Your Sloppy Bitcoin Drug Deals Will Haunt You for Years

Credit to Author: Andy Greenberg| Date: Fri, 26 Jan 2018 11:00:00 +0000

Perhaps you bought some illegal narcotics on the Silk Road half a decade ago, back when that digital black market for every contraband imaginable was still online and bustling. You might already regret that decision, for any number of reasons. After all, the four bitcoins you spent on that bag of hallucinogenic mushrooms would now be worth about as much as an Alfa Romeo. But one group of researchers wants to remind you of yet another reason to rue that transaction: If you weren't particularly careful in how you spent your cryptocurrency, the evidence of that drug deal may still be hanging around in plain view of law enforcement, even years after the Silk Road was torn off the dark web.

Researchers at Qatar University and the country's Hamad Bin Khalifa University earlier this week published findings that show just how easy it may be to dredge up evidence of years-old bitcoin transactions when spenders didn't carefully launder their payments. In well over 100 cases, they could connect someone's bitcoin payment on a dark web site to that person's public account. In more than 20 instances, they say, they could easily link those public accounts to transactions specifically on the Silk Road, finding even some purchasers' specific names and locations.

"The retroactive operational security of bitcoin is low," says Qatar University researcher Husam Al Jawaheri. "When things are recorded in the blockchain, you can go back in history and reveal this information, to break the anonymity of users."

Bitcoin's privacy paradox has long been understood by its savvier users: Because the cryptocurrency isn't controlled by any bank or government, it can be very difficult to link anyone's real-world identity with their bitcoin stash. But the public ledger of bitcoin transactions known as the blockchain also serves as a record of every bitcoin transaction from one address to another. Find out someone's address, and discovering who they're sending money to or receiving it from becomes trivial, unless the spender takes pains to route those transactions through intermediary addresses, or laundering services that obscure the payment's origin and destination.

'The retroactive operational security of bitcoin is low.'

Husam Al Jawaheri, Qatar University

But few if any researchers have actually documented their work to exploit those properties of bitcoin and count identifiable dark web transactions. To do so, the Qatari researchers first collected dozens of bitcoin addresses used for donations and dealmaking by websites protected by the anonymity software Tor, run by everyone from WikiLeaks to the now-defunct Silk Road. Then they scraped thousands of more widely visible bitcoin addresses from the public accounts of users on Twitter and the popular bitcoin forum Bitcoin Talk.

By merely searching for direct links between those two sets of addresses in the blockchain, they found more than 125 transactions made to those dark web sites' accounts—very likely with the intention of preserving the senders' anonymity—that they could easily link to public accounts. Among those, 46 were donations to WikiLeaks. More disturbingly, 22 were payments to the Silk Road. Though they don't reveal many personal details of those 22 individuals, the researchers say that some had publicly revealed their locations, ages, genders, email addresses, or even full names. (One user who fully identified himself was only a teenager at the time of the transactions.) And the 18 people whose Silk Road transactions were linked to Bitcoin Talk may be particularly vulnerable, since that forum has previously responded to subpoeanas demanding that it unmask a user's registration details or private messages. "You have irrefutable evidence mapping this profile to this hidden service," says Yazan Boshmaf, another of the study's authors.

The researchers point out that they used only easily spotted addresses and simple matching techniques. They didn't exploit, for instance, methods that other researchers have proposed for making less obvious connections between bitcoin addresses that identify "clusters" of addresses associated with dark web black markets. Nor could they use the means available to law enforcement to compel online services like the popular bitcoin wallet company Coinbase to cough up secret bitcoin addresses. "Our analysis shows a lower bound of what can be found," Boshmaf says. More well-resourced and motivated hunters could potentially trace even more would-be anonymous bitcoin spenders, even years later.

'If you’re vulnerable now, you’re vulnerable in the future.'

Yazan Boshmaf, Qatar Computing Research Institute

Law enforcement has shown that it's willing to dig into the blockchain to assemble evidence of past criminal transactions. In the case of convicted Silk Road founder Ross Ulbricht, for instance, a FBI contractor demonstrated to a jury that $13.4 million in bitcoin had at one point moved from the Silk Road's servers to Ulbricht's laptop. And even years-old dark web transactions aren't safe from prosecution. One German Silk Road customer was fined 3,000 euros by German authorities after they busted a marijuana dealer who'd kept records of his past sales, years after they had occurred.

Events like those have helped make cryptocurrency users increasingly wary of Bitcoin's privacy pitfalls. Earlier this month, cryptocurrency research firm Chainalysis noted that dark web transactions now account for just one percent of bitcoin transactions, down from 30 percent in 2012. Contraband sales, like other illegal applications of cryptocurrency including ransomware, have largely switched to newer digital currencies like Monero and Zcash, both of which promise far greater privacy by default.

But as the Qatari researchers' work shows, even improving your privacy practices can't always erase years-old evidence from the internet, particularly when that evidence is captured in the unalterable record of the blockchain. Even deleting profile information that includes bitcoin addresses may not be enough if a post has been cached or captured by services like the Internet Archive, they point out. "If you’re vulnerable now, you’re vulnerable in the future," Boshmaf says. Your cutting edge stealth today, in other words, might not save you from the ghosts of bitcoin opsec failures past.

Bitcoin? Please. The dark web drug dealer cryptocurrency of choice is Moreno

Thousands of dark web users already found out the hard way last summer that law enforcement has ways of shutting them down

If you have some time, do yourself a favor and read all about the rise and fall of Silk Road

https://www.wired.com/category/security/feed/