Faced with the headlines of some newspapers that associate the word bitcoin with "sulphurous", "scam" or "danger", many people, uninformed, still have the reflex to associate bitcoin with the darknet.
What is the reality? Are we in the "Wild West"? How are criminals using bitcoin? And what are law enforcement agencies doing in the meantime? What is the relationship between cops, robbers... and bitcoin?
An analysis of law enforcement releases shows that the reality is more nuanced. Thieves have suffered a number of setbacks with the cryptocurrency, while police have discovered a surprising ally in bitcoin.
I - Thieves... and Bitcoin
Initially, the qualities of Bitcoin sought by criminals included its anonymity, its speed for domestic and international transfers, and its low transaction costs.
Practice has shown them that Bitcoin is not anonymous but pseudonymous, and that its use for criminal purposes is not so easy. Gradually, traffickers began to turn to other forms of cryptocurrencies.
Criminal practices related to Bitcoin
In the context of illicit uses by traffickers of bitcoins, the following major trends can be noted:
- Buying and selling illicit goods: Criminals early on saw the benefits of using bitcoin to buy and sell illicit goods on the darknet. The Silk Road, Silk Road 2 and more recently Alpha Bay and Hansa sites are notable examples. This use of bitcoin by criminals has grown: while Silk Road in 2013 referenced more than 13,000 narcotics products, Alpha Bay and Hansa together in 2017 sold more than 350,000 illicit products (drugs, weapons and all kinds of cybercrime products).
- Extortion (ransomware) and use of zombie computers ("botnet") to make bitcoins: In 2017, many companies, hospitals and institutions in more than 150 countries in Europe, Asia and the Americas were affected by the ransomware ("ransomware") Wannacry and NotPetya. The cybercriminals demanded a ransom in bitcoins from their victims to make the encrypted data accessible. Some criminal organizations also use infected zombie computers to control them in order to use their computing power to mine bitcoins without the owner's knowledge.
- Theft and denial of service ("hacking"): Criminals, recognizing the financial value of Bitcoin, have been quick to target Bitcoin companies to steal their assets. The general public is often unaware that companies in the industry have thus long been victims of theft or denial of service. In 2014, a massive denial-of-service attack was launched on numerous exchange platforms such as Mt Gox, Bitstamp or BTC-E. In January 2015, 18,864 bitcoins were stolen from Bitstamp. In August, it was Bitfinex's turn to have 119,756 bitcoins stolen. Since then, there have been many examples. These companies have often paid a heavy price... but have learned a lot.
- Scams: Regularly, with each surge in bitcoin prices, there is a resurgence of scams. Scammers of all kinds are using classic criminal practices (ponzi schemes, scams, identity theft ...) to extract money from gullible newcomers. For this purpose, they often pretend to be bitcoin companies that they are not. They use fictitious companies or simply impersonate personalities of the cryptocurrency world. They contact individuals directly (by phone or email) offering to buy bitcoins and promising them exorbitant returns. According to the experience of Mr. Pascal Lembras, police officer of the Brigade of Research and Financial Investigations, which he describes in a very interesting article entitled "Such is taken who thought to take", the process used by these criminals is the same as in the context of scams in forex, options-binary, diamonds ...
- Money laundering: It is well known that criminals use cryptocurrency exchange platforms to convert the fruits of their illicit activity. However, the use of bitcoins has not only advantages for cybercriminals. They realized that bitcoins were not anonymous but pseudonymous, which means that transactions could be traced on the public bitcoin blockchain. They therefore began to increasingly use "mixers" or "tumblers" to make bitcoin transactions more anonymous by mixing multiple transactions and avoiding traceability of transactions. In addition, a shift in their practices towards other cryptocurrencies has emerged.
The evolution of criminal practices towards altcoins
The sharp increase in the price of bitcoin during 2017 caused a massive influx of new entrants and the number of transactions. The system has repeatedly been clogged with extremely long waiting times (from hours to days) for transaction validation and a considerable increase in costs.
Cybercriminals, like many ordinary users, began to turn to other cryptocurrencies ("altcoins"), which were faster and cheaper.
In some cases, criminals have turned their bitcoins into more anonymous altcoins: in August 2017, the cybercriminals behind the Wannacry ransomware turned the bitcoins extorted from their victims into moneros, a much more anonymous altcoin.
In other cases, cybercriminals don't even bother going through the bitcoin stage anymore and use other cybercurrencies directly. Appearing in early 2018, the GandCrab ransomware became the first ransomware to demand ransom payments in dash.
In 2018, "Data Intelligence" firm Recorded Future published a report on "The Emergence of Litecoin as the Next Dominant Currency of the Darknet." This report provides a number of answers regarding this appeal of altcoins to traffickers.
The paper relates that this attraction is not recent: it was during 2016 that discussions began among criminals regarding the use of cryptocurrencies. He points out that regardless of the criminals' geographic origin, language used, or industry, the traffickers all shared their growing dissatisfaction with the use of bitcoin as their sole means of payment on the web.
In a poll of several hundred members of a popular darknet crime forum, Record Future noted that despite overwhelming support for dash, there was no consensus on which cryptocurrency should be adopted on the darknet. Participants in the vote were 21.82% for monero, 20.61% for dash, 19.39% for ether, 15.15% for litecoin, 13.33% for bitcoin and finally 9.13% for bitcoin cash.
Further research by Record Future shows that sellers are the determining factor in which payments are accepted or not on the darknet.
At the same time, the company analyzed 150 of the most important discussion forums, platforms and illicit service sites: while bitcoin remains the most used cryptocurrency on the darknet, it is followed by litecoin, which is accepted by 30% of sellers, then dash accepted at 20%, bitcoin cash at 13%, ether at 9% and monero at 6%.
If bitcoin and altcoins are the tools of the darknet, what are the police doing? What is the relationship between the police, thieves ... and bitcoin?
How have the police adapted to developments in the criminal use of bitcoin and altcoins?