methods.
Therefore, crypto exchanges and platforms that have user data of cryptocurrency holders play an important role in the timely detection of suspicious transactions. In fact, it was a cryptocurrency exchanges that helped the Japanese national police agency disclose data on 5,944 suspicious crypto transactions in 2018.
On Aug. 30 this year, the agency announced its plans to introduce a system that can track cryptocurrency transactions in the country. The system is supposed to detect suspicious transactions by comparing them, and then accurately determine the source and destination of illegal money. In China, according to reports released in March, the Public Information Network Security Supervision has been monitoring foreign crypto exchanges that serve Chinese citizens.
Meanwhile in the U.S., authorities have been working with exchanges for several years now. In particular, in November 2016, the police demanded that Coinbase provide the Internal Revenue Service with information about users who have cryptocurrency wallets.
Bitcoin Big Bang
Recently, innovative solutions have appeared that can track suspicious cryptocurrency transactions and identify their initiators using decryption algorithms, software and blockchain.
For example, the company Elliptic Enterprises has created an algorithm for recognizing illegal Bitcoin payments. The software detects suspicious transactions based on patterns previously used by financial criminals. At the same time, according to the developers, the solution is able to correlate digital identities with real-world profiles.
In particular, the company developed the Bitcoin Big Bang visualization map that summarizes all BTC payments over the past six years, which allows for the rapid detection of suspicious transaction chains and organizations involved in them.
Suspicious transactions alert
Chainalysis, a blockchain analytic firm, has developed a real-time alert system called Chainalysis KYT, which informs users about suspicious transactions. According to the developers, the solution is primarily designed for cryptocurrency companies and financial institutions and allows them to reduce regulatory and reputation risks.
Chainalysis KYT analyzes 15 cryptocurrencies and is used by large exchanges. In particular, on Sept. 26, Bittrex announced the introduction of the Chainalysis KYT solution to track suspicious transactions and other activity on the platform. The forensic investigation tools created by the Chainalysis developers also helped to reveal the owners of What to Video, a website that earned about $353,000 in BTC by selling child pornography videos. In total, 1.3 million BTC addresses were involved.
Having found that some users of the site paid for pornographic videos using their crypto exchange accounts, Chainalysis used a tool called Chanalysis Reactor to analyze cryptocurrency transactions. As a result, the investigators identified certain BTC addresses for which it later requested data from the exchanges.
Deanonymization and KYC
The South Korean government has totally banned anonymous trading at the start of 2018. A system of real names has been introduced in the country, with all the traders obliged to have an account with a local bank, and trading platforms prohibited from listing anonymous cryptocurrencies.
Meanwhile, private companies are already declaring that most of the cryptocurrencies are controlled. In particular, on Oct. 15, CipherTrace announced that it can now track more than 87% of the transaction volume. However, anonymous coins such as Monero are not supported at present.
Related: Privacy-Focused Cryptos Hunted Down by Forensics and Exchanges
As such, the CipherTrace Financial Investigations is another solution that can deanonymize players in the crypto market and track criminal transactions, including darknet payments, initial coin offering investments, stolen funds and so on.
According to the company’s website, the platform only needs the user to enter a cryptocurrency address or a transaction ID into the search bar, which auto-completes long addresses, for the system to start working. In the case that illegal actions are detected as related to an address, the system will then automatically identify all other relevant transactions.
In the U.S., the IRS, FBI, Drug Enforcement Administration, Immigration and Customs, and other organizations currently use solutions by CipherTrace, Chainalysis and Elliptic.
Well-known mining equipment manufacturer Bitfury has developed a solution called Crystal for blockchain investigations. According to the creators, Crystal not only helps to identify wallet addresses but also connects them with real-world profiles.
Crystal helped the police conduct a thorough investigation of the movement of funds withdrawn from the Zaif exchange during its hack in September 2018. As a result, specialists were able to track that a fourth of the stolen Bitcoins was sent to the Binance exchange in a series of small transactions, and then passed through a mixer to cover the tracks.
Regulators are releasing more and more requirements, obliging banks and operators that carry out cryptocurrency transactions to comply with KYC and AML procedures. Notably, some exchanges ask their users only for a passport, while others request additional documents — for example, a utility bill or a driver’s license. Given that a third-party’s passport and documents are easy to find on the internet, this procedure can be bypassed in some cases.
Related: Cryptocurrency Mixers and Why Governments May Want to Shut Them Down
Another problem that authorities may encounter when trying to track cryptocurrency payments are mixer platforms, which compile crypto transactions of equal value when processing them, thus covering up the tracks. As a result, users receive the same amount of crypto, minus the commission, but in different Bitcoins.
Are cryptocurrencies as dangerous as authorities believe?
Using unregulated websites entails a high risk for criminals, and the liquidity of such services is not always sufficient for laundering large amounts of money. While exchange of $1 million can go unnoticed on Binance, selling the same amount on a small exchange may take days.
No matter how many ways there are to launder money through cryptocurrencies, this is not the most popular tool for a fraudster today. According to Chainalysis, illegal cryptocurrency transactions comprised less than 1% of all Bitcoin activity in 2018, down from 7% in 2012.
Cryptocurrencies have got a long way to go before they become an attractive way to launder money. In particular, the market must grow, and alternative instruments — such as anonymous cryptocurrencies — must reach big trading volumes and liquidity. And yet, according to the analytics platform Diar, $5.7 million was spent on analyzing cryptocurrency transactions in the U.S. alone.
The community is concerned that Bitcoin’s pseudonymity may be used by authorities to tighten control over the personal lives of ordinary citizens. In April 2019, Chainalysis called on the Financial Action Task Force to refrain from excessive tightening of the cryptocurrency industry regulation, as the measures proposed by the organization could lead to the massive closure of exchanges and other infrastructure services, forcing criminals to find new ways to circumvent laws.
Ordinary citizens cannot avoid being affected by the stricter government control, according to Matthew Green, one of the key developers of the Zcash network. It was also reported that the U.S. National Security Agency is developing the “Oakstar” system, which analyzes several cryptocurrencies. The program can allegedly associate particular people with their cryptocurrency wallets, since users download software that sends their internet data.
According to Arnold Spencer, general counsel for Bitcoin ATM producer Coinsource and the former assistant U.S. attorney in Texas, who prosecuted more than 100 federal cases, there is a hypothetical scenario in which compliance becomes such a burden that digital money is no longer convenient. However, in reality, the possible benefits outweigh the negatives. He explained to Cointelegraph:
“Digital currency compliance is convenient for customers. Many BTMs can process Bitcoin transactions for new customers in minutes. [...] On exchanges, it may be inconvenient to register and clear compliance when you first sign up, but individuals can buy or sell or transact with digital money from their home computer in a few clicks. Much more convenient (and less expensive) than using dollar bills or credit cards.”
Spencer added that the issue of cryptocurrency transaction tracking is a debate surrounding the balance between personal privacy and public safety:
“That debate is perpetual. But the technology surrounding compliance is getting better every week, and compliance is becoming more and more convenient. My view is that we are heading in the right direction — we need a modicum of compliance to protect ourselves, but getting that level is getting easier and easier.”
Moreover, according to him, a well-developed regulatory framework would play an important role in helping governments detect criminals and protecting ordinary citizens from illegal actions, saying, “In an age in which businesses collect, analyze and sell our private information, it makes enormous sense to have legislation which protects the privacy of our financial transactions.“