Cybercrime Investigator

How Cryptocurrency Helps Investigate Cybercrime

These days, cryptocurrency is synonymous with anonymity. However, cryptocurrency helps solve cybercrime too: find out how in this post.

Preface

These days, it’s rare to find a person — no matter how much computer-literate he may be — who hasn’t heard of the terms “crypto”, “cryptocurrency”, or one of the coins like Bitcoin, Litecoin, Ethereum, or Monero. All of those coins have their equivalent abbreviations — Bitcoin is abbreviated to BTC, Litecoin is abbreviated to LTC, Ethereum is home to ETH, and Monero is called XMR.

All of those cryptocurrencies are called coins and some of those coins may seem like a nightmare for a cybercrime investigator. Hundreds, thousands, or even millions of bitcoin addresses that money is moving through, unusual routes, unexplained or shady origins of money.

Those shady origins of money often come across the radar of law enforcement, and, consequentially a cybercrime investigator. The role of a cybercrime investigator is tough — one has to decide which cybercrimes to investigate, how to investigate them, and how best to present results to supervising staff.

The Job of a Cybercrime Investigator

No one cybercrime investigator is cut from the same cloth — one cybercrime investigator may be assigned to one sphere (e.g. data breaches), the second cybercrime investigator may deal with identity theft, the third will be assigned to take care of financial crime on the web, etc.

No matter what’s the role of a cybercrime investigator in cybercrime investigations that they put themselves through, one thing will ring a bell for the majority of them — cryptocurrency.

The Role of Cryptocurrency and Why Crypto Isn’t Always Anonymous

Many criminals use various types of cryptocurrency to buy/sell access to certain online facilities or data. A very good example of this are data breaches: there have been cases where criminals have sold leaked data breaches to a cybercrime investigator who was posing as a person who needed to access data for various purposes, and once the data was sold, appropriate actions were taken to stop the criminal activity.

Cryptocurrency and leaked data isn’t anything new — approximately 10 years ago, many of folks in the industry saw entire marketplaces selling stolen data for crypto. The data was sold because the perpetrators of the activity sought to remain anonymous — and used cryptocurrency like Bitcoin (BTC) to confuse a potential cybercrime investigator.

The problem with cryptocurrencies like BTC is that they leave a digital trail on the Blockchain whenever they are moved back and forth, thus making the hiding of the origin of money practically impossible. Granted, there are cryptocurrencies like Monero (XMR) that don’t rely on Blockchain technology and rely on ring signatures to obfuscate the source of the money — however, cybercriminals don’t always think a step ahead as you will soon find out.

Cryptocurrency and Cybercrime

Court cases once again mark the role of cryptocurrency in cybercrime and related investigations: in the case of United States v. Gratkowski, the case alleges that a child pornography website has accepted payments in Bitcoin, and those who paid the website with the intent to view child pornography have, understandably, been subject to scrutiny. How? Bitcoin is supposed to make you anonymous, right?

Not exactly — here, we come back to the Blockchain of BTC once again: the case further states that since transactions using Bitcoin use a Blockchain and thus are subject to public scrutiny (i.e. can be accessed publicly by anyone who has the desire to do so), a cybercrime investigator who uses a service to analyze the transactions in the Blockchain was easily able to determine the path of the money has taken. Once the source of the money used to pay for illicit services was identified, a cybercrime investigator has contacted the platform where cryptocurrency was managed — Coinbase — and identified the users who paid for illicit services.

In another case related to drugs, we can once again see the role of Bitcoin in taking criminals down: drug purchases were allegedly paid for using Bitcoin, and a cybercrime investigator was once again able to determine the path of the money by tracking its path through the Blockchain. The drug case specifies that one wallet used by criminals deposited cryptocurrency into a wallet controlled by Coinbase and the same process took perpetrators of crimes down again.

Lessons Learned

What can we learn from this? The first thing to note would be that Bitcoin (and any cryptocurrency that uses a Blockchain as a basis for operation) isn’t completely private, the second thing would be that criminals use cryptocurrency in their operations quite heavily, and the third thing is that a competent cybercrime investigator will stop at nothing to take criminals down.

Here, we come back to data breaches once again — we must keep our accounts safe by using unique passwords for every account (that can be accomplished by using password managers like 1Password, BitWarden, Dashlane or LastPass) and don’t forget that passwords must be changed frequently too. Yes, do that even if you use a password manager! You never know when a service you use has gotten breached. Data breaches aren’t being announced anymore — that’s what role of data breach search engines could be. Decent data breach search engines will provide you with a way to search for your data through a trove of data breaches as well as provide an API to implement their data into your own infrastructure, should you so desire. The BreachDirectory API is equipped to do exactly this type of work: our API will allow you to implement the data inside BreachDirectory into your own system and use it to protect your employees, customers, yourself, and everyone around you.

Data Breach Search Engine by BreachDirectory
Data Breach Search Engine by BreachDirectory

Summary

Cryptocurrency is an asset to everyone — including cyber criminals. Cybercriminals — big and small — use cryptocurrency like there’s no tomorrow in part because they think that using cryptocurrency makes them anonymous.

Some cryptocurrencies like Monero are indeed anonymous, but one of the most famous ones — BTC — is not because it operates on the principle of Blockchain meaning that when BTC moves, all of its moves can be tracked using the Blockchain as well. That helps a cybercrime investigator determine the path of the money, and if necessary, take criminals down.

So, cryptocurrencies do not only help cybercriminals: features of crypto can also be employed to stop them.

Stay safe by reading cybersecurity news and follow us on X (Twitter), LinkedIn, and Facebook for more updates, and until next time.

Frequently Asked Questions

What is a Cybercrime Investigator?

A cybercrime investigator refers to a person or group of people investigating cybercrime. Such people often work with or inside law enforcement agencies with an aim to put a stop to cybercrime.

What is the Bitcoin Cryptocurrency?

Bitcoin — or BTC for short — is a virtual currency that’s outside of the control of a single person and that uses blockchain technology to facilitate operations.

Is Bitcoin Anonymous?

No, BTC is not anonymous and the origins of money can be traced by a cybercrime investigator.

Do Anonymous Cryptocurrencies Exist?

Yes, anonymous cryptocurrencies do exist — Monero or XMR is an excellent place to start.

Leave a Reply

Your email address will not be published. Required fields are marked *