Contrary to popular belief, the use of cryptocurrencies by criminals, far from covering their tracks, is a gold mine for investigators.
Until this month of February 2022, everything was going well for Ilya Lichtenstein and Heather Morgan, a couple from New York working in tech. But that was before investigators from several US administrations handcuffed them. According to united states department of justicethese thirty-somethings tried to launder nearly 120,000 bitcoins stolen in 2016 from the Bitfinex exchange platform.
When they were arrested, the value of these cryptoassets was estimated at approximately $4.5 billion. A treasure found largely by investigators from the Internal Revenue Service (IRS), the American tax services. While the couple thought they were safe, the tax authorities had patiently tracked the path taken by the stolen bitcoins. And this, despite several thousand transactions intended to hide the traces.
Follow-up with a simple Excel table
Crypto therefore does not protect criminals, it is even quite the opposite. Bitcoin has often been caricatured as the currency of criminals. But on the contrary, crypto-assets are proving to be a valuable tool for police around the world to track shady financial flows. The very principle of blockchains makes it possible to follow the path of the tokens step by step.
Admittedly, these large public and tamper-proof registers do not record the identity of the perpetrators of the transactions. But the latter, identified by a pseudonym – a string of numbers and characters – are not therefore anonymous. In the forces of order, one of the first to have understood this is Tigran Gambaryan.
As Wired journalist Andy Greenberg recounts in a recent book ” Cryptocurrency criminals. Stalking the Heart of the Dark Web » (ed. Saint-Simon), this IRS agent from Armenia will patiently, in the fall of 2014, retrace the path of bitcoin transactions with the Blockchain.info search engine. On an Excel sheet, he transcribed address after address of the course of a suspicious transaction. In reality funds given by the boss of Silk Road, Ross Ulbricht, the Amazon of drugs, to a crooked DEA agent.
Mission: find the bitcoins of Mt.Gox
The resolution of this investigation, notes Andy Greenberg, opens “a new era in the world of investigation”. Now, investigators are now able “to electronically track the financial movements of ill-gotten fortunes”. In France, the gendarmes who worked on the Locky ransomware will also fill in Excel tables by hand to trace the trace of computer extortion.
But this method is very tedious and not very effective. A computer scientist, Michael Gronager, has also understood that it will be possible to make blockchains speak. He was then stationed at the Kraken crypto-currency exchange platform. In the fall of 2014, this Danish forty-year-old launched his start-up, Chainalysis, on a whim. This blockchain analytics company is now valued near $9 billion.
But, at the time, the bet was risky, as evidenced by his perilous first contract. His job ? Find the trace of the 750,000 bitcoins stolen from Mt.Gox, this cryptocurrency exchange platform launched by a Frenchman in Japan. “The term client had something of an exaggerationrecalls Andy Greenberg. He would not receive a commission or even a percentage of the recovered funds, as long as he manages to recover even a part of them. »
Clusters to lighten the blockchain
And if Michael Gronager has in mind the principle – the analysis of transactions on the blockchain could constitute an interesting service –, it remains to put it into practice. The programmer himself codes a first bitcoin tracking tool. Then, he is joined by Jan Møller, another computer scientist, the future technical director of the company.
To simplify the calculations necessary for tracing transactions, they will implement a principle discovered by the cryptographer Sarah Meiklejohn. Many bitcoin addresses can be linked together and grouped into clusters. For example, bitcoins sent at the same time to a common receiving address most likely belong to the same person. Similarly, if only a portion of bitcoins in a wallet is spent, the remaining balance can be transferred to a new address. With these methods of grouping addresses, the calculations are significantly reduced. The Chainalysis software can thus give a result to a query in a few seconds.
The industrialization of surveys
In a few months, the reputation of Chainalysis will be made among the police. Two intelligence agencies take out a subscription, then three cryptocurrency exchange platforms. The business takes off. Its Reactor software, for example, was used to draw the map of transactions carried out on AlphaBay.
With this tool, two FBI investigators have indeed discovered the identity of the administrator of this important black market. They had targeted the best-endowed and most dormant portfolios, assuming that they would have a link with the boss of AlphaBay. Following the transactions, they arrived at an exchange platform that had made a sale for the Internet user. Her name ? Alexandre Cazes. Another feat of Chainalysis: its software will be used to identify users of the sordid Welcome to video, a child pornography site.
Admittedly, monitoring flows on blockchains has its limits. For example, it can be blocked by the use of a mixer, these transaction scrambling services. But the latter require large amounts of transactions to be truly opaque. The flow of cryptos can also end up on an uncooperative exchange, leading investigators to a dead end. But even if the track is harder to follow, the imprint remains, and nothing says that it won’t be possible later to trace the track a little further, as after entering the platform’s database. opaque exchange.
Concerns over surveillance potential
Still, the industrialization of tracing, enabled by tools like those implemented by Chainalysis, is not without concern. An initiative of this company had caused an outcry. While the bitcoin blockchain does not store its users’ IP address, the company realized it could record this crucial information by operating its own bitcoin nodes. A surveillance operation that had shocked.
The employment framework of software like Reactor also raises reservations. Could they be used to track political opponents? Dark prospects already anticipated by cryptographer Sarah Meiklejohn. Questioned by Andy Greenberg, she is worried about a hunt that could target sex workers. “If you care about your privacy, don’t use Bitcoin”she concludes.
Help us build the future of Numerama by answering this survey!
