- Rescana Engineering
OSINT - the go-to tool for cryptocurrency forensics
While cryptocurrencies have theoretically been aimed at democratizing the global financial system, they’ve also ushered in a wave of brand-new attack vectors for cybercriminals. These days, such malicious actors have a field day with various cryptocurrency scams.
And in an atmosphere where so many people are tempted by the promise of an easy profit that comes with crypto, that situation will only escalate from here. Unfortunately, cryptocurrency scammers are tech-savvy, sophisticated, and deeply rooted in the anonymity provided by cryptocurrencies like bitcoin.
The pseudo-anonymous nature of these transactions makes blockchain financial analyses extremely difficult to conduct — but that’s just another issue in a long line of problems that are being solved or simplified through OSINT.
Rise of crypto crime
Bitcoin and similar cryptocurrencies have the power to give more financial freedom to “the people” and shake up the status quo set up by the world’s major financial institutions. However, cryptocurrencies also allow for a whole new kind of financial crime. In 2021 alone, crypto transactions with illicit addresses carried over $10 billion in value — and that number is increasing as fast as the market capitalization of cryptocurrencies.
Crimes that revolve around cryptocurrencies aren’t just an acute issue for the victims — they’re creating a barrier to the further mainstream adoption of crypto. And the mysterious nature of exploring and investigating blockchains makes the matter even more difficult, as cryptocurrency and blockchain protocols keep evolving.
However, investigators aren’t simply sitting idle and allowing cryptocurrency criminals to become increasingly effective at their malicious craft. Instead, financial investigators are keeping pace — among other things, by adopting open-source intelligence tools in their investigations.
The anonymity of the perpetrators in cryptocurrency cases can be lessened by OSINT methods that uncover and collect vast amounts of data from the Dark, Deep, and Surface Web.
And this isn’t just theoretical — recently, the Department of Justice seized over $55 million in cryptocurrency after using OSINT methods to uncover the vast Bitconnect scam. Also, the National Bureau for Counter Terror Financing in Israel managed to confiscate an unspecified but supposedly large amount of crypto in a terrorism-related case.
OSINT-Powered forensic analysis
Open-source intelligence techniques and tools are perfectly suitable for generating predictive intel in complex cryptocurrency investigations. They provide valuable, actionable insights into situational environments and otherwise hidden data sources. Also, software for analyzing and extracting open data can be specifically configured to unravel various forms of informational entanglement — including those frequently encountered in crypto cases.
It’s safe to say that cryptocurrencies — at least those in mainstream use today — weren’t specifically tailored to satisfy the purposes and needs of terror groups. Nevertheless, they’ve still served crucial financial functions for those organizations.
If newly emerging cryptocurrencies facilitate even tighter security and better anonymity for all the parties involved in transactions, terrorist organizations would likely adopt them as their primary means of financing operational strategies.
However, OSINT procedures can efficiently sift through the Dark Web and various publicly available ledgers — including blockchains. Malicious actors can be tracked even if they use crypto, and identified terrorists can be linked to their donors’ wallets. Plus, OSINT analysis of overarching transactional frameworks allows investigators to quickly find connections between any addresses, instantly revealing criminal actors.
Illegal financial actions slip under the radar more easily when conducted through cryptocurrencies. Cryptos are often used for all kinds of economic crimes — from money laundering, oppressor financing, and tax evasion to fraudulent accounting, embezzlement, and bitcoin scams. As a result, hundreds of millions of dollars are lost to malicious actors every year.
However, OSINT technologies can analyze vast numbers of data sources and classic forensic blockchain identifiers, like websites, IP addresses, usernames, and sometimes even bank details — tracing them back to the crypto criminals behind them.
Analyzing wallet addresses
As you may have concluded, blockchain ledgers play a massive role in cryptocurrency investigations. They hold vital information difficult for investigators to parse and understand without Wallet explorers — OSINT software that conducts thorough analyses of wallet transactions and addresses.
This allows investigators to follow the money, find its source, and uncover the tools their suspects have employed. Seeing as the most popular blockchains like Ethereum and Bitcoin have public ledgers, it’s all a matter of finding the correct information. Some of the most critical data points in this process are:
● Timestamps — blocks that show the exact time when specific transactions had entered a particular blockchain network.
● Hash — the ID of a transaction that allows investigators to look it up on the blockchain
● Addresses — the addresses of the recipient and the sender
● Actual Fee — the cost of the transaction
● Value — The amount of transferred crypto and its USD value
● Transaction Receipt Status — showing whether or not the transaction has been confirmed and completed
Additional OSINT tools can cross-reference public blockchain information with social media sources, locations, related emails, and all other kinds of helpful info which can identify suspects and perpetrators of large-scale and small-scale cybercrimes.
Wrapping Up (and some tools)
The technology of obscuring illegal transactions is constantly evolving, making updating our means of investigating and tracing these illegal transactions even more critical. The world of blockchains and cryptocurrencies is the latest battleground between financial forensics and tech-savvy criminals — but luckily, the anonymity provided by cryptocurrencies can be lessened through the clever use of OSINT information.
Check out these links (free) to start exploring blockchains with OSINT:
https://passport.webmoney.ru/asp/WMCertify.asp - analysis of transactions
https://etherscan.io/ - Etheruim blockchain explorer
https://bitnodes.io/dashboard/bitcoind/ - Mempool viewer (uncommitted transactions)
https://intelx.io/ - loads of OSINT intel, including wallet information
https://blockexplorer.com/ - Information about blocks, transactions, address
https://www.walletexplorer.com/ - Analysis of transations