A bitcoin transaction has details of the incoming address as well as the outgoing address (where the bitcoins are being transferred), so my question is why that outgoing address has not done anything in tracking down ransomware attackers, like the WannaCry authors?
-
8As far as I know (last time I looked) no one has taken money out of the account yet. I suspect because it became so 'hot' they bottled taking the money out for now– ISMSDEVCommented Jun 23, 2017 at 8:35
-
3We know the address but there's no way to know who owns the address.– the_lotusCommented Jun 23, 2017 at 13:54
-
11Bitcoins are traceable but not in a way that you would expect. There are services which swap one of your bitcoins against a different bitcoin with a different transaction. More often than not in a different wallet, with different transaction sizes and time differences. Many of these bitcoin scramblers exists. Many of them don't keep a ttansaction log. It's nearly impossible to trace these down. The ability and availability to pull this is what makes bitcoin "anonymous" dven tho all transactions are publicliy visible.– BlueWizardCommented Jun 23, 2017 at 21:44
-
11@MSalters - there is no central authority in bitcoin, who could declare a bitcoin address worthless/invalid. That's the whole point of bitcoin. It is decentralized.– Martin VegterCommented Jun 24, 2017 at 13:49
-
5@Nobody what problem does it solve for the general public though? That would be the main reason nobody wants to do this. If I need bitcoin and I go buy some the last thing I want is to waste my time checking whether the coins are clean. It wouldn't solve Wannacry-type incidents either, if Bitcoin is not an option they'll switch to something else.– André BorieCommented Jun 25, 2017 at 16:10
|
Show 11 more comments
5 Answers
There is a chance that once the bitcoins have been converted into ‘real money’ or ‘real assets’ the ledger could leak information on the owners of those bit coins. But even then tracking and attribution can be very complex, but in answer to your question the reason in this case is probably that the attacker(s) haven’t ‘cashed’ them in yet.
Depending on who carried out the attack they may never do anything with the bitcoin they have as their attack may not have been financially motivated.
There are ways to launder bitcoins using services such as Bitlaundry, Bitmix or Bitcoinlaundry.
These laundry services work as follows: (credit to the description below)
- Imagine that Alice wishes to send bitcoins to Bob.
- Bob, sadly, is not well liked. Alice would rather not have anyone know that she sent Bob bitcoins.
- So, Alice puts Bob's address in the form at BitLaundry.
- Alice gets a one-time-use address from BitLaundry.
- Alice sends the money to that address.
- BitLaundry sends money out to recipients every 30 minutes.
- (But, it doesn't send out Alice's money immediately, that might be suspicious..)
- So, a random number of 30 minute segments later, BitLaundry sends the money out to Bob.
- BitLaundry then deletes the database link between the one-time-use address and Bob.
- Alice has sent money to BitLaundry, but people do this all the time. She's one of many.
- BitLaundry has sent money to Bob, but BitLaundry has sent money out to a whole bunch of other people as well.
- Alice and Bob are much less linked than they would have been otherwise.
answered Jun 23, 2017 at 8:24
-
5Then if Bob wanted to covert from bitcoin to hard cash without people knowing. He does the same, but ends up paying another bitcoin wallet no one knows he owns. He then extracts from that to hard cash.– ISMSDEVCommented Jun 23, 2017 at 8:42
-
8There is also a form of laundry that take coins from all kinds of different places, and arranges them in a mesh network. Say I send 10 bitcoins to "laundermycoins.onion": Those coins go into a network of other addresses, and the person I am supposed to pay receives coins from completely different addresses than any linked to the ones my coins went into. 2 from here, 4 from there and 4 from another. Each from previous transactions on the site. Mine will do the same when someone else wants to pay and my coins are in no way linked to that transaction. Commented Jun 23, 2017 at 11:31
-
2
-
12Alternatively Alice could hate Bob because Bob just encrypted Alice's entire network ... Alice could send Bob a bitcoin ... and then Bob could send Bob's secondary wallet the bitcoin via BitLaundry Commented Jun 23, 2017 at 16:04
-
6Note that this technique would work with any kind of money. Doing this with physical bills requires lots of infrastructure. Doing this with electronic money (US dollars, say in a bank account) leads to you being criminally liable for the laundring, and banks stop doing business with you (freezing your accounts and payments in/out).– YakkCommented Jun 23, 2017 at 18:04
Bitcoins carry with them a complete log of their entire transaction history.
So the bitcoins used to pay that ransom can forever be found. Whomever has them in their possession can be tracked down, at least elecronically. Transfering those bitcoins into other currency or goods could be used to track down the person who benefited from the bitcoin.
To avoid this, electronic criminals can use the same techniques that real criminals do; they launder their money.
Find someone who is willing to accept bitcoins sight unseen, and then give you some other asset (maybe more bitcoins, maybe cash) and forget that transaction occurred.
Doing this with "real money" is known as money laundering, and is a crime. Financial institutions that do this are shut down and their assets siezed.
As yet, bitcoin laundering facilities have not been shut down. Those who hold bitcoins that have been laundered are not held criminally responsible for the earlier transaction where it was used to pay a ransom. Either one of these actions would probably spoil the use of bitcoins as ransom funding.
In comparison to traditional currencies, bitcoin offers certain advantages in laundering.
If you want to launder using physical money, it requires moving that money around. And large cash transactions are tracked. So doing so on a large scale requires either wide spread physical, on the ground infrastructure, or a way to make large cash transactions look not like money laundering. Both of these are expensive and leave you vulnerable to police action.
You could instead launder using electronic money. But electronic US dollars ends up connecting you to the US banking system, and there are laws against the US banking system working with people doing money laundering or looking the other way. If you or they are caught, your electronic assets will be siezed, and you may be personally caught and prosecuted.
In comparison, bitcoins have no central bank beholden to a country that is trying to stop money laundering that states "the bits in this account are real bitcoins, and those bits over there are not". So you can set up financial insitutions that launder bitcoins for you.
-
6Cue to all the ads with "Work from home a few hours a day and make more money you ever did!" which turn out to be something like "All you have to do is cash in the online money transfers we send to you and send the cash to us, getting a percentage of the money as a reward!"– vszCommented Jun 23, 2017 at 20:45
-
1@vsz that could be money laundering in theory, but it is easier to not even use real stolen/criminal money to do that. Just take advantage of bank clearing delays.– YakkCommented Jun 23, 2017 at 22:05
-
@vsz Yeah, those are just bank scams that dupe the person working from home by sending them checks that bounce. That's technically legal, or at least much harder to prove as a crime. Commented Jun 24, 2017 at 20:22
-
@Shadur : indeed, but such schemes could just as easily be used to obfuscate the source of money gotten through ransomware, or from phishing.– vszCommented Jun 24, 2017 at 23:38
Bitcoin can combine several transactions' outputs as a new transaction's input, and it can also split a single transaction's output among many recipients. This is because only balances are transferred in transactions, not individual units of bitcoin.
"Mixing" services do this to obscure where bitcoin is going. After inspecting one of these transactions, the best you can say is, for example, "10% of the bitcoin sent from address A ended up in address B, another 10% ended up in address C, ..." and so on.
After a few rounds of these mixing service transactions and regular transactions, tiny fractions of the ransom bitcoin is now distributed among many many addresses, including addresses controlled by all sorts of people just buying bitcoin on exchanges, receiving bitcoin for selling products, etc.
More in-depth and complex blockchain analysis is possible, and combined with other real-world data from exchanges and banks it may or may not be possible to eventually track down the owners of the original ransom addresses.
The main purpose of Bitcoin was to create an electronic equivalent of coins: exchangeable, verifiable, and fungible. If it were easy to defeat the pseudo-anonymity, then why bother using Bitcoin instead of existing financial systems? The same algorithms that protect privacy advocates and political dissidents from the snooping eyes of oppressive authorities (or just authorities in general, who are assumed to be oppressive) also protect "real" criminals from those same entities. You can't have one without the other.
-
26Bitcoins are highly traceable. Every transaction a particular bitcoin has been involved in is visible forever. Explaining how you go from a highly traceable protocol, to pseudo-anonymity, is what this question is asking.– YakkCommented Jun 23, 2017 at 18:03
They could also be cashing in the ransom by simply exchanging the wallet for a percentage of another colder wallet.
