Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

News & Supplemental  

Bitcoin Horrow Show

 

Dave Emory’s entire life­time of work is avail­able on a flash dri­ve that can be obtained here. (The flash dri­ve includes the anti-fas­cist books avail­able on this site.)

COMMENT: We’ve done sev­er­al shows about Bitcoin–apparently con­ceived by peo­ple from Siemens spin-off Lan­tiq, which was cap­i­tal­ized by Gold­en Gate Cap­i­tal (formed by alum­ni of Bain Capital–Mitt Romeny’s firm.) Those pro­grams are: FTR #‘s 760, 764, 770, 785.

Deriv­a­tive of the fas­cist doc­trine stem­ming from the Aus­tri­an school of eco­nom­ic the­o­ry, Bit­coin is inex­tri­ca­bly linked with the milieu of Edward Show­den and the lib­er­tar­i­an wing of the GOP.

A horrifying–though predictable–story from the Dai­ly Mail illus­trates the moral, prac­ti­cal and philo­soph­i­cal bank­rupt­cy of lib­er­tar­i­an phi­los­o­phy. (A tip of the hat to “Par­ticipo” for this sto­ry.)

Kid­die porn freaks (with an appar­ent sadis­tic bent) have been using Bit­coin to finance online videos with the chil­dren being tor­tured with lit cig­a­rettes.

Aside from the poten­tial for such activ­i­ty to be uti­lized by orga­nized crime syn­di­cates and intel­li­gence ser­vices for a vari­ety of pur­pos­es, this will  cer­tain­ly obvi­ate the need for rig­or­ous sur­veil­lance of the inter­net.

We here a great deal about “free­dom” these days, par­tic­u­lar­ly in con­nec­tion with the inter­net.

Real free­dom, how­ev­er, can only exist when mar­ried to respon­si­bil­i­ty. The prop­a­ga­tion of activ­i­ties such as the one described in the sto­ry below under­scores the deprav­i­ty of many of those who argue for an unmon­i­tored inter­net, on which “any­thing goes.”

 “Dis­turb­ing New Inter­net Child Abuse Sees Tod­dlers Raped and Burned Live on Web­cam as Pae­dophiles use Bit­coin to Stop Being Traced, Warns Police Chief” by Kier­an Cor­co­ran; Dai­ly Mail; 4/21/2014.

One of Europe’s top police offi­cers has warned of a sick­en­ing online trade in child tor­ture porn.

Rob Wain­wright, the direc­tor of Europol, said offend­ers are using the untrace­able online cur­rency Bit­coin to pay for depraved ‘shows’, per­formed live on web­cams, which see young chil­dren raped and burned.

He said: ‘The lev­el of deprav­ity seems to be descend­ing year on year, frankly, includ­ing what seems to be in vogue now, which is live web­cam ‘shows’ of tod­dlers not just being raped but being burnt with cig­a­rettes.

Scroll down for video

Sick­en­ing: Mark Wain­wright warned that online preda­tors were pay­ing to watch chil­dren be raped and burned live on web­cam

‘Sor­ry, but it’s hap­pen­ing online and it’s extreme­ly dif­fi­cult for us to iden­ti­fy.’

Mr Wain­wright warned that Bit­coin — a ‘cryp­to-cur­ren­cy’ based on math­e­mat­i­cal for­mu­lae and inde­pen­dent of any gov­ern­ment or cen­tral bank — is prop­ping up a crim­i­nal black mar­ket.

He also warned that police and politi­cians were strug­gling to keep up with the pace of online crime, thanks to wide­spread anonymi­ty online, and easy access to encryp­tion tech­nol­ogy which can make crim­i­nals almost impos­si­ble to track down.

Mr Wain­wright warned that the prin­ci­ple that everyone’s online activ­ity should be anony­mous by default needs to be chal­lenged in order to police the inter­net effec­tive­ly.

(*fur­ther enhanc­ing the require­ment for a vir­tual panop­ti­con — par­ticipo)

He crit­i­cised the slug­gish response from the police, politi­cians and big busi­nesses, say­ing that equiv­a­lent lev­els of crime in the phys­i­cal world would be ‘front page news.’

Every­thing you need to know about bit­coin

Black mar­ket: The Bit­coin cryp­tocur­rency is being used for ille­gal activ­i­ties, Mr Wain­wright warned

–Black mar­ket: The Bit­coin cryp­tocur­rency is being used for ille­gal activ­i­ties, Mr Wain­wright warned
He told The Times: ‘It is frus­trat­ing that we are not get­ting the mes­sage out, at least not loud enough for leg­is­la­tors to hear it.’

The Inter­net Watch Foun­da­tion pres­sure group has recent­ly claimed to have found evi­dence of an email scam direct­ing peo­ple to under­ground web­sites where the sick ‘shows’ could be seen in exchange for Bit­coin.

 

Discussion

9 comments for “Bitcoin Horrow Show”

  1. With the means shut down any­thing it wants on the inter­net, just whom in the gov­ern­ment is pro­tect­ing these sites?

    Posted by David | April 26, 2014, 4:05 pm
  2. A large swath of the com­mer­cial ‘Dark Web’, poten­tial­ly around a third of it includ­ing Silk Road 2.0, just went dark:

    The New York Times
    Inter­na­tion­al Raids Tar­get Sites Sell­ing Con­tra­band on the ‘Dark Web’

    By BENJAMIN WEISER and DOREEN CARVAJALNOV. 7, 2014

    In the dig­i­tal mar­ket­place, they oper­at­ed as a secret under­ground with names like Blue Sky and Silk Road 2.0 where anony­mous buy­ers could pur­chase drugs, stolen cred­it cards and weapons, or even hire a hit man.

    These web­sites, known as the “dark web,” can­not be found by Google or even by typ­ing in a web address. The sites typ­i­cal­ly oper­at­ed on the Tor net­work, which is designed to con­ceal the I.P. address­es of the com­put­ers being used.

    It was that thriv­ing online black mar­ket that Amer­i­can and inter­na­tion­al author­i­ties announced on Fri­day had been the tar­get of a series of raids and arrests in 16 coun­tries, which includ­ed the seizure of dozens of web­sites that matched anony­mous sell­ers and buy­ers for illic­it goods and ser­vices.

    The inves­ti­ga­tion, nick­named Oper­a­tion Ony­mous, was aimed chiefly at sell­ers, and deac­ti­vat­ed upward of 50 such web­sites, includ­ing Silk Road 2.0 and Blue Sky, as well as Mr. Quid’s Forum and Cannabis Road Mar­kets, accord­ing to Europol, the Euro­pean Union’s law enforce­ment agency.

    Across Europe and the Unit­ed States, at least 17 sell­ers were arrest­ed, and law enforce­ment author­i­ties seized Bit­coins val­ued at $1 mil­lion, along with gold, cash and drugs, accord­ing to Troels Oert­ing, who heads Europol’s cyber­crime cen­ter. The inves­ti­ga­tion had been under­way for months as the ille­gal online mar­ket “mush­roomed,” Mr. Oert­ing said.

    The inter­na­tion­al effort was “the largest law enforce­ment action to date against crim­i­nal web­sites oper­at­ing on the Tor net­work,” said Preet Bharara, the Unit­ed States attor­ney in Man­hat­tan, whose office announced the oper­a­tion on Fri­day. “As ille­gal activ­i­ty online becomes more preva­lent,” he added, “crim­i­nals can no longer expect that they can hide in the shad­ows of the ‘dark web.’ ”

    On Thurs­day, Mr. Bharara’s office announced charges against a Cal­i­for­nia man, Blake Ben­thall, 26, who was arrest­ed the pre­vi­ous day in San Fran­cis­co and charged with nar­cotics traf­fick­ing, mon­ey laun­der­ing and hack­ing con­spir­a­cies in con­nec­tion with his oper­a­tion of Silk Road 2.0. That site, the author­i­ties said, was the suc­ces­sor to the orig­i­nal Silk Road web­site and iden­ti­cal in oper­a­tion.

    As recent­ly as Oct. 29, Silk Road 2.0 was “dom­i­nat­ed by offer­ings for ille­gal nar­cotics,” with 14,024 list­ings for “Drugs,” includ­ing 1,654 for “Psy­che­delics” and 1,921 for “Ecsta­sy,” accord­ing to a fed­er­al com­plaint. The web­site recent­ly had about 150,000 month­ly active users, gen­er­at­ing at least $8 mil­lion in month­ly sales and $400,000 in month­ly com­mis­sions, the author­i­ties said.

    The oper­a­tion was led by Amer­i­can law enforce­ment agen­cies — the Fed­er­al Bureau of Inves­ti­ga­tion and Home­land Secu­ri­ty Inves­ti­ga­tions — and coor­di­nat­ed by Europol in the var­i­ous Euro­pean coun­tries. The raids start­ed on Wednes­day, with Mr. Benthall’s arrest, and con­tin­ued through Fri­day in a broad sweep.

    Raids took place across Europe, includ­ing France, Ger­many, Spain, Britain and Ire­land. Mr. Bharara’s office cit­ed the coop­er­a­tion of those coun­tries, as well as Bul­gar­ia, the Czech Repub­lic, Fin­land, Hun­gary, Latvia, Lithua­nia, Lux­em­bourg, the Nether­lands, Roma­nia, Swe­den and Switzer­land.

    Mr. Oert­ing declined to say how the author­i­ties had cracked the dark web­sites despite the sites’ use of anony­mous soft­ware. But the inves­ti­ga­tion appears to have been full of intrigue.

    An under­cov­er Home­land Secu­ri­ty agent “suc­cess­ful­ly infil­trat­ed the sup­port staff involved in run­ning” Silk Road 2.0, was pro­vid­ed access to its pri­vate areas and “reg­u­lar­ly inter­act­ed direct­ly” with Mr. Ben­thall, who used the screen name Def­con, accord­ing to the com­plaint, which was filed in fed­er­al court in Man­hat­tan.

    The agent even became a paid staff mem­ber of Silk Road 2.0, and since Jan­u­ary received reg­u­lar pay­ments in Bit­coins total­ing about $32,000, accord­ing to the com­plaint.

    The Tor brows­er, orig­i­nal­ly devel­oped by the Unit­ed States Naval Research Lab­o­ra­to­ry, is an open source project that per­mits peo­ple to use the Inter­net with­out reveal­ing their loca­tion. It is used not only for crim­i­nal activ­i­ties but by whis­tle-blow­ers and activists seek­ing to avoid detec­tion.

    Users of Tor, an acronym for the onion router for its lay­ers of encryp­tion, need spe­cial soft­ware.

    Mr. Bharara’s office said Fri­day that the broad oper­a­tion against the “dark mar­ket” sites involved the seizure of more than 400 Tor web address­es and the servers host­ing them. The tar­get­ed web­sites includ­ed some designed to mim­ic con­ven­tion­al online retail giants, even down to offer­ing a sys­tem to review and rate the qual­i­ty of ser­vice.

    “The busi­ness mod­el is to cre­ate web stores on these hid­den ser­vices and then use the nor­mal trans­port to deliv­er it,” Mr. Oert­ing said.

    ...

    While a strong case can be made that the shut­down of these Dark Web sites is just an exten­sion of a dam­ag­ing Drug War that should­n’t exist in the first place, that’s cer­tain­ly not the nature of all of the activ­i­ties on those sites. Still, it’s worth not­ing that Tor cre­ator Roger Din­gle­dine told reporters that that TOR offi­cial­ly does not con­done using Tor for any ille­gal activ­i­ties:

    ‘Dark Web’ Drug Site Chal­lenge Law Enforce­ment
    SAN FRANCISCO — Nov 7, 2014, 5:48 PM ET
    By PAUL ELIAS and TOBY STERLING Asso­ci­at­ed Press

    No soon­er had author­i­ties announced the shut­ter­ing of an alleged ille­gal online drug bazaar than anoth­er popped up claim­ing to take its place.

    Wel­come to the “dark Web,” an increas­ing­ly pop­u­lar cor­ner of the Inter­net where thou­sands of com­put­er users from around the globe inter­act anony­mous­ly — and, in many cas­es, ille­gal­ly.

    On Thurs­day, the U.S. Depart­ment of Jus­tice charged a 26-year-old San Fran­cis­co man with oper­at­ing Silk Road 2.0, an anony­mous web­site that author­i­ties say rang up $8 mil­lion in month­ly drug sales.

    On Fri­day, an under­ground web­site call­ing itself Silk Road 3.0 Reloaded claimed to be open for busi­ness on the TOR net­work, which is linked glob­al­ly through spe­cial browsers that encrypt Inter­net traf­fic. Sev­er­al oth­er web­sites on the TOR net­work also claimed to be open for drug trans­ac­tions.

    ...

    “As long as the dark Web exists, there will always be peo­ple who set up places to engage in wrong­do­ing,” said Joseph DeMar­co, a defense attor­ney and for­mer fed­er­al pros­e­cu­tor who head­ed the com­put­er crimes sec­tion of the U.S. attor­ney’s office in New York. DeMar­co said he was skep­ti­cal that a sin­gle “glob­al solu­tion” would be found to stop ille­gal activ­i­ty on the TOR net­work.

    “There will always be an arms race between the bad guys and law enforce­ment,” DeMar­co said.

    Those who cre­at­ed and sup­port the TOR net­work say it’s a way to pro­tect online users’ pri­va­cy in the dig­i­tal age. TOR boasts that none of its web­sites will appear in Google search.

    “TOR was cre­at­ed to pro­tect peo­ple’s pri­va­cy and anonymi­ty, and we don’t con­done its use for these ille­gal activ­i­ties,” said Roger Din­gle­dine, who co-cre­at­ed the TOR net­work orig­i­nal­ly for the U.S. Navy.

    But inves­ti­ga­tors around the globe say the net­work is also a place of fla­grant and prof­li­gate ille­gal activ­i­ty of all sorts — from pros­ti­tu­tion to arms traf­fick­ing — and they vow to crack down.

    “Under­ground web­sites such as Silk Road and Silk Road 2.0 are like the Wild West of the Inter­net, where crim­i­nals can anony­mous­ly buy and sell all things ille­gal,” said Home­land Secu­ri­ty Inves­ti­ga­tions Exec­u­tive Asso­ciate Direc­tor Peter Edge.

    ...

    As we can see, with Silk Road 3.0 already online the age of the end­less Dark Web whack-a-mole is upon us. Putting aside the like­li­hood that this ends up being an end­less cat and mouse game between law enforce­ment agen­cies and the inter­net user and putting aside the point­less­ness of the Drug War, it will be inter­est­ing to see how the Tor com­mu­ni­ty itself deals with the worst Tor abus­es. Espe­cial­ly since, con­trary to Roger Din­gledine’s claims that Tor does­n’t con­done ille­gal activ­i­ty, the whole Tor project basi­cal­ly requires it:

    Pan­do Dai­ly
    Almost every­one involved in devel­op­ing Tor was (or is) fund­ed by the US gov­ern­ment

    By Yasha Levine
    On July 16, 2014

    “The Unit­ed States gov­ern­ment can’t sim­ply run an anonymi­ty sys­tem for every­body and then use it them­selves only. Because then every time a con­nec­tion came from it peo­ple would say, “Oh, it’s anoth­er CIA agent.” If those are the only peo­ple using the net­work.”

    —Roger Din­gle­dine, co-founder of the Tor Net­work, 2004

    In ear­ly July, hack­er Jacob Appel­baum and two oth­er secu­ri­ty experts pub­lished a block­buster sto­ry in con­junc­tion with the Ger­man press. They had obtained leaked top secret NSA doc­u­ments and source code show­ing that the sur­veil­lance agency had tar­get­ed and poten­tial­ly pen­e­trat­ed the Tor Net­work, a wide­ly used pri­va­cy tool con­sid­ered to be the holy grail of online anonymi­ty.

    Inter­net pri­va­cy activists and orga­ni­za­tions react­ed to the news with shock. For the past decade, they had been pro­mot­ing Tor as a scrap­py but extreme­ly effec­tive grass­roots tech­nol­o­gy that can pro­tect jour­nal­ists, dis­si­dents and whistle­blow­ers from pow­er­ful gov­ern­ment forces that want to track their every move online. It was sup­posed to be the best tool out there. Tor’s been an inte­gral part of EFF’s “Sur­veil­lance Self-Defense” pri­va­cy toolk­it. Edward Snow­den is appar­ent­ly a big fan, and so is Glenn Green­wald, who says it “allows peo­ple to surf with­out gov­ern­ments or secret ser­vices being able to mon­i­tor them.”

    But the Ger­man exposé showed Tor pro­vid­ing the oppo­site of anonymi­ty: it sin­gled out users for total NSA sur­veil­lance, poten­tial­ly suck­ing up and record­ing every­thing they did online.

    To many in the pri­va­cy com­mu­ni­ty, the NSA’s attack on Tor was tan­ta­mount to high trea­son: a fas­cist vio­la­tion of a fun­da­men­tal and sacred human right to pri­va­cy and free speech.

    The Elec­tron­ic Fron­tier Foun­da­tion believes Tor to be “essen­tial to free­dom of expres­sion.” Appel­baum — a Wik­ileaks vol­un­teer and Tor devel­op­er — con­sid­ers vol­un­teer­ing for Tor to be a valiant act on par with Hem­ing­way or Orwell “going to Spain to fight the Fran­co fas­cists” on the side of anar­chist rev­o­lu­tion­ar­ies.

    It’s a nice sto­ry, pit­ting scrap­py tech­no-anar­chists against the all-pow­er­ful US Impe­r­i­al machine. But the facts about Tor are not as clear cut or sim­ple as these folks make them out to be…

    Let’s start with the basics: Tor was devel­oped, built and financed by the US mil­i­tary-sur­veil­lance com­plex. Tor’s orig­i­nal — and cur­rent — pur­pose is to cloak the online iden­ti­ty of gov­ern­ment agents and infor­mants while they are in the field: gath­er­ing intel­li­gence, set­ting up sting oper­a­tions, giv­ing human intel­li­gence assets a way to report back to their han­dlers — that kind of thing. This infor­ma­tion is out there, but it’s not very well known, and it’s cer­tain­ly not empha­sized by those who pro­mote it.

    Peek under Tor’s hood, and you quick­ly real­ize that just every­body involved in devel­op­ing Tor tech­nol­o­gy has been and/or still is fund­ed by the Pen­ta­gon or relat­ed arm of the US empire. That includes Roger Din­gle­dine, who brought the tech­nol­o­gy to life under a series of mil­i­tary and fed­er­al gov­ern­ment con­tracts. Din­gle­dine even spent a sum­mer work­ing at the NSA.

    If you read the fine print on Tor’s web­site, you’ll see that Tor is still very much in active use by the US gov­ern­ment:

    “A branch of the U.S. Navy uses Tor for open source intel­li­gence gath­er­ing, and one of its teams used Tor while deployed in the Mid­dle East recent­ly. Law enforce­ment uses Tor for vis­it­ing or sur­veilling web sites with­out leav­ing gov­ern­ment IP address­es in their web logs, and for secu­ri­ty dur­ing sting oper­a­tions.”

    NSA? DoD? U.S. Navy? Police sur­veil­lance? What the hell is going on? How is it pos­si­ble that a pri­va­cy tool was cre­at­ed by the same mil­i­tary and intel­li­gence agen­cies that it’s sup­posed to guard us against? Is it a ruse? A sham? A hon­ey­trap? Maybe I’m just being too para­noid…

    Unfor­tu­nate­ly, this is not a tin­foil hat con­spir­a­cy the­o­ry. It is cold hard fact.

    Brief his­to­ry of Tor

    The ori­gins of Tor go back to 1995, when mil­i­tary sci­en­tists at the Naval Research Lab­o­ra­to­ry began devel­op­ing cloak­ing tech­nol­o­gy that would pre­vent someone’s activ­i­ty on the Inter­net from being traced back to them. They called it “onion rout­ing” — a method redi­rect­ing traf­fic into a par­al­lel peer-to-peer net­work and bounc­ing it around ran­dom­ly before send­ing it off to its final des­ti­na­tion. The idea was to move it around so as to con­fuse and dis­con­nect its ori­gin and des­ti­na­tion, and make it impos­si­ble for some­one to observe who you are or where you’re going on the Inter­net.

    Onion rout­ing was like a hus­tler play­ing the three-card monte with your traf­fic: the guy try­ing to spy on you could watch it going under one card, but he nev­er knew where it would come out.

    The tech­nol­o­gy was fund­ed by the Office of Naval Research and DARPA. Ear­ly devel­op­ment was spear­head­ed byPaul Syver­son, Michael Reed and David Gold­schlag — all mil­i­tary math­e­mati­cians and com­put­er sys­tems researchers work­ing for the Naval Research Lab­o­ra­to­ry, sit­ting inside the mas­sive Joint Base Ana­cos­tia-Bolling mil­i­tary base in South­east Wash­ing­ton, D.C.

    The orig­i­nal goal of onion rout­ing wasn’t to pro­tect pri­va­cy — or at least not in the way most peo­ple think of “pri­va­cy.” The goal was to allow intel­li­gence and mil­i­tary per­son­nel to work online under­cov­er with­out fear of being unmasked by some­one mon­i­tor­ing their Inter­net activ­i­ty.

    “As mil­i­tary grade com­mu­ni­ca­tion devices increas­ing­ly depend on the pub­lic com­mu­ni­ca­tions infra­struc­ture, it is impor­tant to use that infra­struc­ture in ways that are resis­tant to traf­fic analy­sis. It may also be use­ful to com­mu­ni­cate anony­mous­ly, for exam­ple when gath­er­ing intel­li­gence from pub­lic data­bas­es,” explained a 1997 paper out­lin­ing an ear­ly ver­sion of onion rout­ing that was pub­lished in the Naval Research Labs Review.

    In the 90s, as pub­lic Inter­net use and infra­struc­ture grew and mul­ti­plied, spooks need­ed to fig­ure out a way to hide their iden­ti­ty in plain sight online. An under­cov­er spook sit­ting in a hotel room in a hos­tile coun­try some­where couldn’t sim­ply dial up CIA.gov on his brows­er and log in — any­one sniff­ing his con­nec­tion would know who he was. Nor could a mil­i­tary intel agent infil­trate a poten­tial ter­ror­ist group mas­querad­ing as an online ani­mal rights forum if he had to cre­ate an account and log in from an army base IP address.

    That’s where onion rout­ing came in. As Michael Reed, one of the inven­tors of onion rout­ing, explained: pro­vid­ing cov­er for mil­i­tary and intel­li­gence oper­a­tions online was their pri­ma­ry objec­tive; every­thing else was sec­ondary:

    The orig­i­nal *QUESTION* posed that led to the inven­tion of Onion Rout­ing was, “Can we build a sys­tem that allows for bi-direc­tion­al com­mu­ni­ca­tions over the Inter­net where the source and des­ti­na­tion can­not be deter­mined by a mid-point?” The *PURPOSE* was for DoD / Intel­li­gence usage (open source intel­li­gence gath­er­ing, cov­er­ing of for­ward deployed assets, what­ev­er). Not help­ing dis­si­dents in repres­sive coun­tries. Not assist­ing crim­i­nals in cov­er­ing their elec­tron­ic tracks. Not help­ing bit-tor­rent users avoid MPAA/RIAA pros­e­cu­tion. Not giv­ing a 10 year old a way to bypass an anti-porn fil­ter. Of course, we knew those would be oth­er unavoid­able uses for the tech­nol­o­gy, but that was imma­te­r­i­al to the prob­lem at hand we were try­ing to solve (and if those uses were going to give us more cov­er traf­fic to bet­ter hide what we want­ed to use the net­work for, all the better…I once told a flag offi­cer that much to his cha­grin).

    Appar­ent­ly solv­ing this prob­lem wasn’t very easy. Onion router research pro­gressed slow­ly, with sev­er­al ver­sions devel­oped and dis­card­ed. But in 2002, sev­en years after it began, the project moved into a dif­fer­ent and more active phase. Paul Syver­son from the Naval Research Lab­o­ra­to­ry stayed on the project, but two new guys fresh out­ta MIT grad school came on board: Roger Din­gle­dine and Nick Math­ew­son. They were not for­mal­ly employed by Naval Labs, but were on con­tract from DARPA and the U.S. Naval Research Laboratory’s Cen­ter for High Assur­ance Com­put­er Sys­tems. For the next sev­er­al years, the three of them worked on a new­er ver­sion of onion rout­ing that would lat­er become known as Tor.

    Very ear­ly on, researchers under­stood that just design­ing a sys­tem that only tech­ni­cal­ly anonymizes traf­fic is not enough — not if the sys­tem is used exclu­sive­ly by mil­i­tary and intel­li­gence. In order to cloak spooks bet­ter, Tor need­ed to be used by a diverse group of peo­ple: Activists, stu­dents, cor­po­rate researchers, soc­cer moms, jour­nal­ists, drug deal­ers, hack­ers, child pornog­ra­phers, for­eign agents, ter­ror­ists — the more diverse the group that spooks could hide in the crowd in plain sight.

    Tor also need­ed to be moved off site and dis­as­so­ci­at­ed from Naval research. As Syver­son told Bloomberg in Jan­u­ary 2014: “If you have a sys­tem that’s only a Navy sys­tem, any­thing pop­ping out of it is obvi­ous­ly from the Navy. You need to have a net­work that car­ries traf­fic for oth­er peo­ple as well.”

    Din­gle­dine said the same thing a decade ear­li­er at the 2004 Wiz­ards of OS con­fer­ence in Ger­many:

    “The Unit­ed States gov­ern­ment can’t sim­ply run an anonymi­ty sys­tem for every­body and then use it them­selves only. Because then every time a con­nec­tion came from it peo­ple would say, ‘Oh, it’s anoth­er CIA agent.’ If those are the only peo­ple using the net­work.”

    The con­sumer ver­sion of Tor would be mar­ket­ed to every­one and — equal­ly impor­tant — would even­tu­al­ly allow any­one to run a Tor node/relay, even from their desk­top com­put­er. The idea was to cre­ate a mas­sive crowd­sourced tor­rent-style net­work made up from thou­sands of vol­un­teers all across the world.

    At the very end of 2004, with Tor tech­nol­o­gy final­ly ready for deploy­ment, the US Navy cut most of its Tor fund­ing, released it under an open source license and, odd­ly, the project was hand­ed over to the Elec­tron­ic Fron­tier Foun­da­tion.

    ...

    Yes, as we can see, while Roger Din­gle­dine may state that “TOR was cre­at­ed to pro­tect peo­ple’s pri­va­cy and anonymi­ty, and we don’t con­done its use for these ille­gal activ­i­ties,” it’s also pret­ty clear that Tor’s devel­op­ers rec­og­nized that those non-con­dones activ­i­ties are required for Tor to be tru­ly anonymiz­ing for the real pur­pose Tor was devel­oped by the US gov­ern­ment (giv­ing spooks a means of com­mu­ni­cat­ing anony­mous­ly). That ille­gal activ­i­ty is the haystack that the spooky nee­dles need to hide. And, at the same time, a third of the Dark Web just got shut down even though it relies the anonymiz­ing tool cham­pi­oned by Edward Snow­den and Jacob Appel­baum (him­self a Tor devel­op­er) that’s sup­posed to allow these sites to oper­ate in an untrace­able man­ner. Have fun peel­ing that onion.

    Posted by Pterrafractyl | November 8, 2014, 8:57 pm
  3. Let’s hope there’s some sort of hor­ri­ble flaw in this study, giv­en the hor­ri­ble find­ings:

    Wired
    Over 80 Per­cent of Dark-Web Vis­its Relate to Pedophil­ia, Study Finds

    By Andy Green­berg
    12.30.14 | 12:30 pm

    The mys­te­ri­ous cor­ner of the Inter­net known as the Dark Web is designed to defy all attempts to iden­ti­fy its inhab­i­tants. But one group of researchers has attempt­ed to shed new light on what those users are doing under the cov­er of anonymi­ty. Their find­ings indi­cate that an over­whelm­ing major­i­ty of their traf­fic is dri­ven by the Dark Web’s dark­est activ­i­ty: the sex­u­al abuse of chil­dren.

    At the Chaos Com­put­er Con­gress in Ham­burg, Ger­many today, Uni­ver­si­ty of Portsmouth com­put­er sci­ence researcher Gareth Owen will present the results of a six-month probe of the web’s col­lec­tion of Tor hid­den ser­vices, which include the stealthy web­sites that make up the largest chunk of the Dark Web. The study paints an ugly por­trait of that Inter­net under­ground: drug forums and con­tra­band mar­kets are the largest sin­gle cat­e­go­ry of sites hid­den under Tor’s pro­tec­tion, but traf­fic to them is dwarfed by vis­its to child abuse sites. More than four out of five Tor hid­den ser­vices site vis­its were to online des­ti­na­tions with pedophil­ia mate­ri­als, accord­ing to Owen’s study. That’s over five times as many as any of the oth­er cat­e­gories of con­tent that he and his researchers found in their Dark Web sur­vey, such as gam­bling, bit­coin-relat­ed sites or anony­mous whis­tle-blow­ing.

    The researchers’ dis­turb­ing sta­tis­tics could raise doubts among even the staunchest defend­ers of the Dark Web as a haven for pri­va­cy. “Before we did this study, it was cer­tain­ly my view that the dark net is a good thing,” says Owen. “But it’s ham­per­ing the rights of chil­dren and cre­at­ing a place where pedophiles can act with impuni­ty.”

    Pre­cise­ly mea­sur­ing any­thing on the Dark Web isn’t easy, and the study’s find­ings leave some room for dis­pute. The cre­ators of Tor known as the Tor Project respond­ed to a request for com­ment from WIRED with a list of alter­na­tive fac­tors that could have skewed its results. Law enforce­ment and anti-abuse groups patrol pedophil­ia Dark Web sites to mea­sure and track them, for instance, which can count as a “vis­it.” In some cas­es, hack­ers may have launched denial of ser­vice attacks against the sites with the aim of tak­ing them offline with a flood of fraud­u­lent vis­its. Unsta­ble sites that fre­quent­ly go offline might gen­er­ate more vis­it counts. And sites vis­it­ed through the tool Tor2Web, which is designed to make Tor hid­den ser­vices more acces­si­ble to non-anony­mous users, would be under­rep­re­sent­ed. All those fac­tors might arti­fi­cial­ly inflate the num­ber of vis­its to child abuse sites mea­sured by the Uni­ver­si­ty of Portsmouth researchers.1

    “We do not know the cause of the high hit count [to child abuse sites] and can­not say with any cer­tain­ty that it cor­re­sponds with humans,” Owen admit­ted in a response to the Tor Project shared with WIRED, adding that “cau­tion is advised” when draw­ing con­clu­sions about the study’s results.

    Tor exec­u­tive direc­tor Roger Din­gle­dine fol­lowed up in a state­ment to WIRED point­ing out that Tor hid­den ser­vices rep­re­sent only 2 per­cent of total traf­fic over Tor’s anonymiz­ing net­work. He defend­ed Tor hid­den ser­vices’ pri­va­cy fea­tures. “There are impor­tant uses for hid­den ser­vices, such as when human rights activists use them to access Face­book or to blog anony­mous­ly,”. he wrote, refer­ring to Facebook’s launch of its own hid­den ser­vice in Octo­ber. “These uses for hid­den ser­vices are new and have great poten­tial.”

    Here’s how the Portsmouth Uni­ver­si­ty study worked: From March until Sep­tem­ber of this year, the research group ran 40 “relay” com­put­ers in the Tor net­work, the col­lec­tion of thou­sands of vol­un­teer machines that bounce users’ encrypt­ed traf­fic through hops around the world to obscure its ori­gin and des­ti­na­tion. These relays allowed them to assem­ble an unprece­dent­ed col­lec­tion of data about the total num­ber of Tor hid­den ser­vices online—about 45,000 at any giv­en time—and how much traf­fic flowed to them. They then used a cus­tom web-crawl­ing pro­gram to vis­it each of the sites they’d found and clas­si­fy them by con­tent.

    The researchers found that a major­i­ty of Tor hid­den ser­vice traffic—the traf­fic to the 40 most vis­it­ed sites, in fact—were actu­al­ly com­mu­ni­ca­tions from “bot­net” com­put­ers infect­ed with mal­ware seek­ing instruc­tions from a hack­er-con­trolled serv­er run­ning Tor. Most of those mal­ware con­trol servers were offline, rem­nants of defunct mal­ware schemes like the Skynet bot­net whose alleged oper­a­tor was arrest­ed last year.

    But take out that auto­mat­ed mal­ware traf­fic, and 83 per­cent of the remain­ing vis­its to Tor hid­den ser­vice web­sites sought sites that Owen’s team clas­si­fied as relat­ed to child abuse. Most of the sites were so explic­it as to include the pre­fix “pedo” in their name. (Owen asked that WIRED not name the sites for fear of dri­ving more vis­i­tors to them.) The researchers’ auto­mat­ed web crawler down­loaded only text, not pic­tures, to avoid any ille­gal pos­ses­sion of child porno­graph­ic images or video. “It came as a huge shock to us,” Owen says of his find­ings. “I don’t think any­one imag­ined it was on this scale.”

    Despite their pop­u­lar­i­ty on the Tor net­work, child abuse sites rep­re­sent only about 2 per­cent of Tor hid­den ser­vice web­sites—just a small num­ber of pedophil­ia sites account for the major­i­ty of Dark Web http traf­fic, accord­ing to the study. Drug-relat­ed sites and mar­kets like the now-defunct Silk Road 2, Ago­ra or Evo­lu­tion rep­re­sent­ed a total of about 24 per­cent of the sites mea­sured in the study, by con­trast. But vis­its to those sites account­ed for only about 5 per­cent of site requests on the Tor net­work, by the researchers’ count. Whistle­blow­er sites like Secure­Drop and Glob­aleaks, which allow anony­mous users to upload sen­si­tive doc­u­ments to news orga­ni­za­tions, account­ed for 5 per­cent of Tor hid­den ser­vice sites, but less than a tenth of a per­cent of site vis­its.

    The study also found that the vast major­i­ty of Tor hid­den ser­vices per­sist online for only a mat­ter of days or weeks. Less than one in six of the hid­den ser­vices that was online when Owen’s study began remained online at the end of it. Since the study only attempt­ed to clas­si­fy sites by con­tent at the end of its six month probe, Tor direc­tor Roger Din­gle­dine points out that it could over-rep­re­sent child abuse sites that remained online longer than oth­er types of sites. “[The study] could either show a lot of peo­ple vis­it­ing abuse-relat­ed hid­den ser­vices, or it could sim­ply show that abuse-relat­ed hid­den ser­vices are more long-lived than oth­ers,” he writes. “We can’t tell from the data.”

    The Study Rais­es the Ques­tion: How Dark Is The Dark Web?

    Oth­er defend­ers of the Tor network’s impor­tance as an alter­na­tive to the pub­lic, pri­va­cy-threat­ened Web will no doubt bris­tle at Owen’s find­ings. But even aside from the Tor Project’s argu­ments about why the study’s find­ings may be skewed, its results don’t nec­es­sar­i­ly sug­gest that Tor is over­whelm­ing­ly used for child abuse. What they may instead show is that Tor users who seek child abuse mate­ri­als use Tor much more often and vis­it sites much more fre­quent­ly than those seek­ing to buy drugs or leak sen­si­tive doc­u­ments to a jour­nal­ist.

    Nonethe­less, the study rais­es new ques­tions about the dark­est sub­cul­tures of the Dark Web and law enforcement’s response to them. In Novem­ber, the FBI and Europol staged a mas­sive bust of Tor hid­den ser­vices that includ­ed dozens of drug and mon­ey laun­der­ing sites, includ­ing three of the six most pop­u­lar anony­mous online drug mar­kets. The take­downs occurred after Owen’s study con­clud­ed, so he doesn’t know which of the pedophil­ia sites he mea­sured may have been caught in that drag­net. None of the site take­downs trum­pet­ed in the FBI and Europol press releas­es men­tioned pedophil­ia sites, nor did an analy­sis of the seizures by secu­ri­ty researcher Nik Cubrilovic lat­er that month.

    In his Chaos Com­put­er Con­gress talk, Owen also plans to present meth­ods that could be used to block access to cer­tain Tor hid­den ser­vices. A cer­tain num­ber of care­ful­ly con­fig­ured Tor relays, he says, could be used to alter the “dis­trib­uted hash table” that acts as a direc­to­ry for Tor hid­den ser­vices. That method could block access to a child abuse hid­den ser­vice, for instance, though Owen says it would require 18 new relays to be added to the Tor net­work to block any sin­gle site. And he was care­ful to note that he’s mere­ly intro­duc­ing the pos­si­bil­i­ty of that con­tro­ver­sial block­ing mea­sure, not actu­al­ly sug­gest­ing it. One of Tor’s cen­tral pur­pos­es, after all, is to evade cen­sor­ship, not enable it.

    ...

    So it sounds like there at least might be a way for the Tor user com­mu­ni­ty to block these ser­vices.

    Will such meth­ods get used? Well, that will prob­a­bly depend on the lead­er­ship of the Tor devel­op­er com­mu­ni­ty. Good luck with that...

    Posted by Pterrafractyl | January 1, 2015, 1:29 pm
  4. Well, here’s an exam­ple of “ran­somware” black­mail­ers actu­al­ly con­vert their ill-got­ten bit­coins into actu­al cash: they used the tra­di­tion­al finan­cial sys­tem and its tra­di­tion­al ser­vices. Ser­vices like look­ing the oth­er while while you engage in bla­tant mon­ey-laun­der­ing:

    Cred­it Union Times
    New Jer­sey Cred­it Union Tied to Ille­gal Bit­coin Scheme
    By Peter Stroz­ni­ak
    July 22, 2015

    New York fed­er­al pros­e­cu­tors arrest­ed two Flori­da men Tues­day who alleged­ly ran a pho­ny com­pa­ny and con­trolled a New Jer­sey fed­er­al cred­it union to oper­ate an unli­censed Inter­net Bit­coin exchange scheme for the pur­pose of laun­der­ing mon­ey for crim­i­nals.

    Since late 2013, Antho­ny R. Mur­gio, 31, of Tam­pa and Yuri Lebe­dev, 37, of Jack­sonville, oper­at­ed Coin.mx, a Bit­coin exchange ser­vice, which vio­lat­ed fed­er­al anti-mon­ey laun­der­ing laws. Through Coin.mx, Mur­gio and Lebe­dev enabled their cus­tomers to exchange cash for Bit­coins, charg­ing a fee for their ser­vice.

    Fed­er­al pros­e­cu­tors alleged that the two men exchanged cash for peo­ple whom they believed might be engag­ing in crim­i­nal activ­i­ty.

    In late 2014, Mur­gio obtained “ben­e­fi­cial con­trol” of a small New Jer­sey fed­er­al cred­it union, which was pro­cess­ing more than $30 mil­lion a month, to process ACH trans­ac­tions, accord­ing to court doc­u­ments.

    Mur­gio man­aged his con­trol over the cred­it union by mak­ing a pay­ment to a senior exec­u­tive and installing indi­vid­u­als close to him, includ­ing Lebe­dev, on the cred­it union’s board of direc­tors.

    ...

    Fed­er­al pros­e­cu­tors did not name the cred­it union.

    Court doc­u­ments also show the exec­u­tive was becom­ing wor­ried about the “tap danc­ing” he and oth­ers were doing to avoid rais­ing con­cern among fed­er­al reg­u­la­tors about the pay­ment process activ­i­ty that Mur­gio and oth­ers were con­duct­ing through the coop­er­a­tive.

    “We can’t cer­ti­fy that all the peo­ple we let [pass] mon­ey through this cred­it union…..weren’t doing some­thing ille­gal­ly with the mon­ey,” the exec­u­tive wrote in an email to Mur­gio.

    The exec­u­tive also acknowl­edged that the cred­it union had not per­formed appro­pri­ate Bank Secre­cy Act pro­ce­dures and, as a result, the cred­it union’s account may have been used for mon­ey laun­der­ing and oth­er crimes.

    Although the NCUA learned the cred­it union was pro­cess­ing more than $30 mil­lion a month in ACH trans­ac­tions, court doc­u­ments do not say when it forced the New Jer­sey coop­er­a­tive to stop pro­cess­ing the ACH trans­ac­tions. The NCUA also required the cred­it union to remove the new board mem­bers.

    How­ev­er, Mur­gio found oth­er ways to process pay­ments for Coin.mx – pri­mar­i­ly through an over­seas pay­ments proces­sor.

    Mur­gio and Lebe­dev also alleged­ly exchanged cash for Bit­coins for vic­tims of “ran­somware” attacks. Crim­i­nals use ran­somware known as Cryp­towall to elec­tron­i­cal­ly block access to a victim’s com­put­er sys­tem until ran­som mon­ey, typ­i­cal­ly in Bit­coins, is paid to them.

    From Octo­ber 2013 to Jan­u­ary 2015, Coin.mx exchanged at least $1.8 mil­lion for Bit­coins on behalf of tens of thou­sands of cus­tomers. In addi­tion, in the course of the scheme, Mur­gio also trans­ferred hun­dreds of thou­sands of dol­lars to bank accounts in Cyprus, Hong Kong and East­ern Europe, and received hun­dreds of thou­sands of dol­lars from bank accounts in Cyprus and the British Vir­gin Islands, fed­er­al pros­e­cu­tors alleged.

    What’s more, Mur­gio and Lebe­dev man­aged to evade detec­tion of their scheme by oper­at­ing through a pho­ny front-com­pa­ny called the Col­lec­tables Club, which also main­tained a cor­re­spond­ing fake web­site.

    Fed­er­al pros­e­cu­tors alleged the Flori­da men ran the bogus busi­ness to trick two major finan­cial insti­tu­tions to open bank accounts under the Col­lec­tables Club.

    Mur­gio and Lebe­dev con­vinced bank offi­cials to believe that the Bit­coin exchange was sim­ply a mem­bers-only asso­ci­a­tion of indi­vid­u­als who dis­cussed, bought and sold col­lec­table items, such as sports mem­o­ra­bil­ia, and that the accounts would be used to deposit mem­ber­ship dues and ser­vice fees.

    How­ev­er, accord­ing to court doc­u­ments, the bank accounts were used to oper­ate Coin.mx. From Sep­tem­ber 2013 to mid-2014, Mur­gio and Lebe­dev exchanged more than $1 mil­lion for Bit­coins on behalf of Coin.mx cus­tomers.

    The Col­lec­tables Club account records show thou­sands of incom­ing deposits in vary­ing amounts from indi­vid­u­als, some of whom in wire trans­fer instruc­tions not­ed that their pay­ment was for Bit­coins. Addi­tion­al­ly, the bank records also showed numer­ous pay­ments were made to enti­ties that sell Bit­coins in exchange for U.S. dol­lars and oth­er cur­ren­cy.

    The banks were not iden­ti­fied in court doc­u­ments.

    Mur­gio and Lebe­dev were each charged with one count of con­spir­a­cy to oper­ate an unli­censed mon­ey trans­mit­ting busi­ness, and one count of oper­at­ing an unli­censed mon­ey trans­mit­ting busi­ness, each of which car­ries a max­i­mum sen­tence of five years in prison.

    In addi­tion, Mur­gio was also charged with one count of mon­ey laun­der­ing, which car­ries a max­i­mum sen­tence of 20 years in prison and one count of will­ful fail­ure to file a sus­pi­cious activ­i­ty report, which car­ries a max­i­mum sen­tence of five years in prison, fed­er­al pros­e­cu­tors said.

    While it’s not clear, it appears that ran­somware vic­tims were going specif­i­cal­ly to this ser­vice to exchange cash for the bit­coins they need­ed to pay off the ran­som:

    ...
    Mur­gio and Lebe­dev also alleged­ly exchanged cash for Bit­coins for vic­tims of “ran­somware” attacks. Crim­i­nals use ran­somware known as Cryp­towall to elec­tron­i­cal­ly block access to a victim’s com­put­er sys­tem until ran­som mon­ey, typ­i­cal­ly in Bit­coins, is paid to them.

    From Octo­ber 2013 to Jan­u­ary 2015, Coin.mx exchanged at least $1.8 mil­lion for Bit­coins on behalf of tens of thou­sands of cus­tomers. In addi­tion, in the course of the scheme, Mur­gio also trans­ferred hun­dreds of thou­sands of dol­lars to bank accounts in Cyprus, Hong Kong and East­ern Europe, and received hun­dreds of thou­sands of dol­lars from bank accounts in Cyprus and the British Vir­gin Islands, fed­er­al pros­e­cu­tors alleged.
    ...

    So was this ser­vice almost act­ing like a laun­der­ing-ser­vice for ran­some­ware vic­tims that want­ed to keep their pay­ments qui­et too? If so, that cer­tain­ly rais­es ques­tions about the vol­ume of ran­somware crimes com­mit­ted, but you have to won­der how vic­tims would have known to such a ser­vice unless the ran­somers direct­ed them there (which would be extreme­ly high risk) or these ran­somware vic­tims are, them­selves, the types of indi­vid­u­als that just hap­pen to know where to go when you need laun­der your pur­chas­es of bit­coins (one group of cyber­crim­i­nals ran­som­ing anoth­er?).

    Either way, that sure sounds like the type of bank you do NOT want to find your­selve doing busi­ness with, although it’s unclear if the two banks that allowed the “Col­lec­tables Club” to set up bank accounts for addi­tion­al laun­der­ing-pur­pos­es were actu­al­ly going to be pun­ished. So it’s prob­a­bly ok if you find your­self doing busi­ness with a bank like that...assum­ing you’re also a bank. It’s one of the fun quirks of mon­ey-laun­der­ing!

    ...
    What’s more, Mur­gio and Lebe­dev man­aged to evade detec­tion of their scheme by oper­at­ing through a pho­ny front-com­pa­ny called the Col­lec­tables Club, which also main­tained a cor­re­spond­ing fake web­site.

    Fed­er­al pros­e­cu­tors alleged the Flori­da men ran the bogus busi­ness to trick two major finan­cial insti­tu­tions to open bank accounts under the Col­lec­tables Club.

    Mur­gio and Lebe­dev con­vinced bank offi­cials to believe that the Bit­coin exchange was sim­ply a mem­bers-only asso­ci­a­tion of indi­vid­u­als who dis­cussed, bought and sold col­lec­table items, such as sports mem­o­ra­bil­ia, and that the accounts would be used to deposit mem­ber­ship dues and ser­vice fees.

    How­ev­er, accord­ing to court doc­u­ments, the bank accounts were used to oper­ate Coin.mx. From Sep­tem­ber 2013 to mid-2014, Mur­gio and Lebe­dev exchanged more than $1 mil­lion for Bit­coins on behalf of Coin.mx cus­tomers.

    The Col­lec­tables Club account records show thou­sands of incom­ing deposits in vary­ing amounts from indi­vid­u­als, some of whom in wire trans­fer instruc­tions not­ed that their pay­ment was for Bit­coins. Addi­tion­al­ly, the bank records also showed numer­ous pay­ments were made to enti­ties that sell Bit­coins in exchange for U.S. dol­lars and oth­er cur­ren­cy.

    The banks were not iden­ti­fied in court doc­u­ments.
    ...

    “The Col­lec­tables Club account records show thou­sands of incom­ing deposits in vary­ing amounts from indi­vid­u­als, some of whom in wire trans­fer instruc­tions not­ed that their pay­ment was for Bit­coins. Addi­tion­al­ly, the bank records also showed numer­ous pay­ments were made to enti­ties that sell Bit­coins in exchange for U.S. dol­lars and oth­er cur­ren­cy”.

    Well, now we know there’s a open­ing in the mar­ket for bit­coin ran­somware mon­ey-laun­der­ing ser­vices which means a whole new round of “Col­lec­tables Club” are prob­a­bly on the way. Of course, those future “clubs” are going to have to be even sneaki­er at mask­ing their bit­coin-relat­ed activ­i­ties than “Col­lec­tables Club” if they want to avoid get­ting caught (not real­ly) and that means some­thing else col­lec­tors should keep in mind: the numis­mat­ic coin mar­ket might be in store for some unusu­al addi­tions.

    Posted by Pterrafractyl | July 23, 2015, 2:59 pm
  5. ISIS parks its cash in Bit­coin, experts say

    By Heather Nauert Pub­lished Novem­ber 25, 2015 FoxNews.com

    Facebook1346 Twitter0 livefyre2063 Email Print

    Bit­coin (vir­tu­al cur­ren­cy) coins are seen in an illus­tra­tion pic­ture tak­en at La Mai­son du Bit­coin in Paris, France, May 27, 2015.

    Bit­coin (vir­tu­al cur­ren­cy) coins are seen in an illus­tra­tion pic­ture tak­en at La Mai­son du Bit­coin in Paris, France, May 27, 2015. (REUTERS/Benoit Tessier )

    Just days after the hack­er group Anony­mous pledged to hunt down Islam­ic State mem­bers and launch cyber­at­tacks against their accounts, a sep­a­rate group of techies claims it has iden­ti­fied a key fund­ing avenue for the ter­ror net­work – bit­coin accounts.

    Ghost Secu­ri­ty Group, a col­lec­tive of com­put­er “hack­tivists,” says it has locat­ed sev­er­al bit­coin accounts that ISIS uses to fund oper­a­tions. One account con­tained $3 mil­lion worth of bit­coin, a Ghost­Sec mem­ber told Michael K. Smith II, a co-founder of Kro­nos Advi­so­ry, a nation­al secu­ri­ty advi­so­ry firm.

    Ghost­Sec “wants to make an impact in coun­tert­er­ror­ism,” Smith said, adding that the Ghost­Sec mem­ber reached out to him because gov­ern­ment offi­cials were not pay­ing close atten­tion to the alle­ga­tions.

    Relat­ed: Has Anony­mous’s war against ISIS been doing more harm than good?

    Smith said U.S. coun­tert­er­ror­ism offi­cials are con­cerned that ISIS is acquir­ing gold and using numer­ous finan­cial tools, includ­ing bit­coin, to tap into mar­kets. A Trea­sury Depart­ment spokesper­son said the agency couldn’t com­ment on accounts alleged­ly linked to ter­ror­ists unless the depart­ment has tak­en pub­lic action.

    But bit­coin – an unreg­u­lat­ed form of online cur­ren­cy that cir­cum­vents the tra­di­tion­al bank­ing sys­tem – is on the government’s radar, since it could serve as an ide­al place­hold­er for ter­ror­ist assets and pro­vide a way for ter­ror­ists to exchange mon­ey. The bit­coin web­site, bitcoin.org, describes the ease with which any­one can send and receive vir­tu­al funds:

    “Send­ing bit­coins across bor­ders is as easy as send­ing them across the street. There are no banks to make you wait three busi­ness days, no extra fees for mak­ing an inter­na­tion­al trans­fer, and no spe­cial lim­i­ta­tions on the min­i­mum or max­i­mum amount you can send.”

    Bit­coin is con­sid­ered the first world­wide, decen­tral­ized cur­ren­cy; it can be sent from per­son to per­son with­out the third-par­ty involve­ment of a finan­cial insti­tu­tion. Bit­coin accounts are set up with vir­tu­al mon­ey, but the dig­i­tal funds can be cashed in for real mon­ey or goods.

    Relat­ed: #Brus­sel­sLock­down request for social media black­out prompts flood of cat pic­tures

    A Ghost­Sec mem­ber said ISIS’ vir­tu­al cur­ren­cy amounts to between 1 per­cent and 3 per­cent of its total income – between $4.7 mil­lion and $15.6 mil­lion. The Trea­sury Depart­ment esti­mates that ISIS gen­er­ates between $468 mil­lion and $520 mil­lion annu­al­ly. The ter­ror group’s pri­ma­ry sources of rev­enue are rob­bery, extor­tion, oil sales, ran­som pay­ments and over­seas dona­tions, accord­ing to the Trea­sury Depart­ment.

    But it doesn’t take a for­tune to pull off a ter­ror attack. Even large-scale attacks can be rel­a­tive­ly inex­pen­sive. The 9/11 Com­mis­sion deter­mined that it cost between $400,000 and $500,000 to plan and car­ry out the Sep­tem­ber 11 attacks on New York and Wash­ing­ton.

    Ghost­Sec hack­ers insist the alleged ISIS bit­coin account was not linked to the Paris attacks, but they say it shows that ter­ror net­works have found a way to trans­fer assets with­out easy detec­tion.

    Relat­ed: Sony’s PlaySta­tion 4 could be ter­ror­ists’ com­mu­ni­ca­tion tool, experts warn

    “The bit­coin uni­verse is decen­tral­ized by design,” accord­ing to Juniper Research, a firm that iden­ti­fies online mar­ket trends. “They’re built by ran­dom play­ers around the world. They’re trans­ferred seam­less­ly via name­less dig­i­tal wal­lets.”

    Cyber­se­cu­ri­ty expert Mor­gan Wright, a senior fel­low at the Cen­ter for Dig­i­tal Gov­ern­ment, a nation­al research and advi­so­ry insti­tute on infor­ma­tion tech­nol­o­gy poli­cies, says ter­ror­ists are increas­ing­ly uti­liz­ing 21st cen­tu­ry tech­nol­o­gy to trans­fer assets and finance oper­a­tions

    “Ter­ror­ists need anonymi­ty,” Wright said. “Coun­tries have got­ten very good at track­ing ter­ror financ­ing in the years since 9/11. Net­works have looked for new ways to do it, and it appears they’ve found it in bit­coin.”

    Relat­ed: Anony­mous declares ‘war’ on ISIS, vows cyber­at­tacks

    Gov­ern­ment offi­cials have become increas­ing­ly con­cerned about these unreg­u­lat­ed finan­cial sys­tems, and the U.S. is start­ing to apply mon­ey laun­der­ing reg­u­la­tions to cyber cur­ren­cies. Firms that issue or exchange bit­coin are required to main­tain records and report trans­ac­tions of more than $10,000.

    Indi­vid­ual states, too, are pass­ing laws designed to reg­u­late bit­coin exchanges. New York recent­ly enact­ed a reg­u­la­to­ry frame­work, and Cal­i­for­nia will start gov­ern­ing the exchanges next year. “The U.S. gov­ern­ment is work­ing with a broad coali­tion of gov­ern­ments around the world to dis­rupt ISIL’s financ­ing and to sev­er its access to the inter­na­tion­al finan­cial sys­tem,” a Trea­sury Depart­ment offi­cial told Fox News.

    Relat­ed: Why dark­nets are murky recess­es of the hid­den Web

    But few for­eign nations, have spe­cif­ic reg­u­la­tions that gov­ern bit­coin use. The Euro­pean Com­mis­sion is expect­ed to release reg­u­la­tions by 2017 that would affect Euro­pean Union nations.

    Bit­coins, mean­while, are increas­ing­ly becom­ing main­stream. Fol­low­ing requests from donors and finan­cial advis­ers, Fideli­ty Invest­ments announced last week that its char­i­ta­ble fund will per­mit bit­coin dona­tions. Last year, the online retail­er overstock.com start­ed accept­ing pay­ments in bit­coin. Dell, Microsoft, Expe­dia and DISH Net­work also allow bit­coin pay­ments.

    There were 1.3 mil­lion bit­coin users last year, accord­ing to Juniper Research. It esti­mates there will be 4.7 mil­lion users by the end of 2017.

    Heather Nauert cur­rent­ly serves as a news anchor for FOX News Chan­nel (FNC) and also pro­vides view­ers with the top head­lines of the day dur­ing FOX & Friends (week­days 6–9AM/ET). Nauert orig­i­nal­ly joined FNC in 1998 and rejoined as an anchor in 2007.

    Posted by participo | November 25, 2015, 11:53 pm
  6. The inves­ti­ga­tion of Coin.mx, the bit­coin trad­ing plat­form charged with facil­i­tat­ing mon­ey-laun­der­ing, espe­cial­ly for pur­vey­ors of ran­somware, now includes the indict­ment of the for­mer head of the cred­it union that the peo­ple behind Coin.mx even­tu­al­ly took over to facil­i­tate the scheme. Con­sid­er­ing that this same crim­i­nal net­work also con­duct­ed an exten­sive major hack of JP Mor­gan’s cus­tomer records, there’s a good chance this is one of those cas­es that could go in a lot of dif­fer­ent direc­tions, which rais­es the ques­tion: is the Coin.mx inves­ti­ga­tion going to take a look at Ron Paul? It seems pos­si­ble. After all, when Ron Paul final­ly came around to Bit­coin in 2015, it was Coin.mx that held his hand:

    Coin Tele­graph

    After 40 Years of Look­ing, Ron Paul Finds Bit­coin

    Aman­da B. John­son

    2015-05-05 08:58 PM

    Ron Paul start­ed talk­ing about the seri­ous prob­lems of the Fed­er­al Reserve sys­tem in the 1970s. In his words, the abil­i­ty to con­trol the sup­ply of mon­ey was “through­out his­to­ry, the most sought-after monop­o­lis­tic pow­er of man” (below). He was gen­er­al­ly greet­ed by the sound of crick­ets, both by fel­low politi­cians and prac­ti­cal­ly every­one else.

    ...

    Like most in Aus­tri­an eco­nom­ics (the eco­nom­ic school of thought Paul espous­es), he saw the rem­e­dy to Fed-caused depres­sions and reces­sions as pre­cious met­als — a return to gold and sil­ver cur­ren­cies. “End the Fed” became both a mantra and a best-sell­ing book title released by Paul dur­ing his 2008 and 2012 pres­i­den­tial cam­paigns.

    But Paul’s polit­i­cal career did not result in the legal abo­li­tion of the Fed. Not even close. Not by a long shot. But it did leave a large por­tion of an entire gen­er­a­tion hun­gry for a new mon­ey — an alter­na­tive cur­ren­cy — as a way to, as some put it, “Ignore the Fed.”

    And then it came: Bit­coin.

    Paul was first asked about his views on Bit­coin in ear­ly 2013. He was gen­er­al­ly unfa­mil­iar with blockchain tech­nol­o­gy, and famous­ly said, “If I can’t put it in my pock­et, I have reser­va­tions.” But unlike so many Lud­dites, Paul did­n’t dis­miss Bit­coin for good. He just held back from mak­ing deci­sive state­ments. (In oth­er words, he did what intel­li­gent peo­ple do when they know they’re under-informed about some­thing.)

    Many of Paul’s sup­port­ers took his ret­i­cence about Bit­coin as a sig­nal to return to their go-gold-or-go-home stance. Oth­ers said that Paul would come around even­tu­al­ly, once he’d got­ten an edu­ca­tion in cryp­tocur­ren­cy.

    It now seems that the lat­ter were cor­rect.

    Voic­es of Lib­er­ty (for­mer­ly the Ron Paul Chan­nel) recent­ly released the inter­view below, which fea­tures Paul and a rep­re­sen­ta­tive from Coin.mx ban­ter­ing about cryp­to. The inter­view is actu­al­ly a three-part series, and Paul reveals him­self as hav­ing done a great deal of Bit­coin home­work between 2013 and now.

    This inter­view series marks a seri­ous shift in the “sound mon­ey” move­ment that Ron Paul is large­ly respon­si­ble for. Though he lob­bied unsuc­cess­ful­ly to “end the Fed” for decades, it would seem that his per­son­al eco­nom­ic beliefs were proven true in the end: gov­ern­ments don’t solve prob­lems. Mar­kets do.

    Voic­es of Lib­er­ty (for­mer­ly the Ron Paul Chan­nel) recent­ly released the inter­view below, which fea­tures Paul and a rep­re­sen­ta­tive from Coin.mx ban­ter­ing about cryp­to. The inter­view is actu­al­ly a three-part series, and Paul reveals him­self as hav­ing done a great deal of Bit­coin home­work between 2013 and now.”
    Yep, Ron Paul’s Bit­coin bap­tism was declared to the world via a series of inter­views about Bit­coin from a Coin.mx rep­re­sen­ta­tive. In May 2015. It was­n’t the best tim­ing:

    Forbes
    Was Ron Paul Hang­ing Out With Bit­coin Exchange Of Accused JPMor­gan Hack­er?

    Thomas Fox-Brew­ster ,
    Forbes Staff
    Nov 11, 2015 @ 11:00 AM

    An indict­ment unsealed yes­ter­day charged Gery Shalon, an Israeli cit­i­zen and res­i­dent, with a range of online crimes, includ­ing the biggest ever cus­tomer data theft from a US finan­cial insti­tu­tion – 83 mil­lion users’ details from JPMor­gan Chase.

    The fil­ing from the US Attor­ney in Atlanta also assert­ed Shalon was behind a crim­i­nal Bit­coin exchange, Coin.mx, which went out of action in July after it was accused of laun­der­ing mon­ey (Coin.mx is no longer oper­a­tional and could not be con­tact­ed for com­ment). Bizarrely, just before the clo­sure of the site but months before pros­e­cu­tors claimed Coin.mx was know­ing­ly used by Shalon and his part­ners to fun­nel mon­ey from a cor­nu­copia of crim­i­nal activ­i­ty, two-time Repub­li­can pres­i­den­tial can­di­date Ron Paul car­ried out a three-part inter­view with a social media expert con­tract­ed by the exchange.

    The inter­view is essen­tial­ly a primer on Bit­coin and a lit­tle slice of pro-lib­er­tar­i­an, pro-Coin.mx pro­pa­gan­da, with both sides decry­ing finan­cial reg­u­la­tion, but in light of the charges now fac­ing Shalon, it may be that Paul was real­ly used to bring some legit­i­ma­cy to one arm of an alleged mul­ti­fac­eted crim­i­nal cam­paign that pros­e­cu­tors claimed earned its per­pe­tra­tors hun­dreds of mil­lions of dol­lars.

    It might not have been the first time Paul was seen hang­ing with the Coin.mx crowd. One of the men alleged­ly involved with Coin.mx was Antho­ny Mur­gio, who pros­e­cu­tors said ran the Flori­da-based firm from the U.S., as Shalon sent the orders from Israel. What appears to be Murgio’s LinkedIn page includes a pho­to with a man who looks much like Paul (he hadn’t con­firmed or denied it at the time of pub­li­ca­tion).

    In 2013, the Mur­gio who used that LinkedIn pro­file reg­is­tered a large num­ber of sites to do with Bit­coin, includ­ing a 365coinexchange.com, bcoinbarter.com, bcoinbuzz.com, bcoindepot.com, bcoinmarket.com, bcoinshop.com, bcoinstore.com, bcoinworld.com, buybitcoinswithpaypal.com, ichangexchange.com and icoinmarket.com. This year, it appears he was more inter­est­ed in deliv­er­ing weed via drone too, reg­is­ter­ing chronicdrone.com, dopedronedelivery.com, highflydelivery.com and toastydrone.com, amongst oth­ers.

    If Coin.mx was sim­ply a way for Shalon to make more prof­it from crim­i­nal escapades, he went to great lengths to make it look like the real deal, which may have includ­ed charm­ing the for­mer Repub­li­can Con­gress­man.

    Those efforts stretched to sub­stan­tial PR efforts and some sneaky busi­ness prac­tices, accord­ing to pub­lic records and the indict­ment. The com­pa­ny, set up in 2013, was osten­si­bly rep­re­sent­ed at Bit­coin con­fer­ences and across Twit­ter by social media con­sul­tan­cy SM3. Paul’s inter­vie­wee, anoth­er Flori­da res­i­dent Ania Amador, claimed in the jovial con­fab that she’d “been with Coin.mx since 2013”, though her LinkedIn page indi­cates she has nev­er worked for Coin.mx, and in 2013 was CEO of SM3, a ser­vice she set up in 2010.

    I’ve emailed both Paul’s team and Amador, but nei­ther had offered a response at the time of pub­li­ca­tion. Ques­tions remain around how much they knew about Coin.mx’s activ­i­ties. There’s no evi­dence they knew of any­thing unto­ward.

    The Col­lec­tables Club

    Accord­ing to the indict­ment, the exchange was oper­at­ed through a pho­ny com­pa­ny called “Col­lec­tables Club” [sic] as the crim­i­nals sought to trick author­i­ties into believ­ing the orga­ni­za­tion offered a mem­bers-only area for dis­cussing and sell­ing col­lectible items, from stamps to sports mem­o­ra­bil­ia, accord­ing to the indict­ment. That court fil­ing also claimed that in 2014, Shalon’s co-con­spir­a­tors acquired con­trol of a fed­er­al cred­it union, installed peo­ple on the board of direc­tors and trans­ferred coin.mx’s bank­ing oper­a­tions to the union. That was then used as a “cap­tive bank” for unlaw­ful busi­ness, pros­e­cu­tors claimed.

    The Coin.mx web­site, still acces­si­ble over the Way­back Machine, showed it was a rel­a­tive­ly slick affair, even if the lan­guage was some­what slop­py.

    Its Face­book page, which had gar­nered just over 15,000 likes, described the firm as “an Amer­i­can-based mon­ey exchange that allows you to buy, sell, and exchange dig­i­tal mon­ey such as Bit­coins, Lite­coins, and more”. Both the Coin.mx home­page and the Face­book page list­ed the company’s address as 2591 Dal­las Pkwy, Frisco, TX 75034, even though the alleged oper­a­tors were based in Flori­da.

    All this was enough to con­vince Bit­coin own­ers, whether legit­i­mate or crim­i­nal, to use the ser­vice. Between Octo­ber 2013 and Jan­u­ary 2015 it han­dled $1.8 mil­lion in Bit­coins on behalf of tens of thou­sands of cus­tomers, said the U.S. Attorney’s Office for the South­ern Dis­trict of New York.

    The site was used to exchange Bit­coins for cash for all kinds of crim­i­nal activ­i­ty, pros­e­cu­tors claimed. Intrigu­ing­ly, the U.S. Attor­ney accused Coin.mx of know­ing­ly exchang­ing cash for Bit­coins derived from ran­somware attacks, where crim­i­nals infect people’s PCs or smart­phones, lock their files away using encryp­tion and demand pay­ment to unlock them. In the case of Coin.mx, it was said to have deliv­ered dol­lars to those behind the Cryp­towall ran­somware, a par­tic­u­lar­ly nasty strain of mal­ware tar­get­ing Microsoft Win­dows PCs.

    Accord­ing to the indict­ment, Coin.mx was used along­side oth­er ille­gal pay­ments firms IDPay and Todur. These were alleged­ly run by Shalon and Ziv Oren­stein, two of the three named in the indict­ment filed in Atlanta along­side Joshua Samuel Aaron, to han­dle mon­ey from unlaw­ful phar­ma­ceu­ti­cal sales, fake and mali­cious anti-virus soft­ware, a range of ille­gal online casi­nos and dol­lars com­ing in from the Bit­coin exchange. Shalon and his col­leagues were said to have run at least 12 unlaw­ful online casi­nos, hack­ing into com­peti­tors to steal cus­tomer data­bas­es, or hit­ting them with Dis­trib­uted Denial of Ser­vice (DDoS) attacks after “per­ceived mis­con­duct” on his own casi­no sites.

    ...

    Coin.mx was, accord­ing to the indict­ment, a small part of a mas­sive cyber­crime oper­a­tion, which, along with the huge JPMor­gan breach, saw one finan­cial firm hacked via the Heart­bleed bug, attacks on providers of oper­at­ing soft­ware for casi­nos, and col­lu­sion with cor­rupt inter­na­tion­al bank offi­cials. One co-con­spir­a­tor, said the court fil­ing, described the oper­a­tion as a pay­ment pro­cess­ing, casi­no, soft­ware and phar­ma “cock­tail”.

    The cas­es against Coin.mx and its relat­ed busi­ness­es are a star­tling reminder of just how wide crim­i­nal net­works can stretch.

    “The fil­ing from the US Attor­ney in Atlanta also assert­ed Shalon was behind a crim­i­nal Bit­coin exchange, Coin.mx, which went out of action in July after it was accused of laun­der­ing mon­ey (Coin.mx is no longer oper­a­tional and could not be con­tact­ed for com­ment). Bizarrely, just before the clo­sure of the site but months before pros­e­cu­tors claimed Coin.mx was know­ing­ly used by Shalon and his part­ners to fun­nel mon­ey from a cor­nu­copia of crim­i­nal activ­i­ty, two-time Repub­li­can pres­i­den­tial can­di­date Ron Paul car­ried out a three-part inter­view with a social media expert con­tract­ed by the exchange.
    Yeah, Ron’s tim­ing could have been bet­ter. That is, unless it was great timing...for Coin.mx’s cred­i­bil­i­ty:

    ...
    The inter­view is essen­tial­ly a primer on Bit­coin and a lit­tle slice of pro-lib­er­tar­i­an, pro-Coin.mx pro­pa­gan­da, with both sides decry­ing finan­cial reg­u­la­tion, but in light of the charges now fac­ing Shalon, it may be that Paul was real­ly used to bring some legit­i­ma­cy to one arm of an alleged mul­ti­fac­eted crim­i­nal cam­paign that pros­e­cu­tors claimed earned its per­pe­tra­tors hun­dreds of mil­lions of dol­lars.

    It might not have been the first time Paul was seen hang­ing with the Coin.mx crowd. One of the men alleged­ly involved with Coin.mx was Antho­ny Mur­gio, who pros­e­cu­tors said ran the Flori­da-based firm from the U.S., as Shalon sent the orders from Israel. What appears to be Murgio’s LinkedIn page includes a pho­to with a man who looks much like Paul (he hadn’t con­firmed or denied it at the time of pub­li­ca­tion).
    ...

    So was Ron Paul’s big splash into the world of Bit­coin, in part, an attempt to legit­imize one com­po­nent of a vast crim­i­nal enter­prise or was he just the right use­ful idiot at the right time? Either seems pos­si­ble, although, from an Occam’s Razor stand­point, per­haps use­ful idio­cy is a lit­tle more pos­si­ble. It’s a reminder that when use­ful idio­cy is the less­er of two evils, lega­cies of luna­cy can sud­den­ly become extra use­ful.

    At least there’s one less enter­prise out there for ran­somware ped­dlers and oth­er crim­i­nals to laun­der their bit­coins. Let’s hope that gives the peo­ple cur­rent­ly Ran­somware-ing hos­pi­tals at least a bit of a headache.

    Posted by Pterrafractyl | March 23, 2016, 6:50 pm
  7. While crim­i­nal activ­i­ty has long been one of the ear­li­est poten­tial appli­ca­tions of Bit­coin and fac­tors dri­ving demand for the cur­ren­cy, it turns out there’s one par­tic­u­lar Bit­coin-facil­i­tat­ed online crim­i­nal activ­i­ty that might actu­al­ly be gen­er­at­ing bit­coin demand from all sorts of legit­i­mate busi­ness in antic­i­pa­tion that they will need to par­tic­i­pate in that crim­i­nal activ­i­ty. Invol­un­tar­i­ly:

    MIT Tech­nol­o­gy Review

    Com­pa­nies Are Stock­pil­ing Bit­coin to Pay Off Cyber­crim­i­nals

    Tom Simonite
    San Fran­cis­co Bureau Chief
    June 7, 2016

    Dig­i­tal cur­ren­cy Bit­coin is var­i­ous­ly pro­mot­ed as an alter­na­tive to gold, a good way to make inter­na­tion­al trans­fers, or the future of e‑commerce. New research sug­gests that com­pa­nies are now stock­pil­ing Bit­coin for a dif­fer­ent rea­son: so they can pay up quick­ly if their data is held ran­som by mali­cious soft­ware.

    Ran­somware, as it is called, has locked up the data of huge num­bers of indi­vid­u­als and busi­ness­es in recent years. Many of them, includ­ing police depart­ments and hos­pi­tals, have opt­ed to pay up to get their data back.

    A small sur­vey by cor­po­rate net­work­ing com­pa­ny Cit­rix indi­cates that some IT pro­fes­sion­als are even stock­pil­ing bit­coins so they can pay up quick­ly in the event ran­somware strikes their net­work. Out of 250 IT and secu­ri­ty work­ers at U.K. com­pa­nies with more than 250 employ­ees, a third said they were stock­pil­ing the cur­ren­cy. A researcher at Cor­nell recent­ly tweet­ed that the university’s trea­sur­er cre­at­ed an account with the Bit­coin exchange Coin­base so as to be ready if ran­somware struck.

    Almost half of respon­dents in the Cit­rix sur­vey said that com­pa­ny data was not backed up at least dai­ly. Secu­ri­ty experts advise that back­ups are the best defense against ran­somware and gen­er­al­ly dis­cour­age pay­ing off ran­somware, since it encour­ages the indus­try.

    ...

    Just how many com­pa­nies are set­ting aside ran­som mon­ey in advance is prob­a­bly hard to know because it’s some­thing they may be loath to adver­tise. Acknowl­edg­ing that you are ready to pay—and per­haps don’t have a good back­up system—could attract the attacks this pol­i­cy is designed to han­dle.

    “A small sur­vey by cor­po­rate net­work­ing com­pa­ny Cit­rix indi­cates that some IT pro­fes­sion­als are even stock­pil­ing bit­coins so they can pay up quick­ly in the event ran­somware strikes their net­work. Out of 250 IT and secu­ri­ty work­ers at U.K. com­pa­nies with more than 250 employ­ees, a third said they were stock­pil­ing the cur­ren­cy. A researcher at Cor­nell recent­ly tweet­ed that the university’s trea­sur­er cre­at­ed an account with the Bit­coin exchange Coin­base so as to be ready if ran­somware struck.”
    A third of the cor­po­ra­tions in the sur­vey said they were stock­pil­ing bit­coins just so they could quick­ly pay off ran­somware attacks? Well, now we know that the Bit­coin com­mu­ni­ty knows that the mere threat of ran­somware is increas­ing cor­po­rate demand for Bit­coins. And that means ran­somware might be mor­ph­ing into one of Bit­coin’s best means of mak­ing inroads into the busi­ness com­mu­ni­ty. Yikes. Watch out for those unex­pect­ed email attach­ments.

    Posted by Pterrafractyl | June 8, 2016, 5:43 pm
  8. This is one of those sto­ries where it’s impor­tant remem­ber that you can’t unread things, so, you know, pro­ceed with cau­tion because there’s going to be some stuff you’d rather unread after you read them:

    A San Anto­nio man, Cody Alexan­der Stoops, just become the first per­son con­vict­ed as part of a mas­sive child porn bust in 2015 that involved the FBI iden­ti­fy­ing 215,000 peo­ple using a Dark Web web­site known as “Playpen” that report­ed­ly includ­ed images and videos that went beyond sex­u­al abuse of young chil­dren and includ­ed tor­ture and even water board­ing the kids with human waste. Stoops him­self was report­ed­ly a rel­a­tive­ly “light” user of Playpen, but he also ran sev­er­al groups on the Kik encrypt­ed mes­sag­ing app that were ded­i­cat­ed exclu­sive­ly to trad­ing child porn. Dur­ing the peri­od the FBI was mon­i­tor­ing Stoops the Kik groups he ran loaded more than 100,000 posts and one of the peo­ple also caught using Kik ran a group called “young­tor­ture.”

    It’s a reminder that the casu­al accep­tance of pro­found evils like the dis­tri­b­u­tion child porn that are rou­tine­ly brushed off by the Cypher­punk cul­ture as ‘just the cost of pri­va­cy’ includes a casu­al accep­tance of things so hor­rif­ic it’s psy­chi­cal­ly scar­ring just to read about them:

    San Anto­nio Express News

    San Anto­nio man in mas­sive child-porn inves­ti­ga­tion gets 25 years

    By Guiller­mo Con­tr­eras Updat­ed 2:36 pm, Thurs­day, Octo­ber 19, 2017

    A San Anto­nio man snagged in a mas­sive inter­na­tion­al child porn inves­ti­ga­tion focus­ing on the dark cor­ners of the Inter­net was sen­tenced Thurs­day to 25 years in fed­er­al prison, fol­lowed by 30 years of super­vised release.

    Cody Alexan­der Stoops, 24, was one of 215,000 peo­ple iden­ti­fied when the FBI seized a web­site known as “Playpen” on the Tor net­work, which keeps users’ iden­ti­ties anony­mous.

    U.S. Dis­trict Judge Xavier Rodriguez also ordered him to pay $28,500 in resti­tu­tion to vic­tims.

    Stoops was among the first in San Anto­nio to be linked to Playpen and the first to be charged fed­er­al­ly here with engag­ing in a child-exploita­tion enter­prise, which car­ries a max­i­mum sen­tence of 20 years to life in prison.

    Though he had low activ­i­ty in Playpen, Stoops ran sev­er­al groups on the Kik social media app that were exclu­sive­ly for trad­ing and shar­ing child pornog­ra­phy, said Assis­tant U.S. Attor­ney Tra­cy Thomp­son.

    The mate­r­i­al was so extreme that aside from tod­dlers being sex­u­al­ly assault­ed, they were tor­tured with numer­ous items and water­board­ed with human waste. It even shocked vet­er­an FBI agents who inves­ti­gate those cas­es, and the judge.

    “That was the most hor­rif­ic stuff I’ve seen,” said Thomp­son, who reg­u­lar­ly pros­e­cutes child exploita­tion cas­es. “It is absolute­ly the most hor­rif­ic thing, and that’s what they’re trad­ing.”

    In one month, the groups Stoops ran loaded more than 100,000 posts through Kik with child porn images or videos — equat­ing to one post every 3.5 sec­onds dur­ing the brief peri­od the FBI zeroed in on Stoops.

    Stoops, who dropped out of Texas A&M before return­ing to San Anto­nio to work as a ken­nel aide at a pro­gram for spay­ing and neu­ter­ing ani­mals in San Anto­nio, also had reams of images of bes­tial­i­ty, author­i­ties said.

    Stoops’ arrest led to oth­ers around the coun­try being arrest­ed for post­ing and shar­ing the mate­r­i­al on Kik, among them a con­vict­ed sex offend­er in St. Louis, Robert J. Hol­lo­ran, 40, who ran a group called “young­tor­ture.” A sto­ry in the St. Louis Post-Dis­patch said police moved in after being alert­ed by the FBI in San Anto­nio.

    As for Playpen, the site oper­at­ed from August 2014 until the FBI shut it down on March 4, 2015, after agents used spe­cial tech­niques to obtain infor­ma­tion about its users, accord­ing to a search war­rant affi­davit filed in fed­er­al court in New York.

    It said the web­site could not be accessed through the tra­di­tion­al Inter­net and required spe­cial­ized soft­ware and the user’s knowl­edge of its exact Web address. Users made child porn avail­able for oth­ers on a sys­tem that func­tioned like a trad­ing board, accord­ing to the affi­davit.

    ...

    ———-

    “San Anto­nio man in mas­sive child-porn inves­ti­ga­tion gets 25 years” by Guiller­mo Con­tr­eras; San Anto­nio Express News; 10/19/2017

    “The mate­r­i­al was so extreme that aside from tod­dlers being sex­u­al­ly assault­ed, they were tor­tured with numer­ous items and water­board­ed with human waste. It even shocked vet­er­an FBI agents who inves­ti­gate those cas­es, and the judge.”

    And note how the Playpen users don’t appear to have been iden­ti­fied using tra­di­tion­al ‘human intel­li­gence’ detec­tive tech­nique. Instead, some sort of “spe­cial tech­niques to obtain infor­ma­tion about its users” was employed, which sug­gests a vul­ner­a­bil­i­ty in Tor or some oth­er link in the cryp­to-chain was exploit­ed:

    ...
    As for Playpen, the site oper­at­ed from August 2014 until the FBI shut it down on March 4, 2015, after agents used spe­cial tech­niques to obtain infor­ma­tion about its users, accord­ing to a search war­rant affi­davit filed in fed­er­al court in New York.
    ...

    This is a key point, because one of the fre­quent argu­ments we hear in favor or set­ting up a about why the pub­lic should­n’t be con­cern about cyp­to tech­nol­o­gy cre­at­ing effec­tive­ly impreg­nable net­works that can oper­ate with both impuni­ty and ease across the globe is that author­i­ties can just use more “human intel­li­gence” to infil­trate these net­works (like ter­ror­ist net­works) in real life. But for some­thing like Playpen, the entire thing is designed to oper­ate exclu­sive­ly in the dig­i­tal space, with the excep­tion of when they’re actu­al­ly tor­tur­ing kids in real life to cre­ate the images. In this case, there was clear­ly some sort of “spe­cial tech­nique” that allowed users to be iden­ti­fied, but it’s impor­tant to real­ize that such “spe­cial tech­niques” are con­sid­ered unac­cept­able by cryp­to-enthu­si­ast and build­ing sys­tems with­out such vul­ner­a­bil­i­ties is con­sid­ered a top goal of the move­ment. And it’s prob­a­bly just a mat­ter of time before such sys­tems are devel­oped and avail­able to future ‘Playpens’.

    So if you’re tempt­ed to assume that bust of this net­work of 215,000 child tor­ture porn con­sumers is an exam­ple of how soci­ety can deploy Cypher­punk tech­nolo­gies with­out wor­ry­ing about enabling things like child tor­ture porn rings, keep in mind that this case is actu­al­ly an exam­ple of how the Cypher­punk tech­nolo­gies used for this crim­i­nal ring aren’t com­plete­ly impreg­nable at this point in time. And if these tech­nolo­gies were com­plete­ly impreg­nable we would prob­a­bly would­n’t be read­ing hor­rif­ic, psy­chi­cal­ly scar­ring sto­ries about a giant child tor­ture porn ring. Because it would still be qui­et­ly run­ning.

    Posted by Pterrafractyl | October 19, 2017, 8:59 pm
  9. Two steps for­ward, one step back, and hope­ful­ly a few steps for­ward if announced plans come to fruition. That’s kind of how we could describe the state of affairs in the fight over the use of cryp­tocur­ren­cies in child sex abuse media (CSAM) con­tent. Cryp­to is still being used in this online mar­ket­place, and seem­ing­ly by few­er but more sophis­ti­cat­ed actors capa­ble of uti­liz­ing the var­i­ous anonymi­ty tech­nolo­gies that have been devel­oped to make the use of cryp­tocur­ren­cies untrace­able. It sounds like law enforce­ment has been able to crack down on a num­ber of CSAM per­pe­tra­tors via the abil­i­ty to retrace cryp­tocur­ren­cy trans­ac­tions, but not all of them. Skilled actors remain, with cryp­tocur­ren­cy “mix­ers” ser­vices increas­ing­ly used to effec­tive­ly laun­der their finan­cial trail. In that sense, it’s been a two steps for­ward one step back sit­u­a­tion.

    But then there’s the oth­er poten­tial­ly very sig­nif­i­cant devel­op­ment on this front. And not just the CSAM front but cryp­tocur­ren­cy’s use for ille­gal activ­i­ty in gen­er­al: the US Trea­sury recent­ly announced a new rule regard­ing mix­ers (also known as “tum­blers”). Under the pro­pos­al, US finan­cial insti­tu­tions and finan­cial agen­cies will be asked to iden­ti­fy, col­lect and report cer­tain infor­ma­tion relat­ed to inter­na­tion­al mix­er trans­ac­tions, includ­ing per­son­al and trans­ac­tion­al infor­ma­tion. Keep in mind that these mix­ing ser­vices are a cru­cial ele­ment of mod­ern day anonymi­ty with cryp­tocur­ren­cy trans­ac­tions. With­out the ambi­gu­i­ty cre­at­ed by mix­ers, cryp­to trans­ac­tions are essen­tial­ly pub­lic. These new rules are poten­tial­ly a very big deal that strike at the foun­da­tion of the whole cryp­to gam­bit.

    If imple­ment­ed, the rules would be the first time the US Trea­sury uses pow­ers grant­ed in the wake of 9/11. They’ve even been dubbed “death-knell” rules because they could end up spelling the end for even for­eign banks that are deemed to be threats to US nation­al secu­ri­ty. In fact, crack­ing down on Hamas’s use of cryp­tocur­ren­cy for fundrais­ing is the osten­si­ble rea­son for the new rules, although observers note that the depart­ment was like­ly work­ing on them for much longer. The rules were first pro­posed in mid-Octo­ber, with a 90 day pub­lic review peri­od. Which is near­ly up.

    That’s the poten­tial­ly very big devel­op­ment in the cryp­tomar­kets. Under a best case sce­nario, we see the new rules put a real dent on the CSAM trade. But then there’s the worse sce­nar­ios, like the bad actors find­ing new ways to con­tin­ue using cryp­to cur­ren­cies while evad­ing law enforce­ment. That’s the cat and mouse game that’s about to unfold in this space, with poten­tial­ly mas­sive impli­ca­tions for the future of cryp­tocur­ren­cies. Mon­ey laun­der­ing and crime real­ly is one of the biggest real world uses for cryp­tocur­ren­cies. What’s going to hap­pen cryp­to mar­kets if US author­i­ties start enabling the iden­ti­fi­ca­tion of peo­ple cur­rent­ly get­ting away the crim­i­nal activ­i­ty through mix­er ser­vices? There’s noth­ing stop­ping the US from shar­ing that infor­ma­tion with gov­ern­ments around the world. This isn’t nec­es­sar­i­ly just a US law enforce­ment sto­ry.

    From the start of Bit­coin, there’s always been the ques­tion of just how much will soci­ety tol­er­ate the exis­tence of a plat­form that can so eas­i­ly be used to facil­i­tate some of the worst kinds of crime, like ter­ror­ism and child abuse. That ques­tions has always been answered, in part, by peo­ple point­ing out that the blockchain does­n’t nec­es­sar­i­ly allow for real anonymi­ty and law enforce­ment has options. But it sounds like the sit­u­a­tion has always been more com­pli­ca­tion, with some crim­i­nals get­ting caught but the most sophis­ti­cat­ed crim­i­nals stay­ing one step ahead of law enforce­ment with ser­vices like mix­ers. What hap­pens if the mix­ers are put out of oper­a­tion? Will a new trick pop up that con­tin­ues to allows cryp­to users to main­tain their anonymi­ty? If not, how will the cryp­to sec­tor respond? How much of the present day cryp­to demand is crim­i­nal in nature and shy enough of expo­sure to law enforce­ment that they’ll aban­don cryp­to alto­geth­er if the risk is too high? These kinds of ques­tions part of what makes the new US Trea­sury rules are sto­ry to watch. It’s a huge stress test for the entire cryp­to sec­tor com­ing up. And if we’re lucky, the CSAM preda­tors are going to fail that stress test spec­tac­u­lar­ly:

    Wired

    Child Abusers Are Get­ting Bet­ter at Using Cryp­to to Cov­er Their Tracks

    Cryp­to trac­ing firm Chainal­y­sis found that sell­ers of child sex­u­al abuse mate­ri­als are suc­cess­ful­ly using “mix­ers” and “pri­va­cy coins” like Mon­ero to laun­der their prof­its and evade law enforce­ment.

    Andy Green­berg
    Jan 11, 2024 9:00 AM

    For those who trade in child sex­u­al exploita­tion images and videos in the dark­est recess­es of the inter­net, cryp­tocur­ren­cy has been both a pow­er­ful tool and a treach­er­ous one. Bit­coin, for instance, has allowed denizens of that crim­i­nal under­ground to buy and sell their wares with no involve­ment from a bank or pay­ment proces­sor that might reveal their activ­i­ties to law enforce­ment. But the pub­lic and sur­pris­ing­ly trace­able trans­ac­tions record­ed in Bit­coin’s blockchain have some­times led finan­cial inves­ti­ga­tors direct­ly to pedophiles’ doorsteps.

    Now, after years of evo­lu­tion in that grim cat-and-mouse game, new evi­dence sug­gests that online ven­dors of what was once com­mon­ly called “child porn” are learn­ing to use cryp­tocur­ren­cy with sig­nif­i­cant­ly more skill and stealth—and that it’s help­ing them sur­vive longer in the inter­net’s most abu­sive indus­try.

    Today, as part of an annu­al crime report, cryp­tocur­ren­cy trac­ing firm Chainal­y­sis revealed new research that ana­lyzed blockchains to mea­sure the chang­ing scale and sophis­ti­ca­tion of the cryp­tocur­ren­cy-based sale of child sex­u­al abuse mate­ri­als, or CSAM, over the past four years. Total rev­enue from CSAM sold for cryp­tocur­ren­cy has actu­al­ly gone down since 2021, Chainal­y­sis found, along with the num­ber of new CSAM sell­ers accept­ing cryp­to. But the sophis­ti­ca­tion of cryp­to-based CSAM sales has been increas­ing. More and more, Chainal­y­sis dis­cov­ered, sell­ers of CSAM are using pri­va­cy tools like “mix­ers” and “pri­va­cy coins” that obfus­cate their mon­ey trails across blockchains.

    Per­haps because of that increased savvy, the com­pa­ny found that CSAM ven­dors active in 2023 per­sist­ed online—and evad­ed law enforcement—for a longer time than in any pre­vi­ous year, and about 57 per­cent longer than even in 2022. “Grow­ing sophis­ti­ca­tion makes iden­ti­fi­ca­tion hard­er. It makes trac­ing hard­er, it makes pros­e­cu­tion hard­er, and it makes res­cu­ing vic­tims hard­er,” says Eric Jar­dine, the researcher who led the Chainal­y­sis study. “So that sophis­ti­ca­tion dimen­sion is prob­a­bly the worst one you could see increas­ing over time.”

    Bet­ter Stealth, Longer Crim­i­nal Lifes­pans

    Scour­ing blockchains, Chainal­y­sis researchers ana­lyzed around 400 cryp­tocur­ren­cy wal­lets of CSAM sell­ers and more than 10,000 buy­ers who sent funds to them over the past four years. Their most dis­turb­ing find­ing in that broad eco­nom­ic study was that cryp­to-based CSAM sell­ers seem to have a longer lifes­pan online than ever, sug­gest­ing a kind of rel­a­tive impuni­ty. On aver­age, CSAM ven­dors who were active in 2023 remained online for 884 days, com­pared with 560 days for those active in 2022 and just 112 days in 2020.

    To explain that new longevi­ty for some of the most harm­ful actors on the inter­net, Chainal­y­sis points to how CSAM ven­dors are increas­ing­ly laun­der­ing their pro­ceeds with cryp­tocur­ren­cy mixers—services that blend users’ funds to make trac­ing more difficult—such as Chip­Mix­er and Sin­bad. (US and Ger­man law enforce­ment shut down Chip­Mix­er in March 2023, but Sin­bad remains online despite fac­ing US sanc­tions for mon­ey laun­der­ing.) In 2023, Chainal­y­sis found that about 46 per­cent of CSAM ven­dors used mix­ers, up from around 22 per­cent in 2020.

    Chainal­y­sis also found that CSAM ven­dors are increas­ing­ly using “instant exchang­er” ser­vices that often col­lect lit­tle or no iden­ti­fy­ing infor­ma­tion on traders and allow them to swap bit­coin for cryp­tocur­ren­cies like Mon­ero and Zcash—“privacy coins” designed to obfus­cate or encrypt their blockchains to make trac­ing their cash-outs of prof­its far more dif­fi­cult. Chainal­y­sis’ Jar­dine says that Mon­ero in par­tic­u­lar seems to be gain­ing pop­u­lar­i­ty among CSAM pur­vey­ors. In the com­pa­ny’s inves­ti­ga­tions, Chainal­y­sis has seen it used repeat­ed­ly by CSAM sell­ers laun­der­ing funds through instant exchang­ers, and in mul­ti­ple cas­es it has also seen CSAM forums post Mon­ero address­es to solic­it dona­tions. While the instant exchang­ers did offer oth­er cryp­tocur­ren­cies, includ­ing the pri­va­cy coin Zcash, Chainal­y­sis’ report states that “we believe Mon­ero to be the cur­ren­cy of choice for laun­der­ing via instant exchang­ers.”

    The CSAM adop­tion curve for those instant exchangers—and, Chainal­y­sis sug­gests, the pri­va­cy coins they offer—is steep: Chainal­y­sis found that 52 per­cent of CSAM ven­dors active in 2023 sent mon­ey to instant exchang­ers that let users trade bit­coins for Mon­ero, up from around 17 per­cent in 2020. Two CSAM ven­dors that Chainal­y­sis tracked, for exam­ple, each received about $100,000 worth of cryp­tocur­ren­cy pay­ments since 2020 and over the past four years almost entire­ly shift­ed from cash­ing out those funds at tra­di­tion­al cryp­tocur­ren­cy exchanges to trad­ing them on instant exchang­ers that offered Mon­ero. (To avoid dis­rupt­ing any ongo­ing law enforce­ment inves­ti­ga­tions, Chainal­y­sis declined to name those ven­dors, oth­er CSAM sell­ers, or any of the instant exchang­ers they’ve used.)

    Chainal­y­sis’ researchers went so far as to cor­re­late CSAM ven­dors’ use of instant exchang­ers offer­ing Mon­ero to those sell­ers’ increased sur­vival rates online: After a thou­sand days, about one out of five CSAM ven­dors who used the Mon­ero-friend­ly instant exchang­ers were still active ver­sus just one in 25 CSAM sell­ers who did­n’t. “The data sug­gests that Mon­ero helps CSAM ven­dors stay in busi­ness longer,” Chainal­y­sis’ report reads.

    Few­er Agents of Exploitation—and Smarter Ones

    Even as the resilience of CSAM sell­ers who used cryp­to grew in 2023, Chainal­y­sis says the over­all scale of the prob­lem may be declin­ing by some mea­sures. While the com­pa­ny found that the num­ber of CSAM-relat­ed cryp­tocur­ren­cy trans­ac­tions was up 89 per­cent since 2019, it dropped by 22 per­cent from 2022 to 2023. Chainal­y­sis also count­ed only 43 new ven­dors sell­ing CSAM for cryp­tocur­ren­cy in 2023, com­pared to 112 the pre­vi­ous year.

    The com­pa­ny’s researchers spec­u­late that the decline may be due in part to the CSAM under­ground’s increased aware­ness that cryp­tocur­ren­cy can be traced. In the high­ly pub­li­cized case of the Wel­come to Video dark web site, one of the biggest-ever online repos­i­to­ries of CSAM videos, Bit­coin trac­ing allowed law enforce­ment to iden­ti­fy and arrest 337 men around the world and to remove 23 chil­dren from exploita­tive sit­u­a­tions. (As an exam­ple of the pub­lic­i­ty around the case, WIRED detailed the inves­ti­ga­tion in a 2022 mag­a­zine cov­er sto­ry.) “It’s pos­si­ble that the Wel­come to Video case was a wake-up call for a lot of peo­ple,” says Sasha Plot­niko­va, a cyber­crime researcher at Chainal­y­sis.

    ...

    Apex Preda­tors

    Beyond Mon­ero’s com­mon per­cep­tion as being untrace­able, to what degree Mon­ero real­ly does pro­tect CSAM ven­dors remains a sub­ject of debate and secre­cy. Chainal­y­sis has long main­tained pub­lic silence on whether it offers Mon­ero-trac­ing capa­bil­i­ties to its cus­tomers. But a leaked slide from one of the com­pa­ny’s pre­sen­ta­tions to Ital­ian police in 2021 claimed that Chainal­y­sis can pro­vide a “usable lead” in 65 per­cent of cas­es in which it worked with law enforce­ment to trace Mon­ero and could iden­ti­fy the like­ly sender, but not the recip­i­ent, in anoth­er 20 per­cent of cas­es.

    On that same leaked slide, Chainal­y­sis also referred to a case in which “cus­tomers of a CSAM web­site in Asia were iden­ti­fied from trans­ac­tions with the admin­is­tra­tor’s seized Mon­ero wal­let.”

    Chainal­y­sis declined to answer WIRED’s ques­tions on Mon­ero trac­ing. But its report hints that law enforce­ment might “con­sid­er invest­ment in spe­cial­ized blockchain analy­sis ser­vices that can make Mon­ero trac­ing pos­si­ble,” as well as call­ing for instant exchang­ers to build safe­guards that pre­vent their abuse by CSAM sell­ers.

    Tak­en togeth­er, the study sug­gests a form of com­plex and messy nat­ur­al selec­tion play­ing out in the inter­net’s exploita­tion econ­o­my. The sell­ers of child abuse images and videos who once naive­ly believed that sim­ply using cryp­tocur­ren­cy would pro­tect them from law enforce­ment are dis­ap­pear­ing. They’re being replaced by a new gen­er­a­tion of sur­viv­ing CSAM sell­ers who are far more care­ful in their cryp­tocur­ren­cy trans­ac­tions. But in an ecosys­tem where cryp­tocur­ren­cy trac­ers like Chainal­y­sis remain the real apex preda­tors, even those more resilient mem­bers of the dig­i­tal child abuse indus­try may not be as safe as they think.

    ———-

    “Child Abusers Are Get­ting Bet­ter at Using Cryp­to to Cov­er Their Tracks” by Andy Green­berg; Wired; 01/11/2024

    “Now, after years of evo­lu­tion in that grim cat-and-mouse game, new evi­dence sug­gests that online ven­dors of what was once com­mon­ly called “child porn” are learn­ing to use cryp­tocur­ren­cy with sig­nif­i­cant­ly more skill and stealth—and that it’s help­ing them sur­vive longer in the inter­net’s most abu­sive indus­try.”

    As awful as this news is, we should­n’t be sur­prised. It was real­ly just a mat­ter of time before the gener­ic skills used to obscure cryp­to-trails start­ed get­ting applied to the child porn sec­tor. And it’s par­tic­u­lar­ly dis­turb­ing to learn that 2023 was appar­ent­ly a year when CSAM pur­vey­ors got sig­nif­i­cant­ly more suc­cess­ful in evad­ing law enforce­ment. Appar­ent­ly by increas­ing­ly rely­ing on the ser­vices of “mix­ers” that effec­tive­ly engage in group laun­der­ing. But in a way this increased sophis­ti­ca­tion of CSAM net­works is a good thin in the sense that it’s hap­pen­ing in response to peo­ple get­ting caught via the cryp­to. It’s an evolv­ing game of cat and mouse:

    ...
    Today, as part of an annu­al crime report, cryp­tocur­ren­cy trac­ing firm Chainal­y­sis revealed new research that ana­lyzed blockchains to mea­sure the chang­ing scale and sophis­ti­ca­tion of the cryp­tocur­ren­cy-based sale of child sex­u­al abuse mate­ri­als, or CSAM, over the past four years. Total rev­enue from CSAM sold for cryp­tocur­ren­cy has actu­al­ly gone down since 2021, Chainal­y­sis found, along with the num­ber of new CSAM sell­ers accept­ing cryp­to. But the sophis­ti­ca­tion of cryp­to-based CSAM sales has been increas­ing. More and more, Chainal­y­sis dis­cov­ered, sell­ers of CSAM are using pri­va­cy tools like “mix­ers” and “pri­va­cy coins” that obfus­cate their mon­ey trails across blockchains.

    Per­haps because of that increased savvy, the com­pa­ny found that CSAM ven­dors active in 2023 per­sist­ed online—and evad­ed law enforcement—for a longer time than in any pre­vi­ous year, and about 57 per­cent longer than even in 2022. “Grow­ing sophis­ti­ca­tion makes iden­ti­fi­ca­tion hard­er. It makes trac­ing hard­er, it makes pros­e­cu­tion hard­er, and it makes res­cu­ing vic­tims hard­er,” says Eric Jar­dine, the researcher who led the Chainal­y­sis study. “So that sophis­ti­ca­tion dimen­sion is prob­a­bly the worst one you could see increas­ing over time.”

    ...

    To explain that new longevi­ty for some of the most harm­ful actors on the inter­net, Chainal­y­sis points to how CSAM ven­dors are increas­ing­ly laun­der­ing their pro­ceeds with cryp­tocur­ren­cy mixers—services that blend users’ funds to make trac­ing more difficult—such as Chip­Mix­er and Sin­bad. (US and Ger­man law enforce­ment shut down Chip­Mix­er in March 2023, but Sin­bad remains online despite fac­ing US sanc­tions for mon­ey laun­der­ing.) In 2023, Chainal­y­sis found that about 46 per­cent of CSAM ven­dors used mix­ers, up from around 22 per­cent in 2020.

    Chainal­y­sis also found that CSAM ven­dors are increas­ing­ly using “instant exchang­er” ser­vices that often col­lect lit­tle or no iden­ti­fy­ing infor­ma­tion on traders and allow them to swap bit­coin for cryp­tocur­ren­cies like Mon­ero and Zcash—“privacy coins” designed to obfus­cate or encrypt their blockchains to make trac­ing their cash-outs of prof­its far more dif­fi­cult. Chainal­y­sis’ Jar­dine says that Mon­ero in par­tic­u­lar seems to be gain­ing pop­u­lar­i­ty among CSAM pur­vey­ors. In the com­pa­ny’s inves­ti­ga­tions, Chainal­y­sis has seen it used repeat­ed­ly by CSAM sell­ers laun­der­ing funds through instant exchang­ers, and in mul­ti­ple cas­es it has also seen CSAM forums post Mon­ero address­es to solic­it dona­tions. While the instant exchang­ers did offer oth­er cryp­tocur­ren­cies, includ­ing the pri­va­cy coin Zcash, Chainal­y­sis’ report states that “we believe Mon­ero to be the cur­ren­cy of choice for laun­der­ing via instant exchang­ers.”

    ...

    Even as the resilience of CSAM sell­ers who used cryp­to grew in 2023, Chainal­y­sis says the over­all scale of the prob­lem may be declin­ing by some mea­sures. While the com­pa­ny found that the num­ber of CSAM-relat­ed cryp­tocur­ren­cy trans­ac­tions was up 89 per­cent since 2019, it dropped by 22 per­cent from 2022 to 2023. Chainal­y­sis also count­ed only 43 new ven­dors sell­ing CSAM for cryp­tocur­ren­cy in 2023, com­pared to 112 the pre­vi­ous year.

    The com­pa­ny’s researchers spec­u­late that the decline may be due in part to the CSAM under­ground’s increased aware­ness that cryp­tocur­ren­cy can be traced. In the high­ly pub­li­cized case of the Wel­come to Video dark web site, one of the biggest-ever online repos­i­to­ries of CSAM videos, Bit­coin trac­ing allowed law enforce­ment to iden­ti­fy and arrest 337 men around the world and to remove 23 chil­dren from exploita­tive sit­u­a­tions. (As an exam­ple of the pub­lic­i­ty around the case, WIRED detailed the inves­ti­ga­tion in a 2022 mag­a­zine cov­er sto­ry.) “It’s pos­si­ble that the Wel­come to Video case was a wake-up call for a lot of peo­ple,” says Sasha Plot­niko­va, a cyber­crime researcher at Chainal­y­sis.

    ...

    Beyond Mon­ero’s com­mon per­cep­tion as being untrace­able, to what degree Mon­ero real­ly does pro­tect CSAM ven­dors remains a sub­ject of debate and secre­cy. Chainal­y­sis has long main­tained pub­lic silence on whether it offers Mon­ero-trac­ing capa­bil­i­ties to its cus­tomers. But a leaked slide from one of the com­pa­ny’s pre­sen­ta­tions to Ital­ian police in 2021 claimed that Chainal­y­sis can pro­vide a “usable lead” in 65 per­cent of cas­es in which it worked with law enforce­ment to trace Mon­ero and could iden­ti­fy the like­ly sender, but not the recip­i­ent, in anoth­er 20 per­cent of cas­es.

    On that same leaked slide, Chainal­y­sis also referred to a case in which “cus­tomers of a CSAM web­site in Asia were iden­ti­fied from trans­ac­tions with the admin­is­tra­tor’s seized Mon­ero wal­let.”

    Chainal­y­sis declined to answer WIRED’s ques­tions on Mon­ero trac­ing. But its report hints that law enforce­ment might “con­sid­er invest­ment in spe­cial­ized blockchain analy­sis ser­vices that can make Mon­ero trac­ing pos­si­ble,” as well as call­ing for instant exchang­ers to build safe­guards that pre­vent their abuse by CSAM sell­ers.
    ...

    And that brings us to a poten­tial­ly sig­nif­i­cant devel­op­ment in the efforts to crack down on the CSAM cryp­to-trade: the US Trea­sury Depart­ment announced a pro­pos­al back in Octo­ber that would entail the first-ever use of pow­ers grant­ed in the wake of 9/11. So called “death-knell” pow­ers that can com­pel finan­cial insti­tu­tions, includ­ing for­eign banks, into hand­ing over infor­ma­tion to the US trea­sury. Infor­ma­tion that could include the per­son­al iden­ti­ties of peo­ple involved in trans­ac­tions. Under the pro­pos­al, US finan­cial insti­tu­tions and finan­cial agen­cies will be asked to iden­ti­fy, col­lect and report cer­tain infor­ma­tion relat­ed to inter­na­tion­al mix­er trans­ac­tions, includ­ing per­son­al and trans­ac­tion­al infor­ma­tion. In oth­er words, no more anony­mous mix­ing. It’s the kind of reg­u­la­tion that could effec­tive­ly be the death-knell for the Mix­er indus­try, at least assum­ing the threat of US sanc­tions is enough to Mix­ers who don’t com­ply out of busi­ness:

    The Wall Street Jour­nal

    U.S. Tar­gets Cryp­to Mix­ers Over Mon­ey Laun­der­ing Risks

    In an unprece­dent­ed action, the U.S. Trea­sury Depart­ment has pro­posed reg­u­la­tions requir­ing addi­tion­al record-keep­ing and report­ing on mix­er trans­ac­tions

    By Ian Tal­ley and Mengqi Sun
    Oct. 19, 2023 6:30 pm ET

    The Biden admin­is­tra­tion des­ig­nat­ed inter­na­tion­al cryp­tocur­ren­cy plat­forms com­mon­ly known as “mix­ers” as pri­ma­ry mon­ey-laun­der­ing hubs that threat­en nation­al secu­ri­ty.

    The U.S. Trea­sury Department’s unprece­dent­ed proposal—using laws usu­al­ly deployed against for­eign banks and for­eign jurisdictions—will require spe­cial record-keep­ing and report­ing for any finan­cial trans­ac­tions involv­ing inter­na­tion­al mix­ers. The poten­tial tar­get­ing of an entire class of trans­ac­tion rep­re­sents a sig­nif­i­cant reg­u­la­to­ry step meant to shape the future of the glob­al finan­cial sys­tem.

    The pro­pos­al comes amid increas­ing pres­sure from Capi­tol Hill about the role of cryp­to in help­ing finance mil­i­tant groups fol­low­ing the Oct. 7 Hamas attack on Israel.

    “Today’s action under­scores Treasury’s com­mit­ment to com­bat­ing the exploita­tion of con­vert­ible vir­tu­al cur­ren­cy mix­ing by a broad range of illic­it actors, includ­ing state-affil­i­at­ed cyber actors, cyber­crim­i­nals, and ter­ror­ist groups,” said Wal­ly Adeye­mo, deputy Trea­sury sec­re­tary. “More broad­ly, the Trea­sury Depart­ment is aggres­sive­ly com­bat­ing illic­it use of all aspects of the CVC ecosys­tem by ter­ror­ist groups, includ­ing Hamas and Pales­tin­ian Islam­ic Jihad.”

    The pro­posed new reg­u­la­tion, unveiled by the Finan­cial Crimes Enforce­ment Net­work on Thurs­day, will be open to pub­lic com­ment for 90 days before pos­si­ble adop­tion. The pro­posed rule-mak­ing allows its tar­gets to take reme­di­al action, even poten­tial­ly secur­ing their release from the sanc­tion.

    ...

    Mix­ers are cryp­to plat­forms that enable users to exchange cryp­tocur­ren­cy with rel­a­tive anonymi­ty. These plat­forms have come under intense reg­u­la­to­ry scruti­ny in recent months, with U.S. reg­u­la­tors sanc­tion­ing plat­forms and charg­ing their founders.

    The pro­posed rules would ask U.S. finan­cial insti­tu­tions and finan­cial agen­cies to iden­ti­fy, col­lect and report cer­tain infor­ma­tion relat­ed to inter­na­tion­al mix­er trans­ac­tions, includ­ing per­son­al and trans­ac­tion­al infor­ma­tion. The offi­cial iden­ti­fi­ca­tion of mix­ers as pri­ma­ry mon­ey-laun­der­ing con­cerns could poten­tial­ly give Trea­sury broad sanc­tion author­i­ty, includ­ing the abil­i­ty to cut tar­gets off from U.S. mar­kets.

    Trea­sury is propos­ing to use rarely-used pow­ers cre­at­ed in the wake of the Sept. 11, 2001 ter­ror­ist attacks against the U.S., dubbed “death-knell sanc­tions” because they can close for­eign banks and oth­er finan­cial insti­tu­tions believed to be nation­al secu­ri­ty threats.

    Mix­ers only rep­re­sent a frac­tion of the cryp­to mar­ket, but the pro­posed reg­u­la­tion rep­re­sents a warn­ing shot to oth­er cryp­to plat­forms. As cryp­to and oth­er forms of new finan­cial tech­nol­o­gy begin to sup­plant tra­di­tion­al finan­cial sys­tems, finan­cial watch­dogs, nation­al secu­ri­ty agen­cies and law­mak­ers are grap­pling with how to shape reg­u­la­tion. Chief among reg­u­la­tor, law enforce­ment and nation­al secu­ri­ty con­cerns is the anonymi­ty cryp­to can pro­vide if plat­forms don’t require users to ver­i­fy their iden­ti­ty.

    Trea­sury offi­cials say that by tar­get­ing anonymi­ty, it can allow the fin­tech sec­tor to grow but help ame­lio­rate those risks. If anonymi­ty is addressed, cur­rent and for­mer secu­ri­ty offi­cials say that blockchain finan­cial tech­nol­o­gy also could be a very pow­er­ful tool for author­i­ties to trace mon­ey laun­der­ing and ter­ror finance, dis­rupt­ing and pre­vent­ing illic­it finance because of the immutable paper trail that blockchain rep­re­sents.

    “The lack of trans­paren­cy sur­round­ing inter­na­tion­al [con­vert­ible vir­tu­al cur­ren­cy] mix­ing activ­i­ty is an acute mon­ey laun­der­ing and nation­al secu­ri­ty risk,” Trea­sury said in jus­ti­fy­ing its action. “Increas­ing trans­paren­cy in con­nec­tion with this activ­i­ty is a key com­po­nent to deny­ing illic­it actors access to the U.S. and glob­al finan­cial sys­tems.”

    FinCEN’s pro­pos­al could have a chill­ing effect by fur­ther asso­ci­at­ing cer­tain cryp­to activ­i­ties with ter­ror­ist financ­ing and mon­ey laun­der­ing, accord­ing to Alex Zer­den, a for­mer Fin­CEN offi­cial who found­ed finan­cial tech­nol­o­gy and risk advi­so­ry firm Capi­tol Peak Strate­gies.

    “No one was sur­prised to see this iden­ti­fied,” con­sid­er­ing recent actions tak­en by the U.S. author­i­ties against mix­ers, said Zer­den. Although the pro­pos­al has like­ly been in the works for some time, announc­ing it now is a way to demon­strate to law­mak­ers the Biden admin­is­tra­tion is tak­ing action, Zer­den said.

    The U.S. Trea­sury and Jus­tice Depart­ments have focused much of their efforts in recent years on tar­get­ing cryp­to plat­forms whose anonymi­ty ser­vices or weak com­pli­ance sys­tems have allowed bad actors to finance their oper­a­tions.

    The U.S. author­i­ties in Jan­u­ary des­ig­nat­ed cryp­to exchange Bit­zla­to Ltd. as a pri­ma­ry mon­ey-laun­der­ing con­cern and charged its founder with alleged­ly facil­i­tat­ing mon­ey laun­der­ing for crim­i­nals.

    Trea­sury last year also sanc­tioned the Tor­na­do Cash cryp­to mix­er, accus­ing it of laun­der­ing more than $1 bil­lion, includ­ing $455 mil­lion alleged­ly stolen by North Kore­an hack­ers, with fed­er­al pros­e­cu­tors charg­ing its two founders in August with mon­ey laun­der­ing.

    The Wall Street Jour­nal last week report­ed that Hamas, the ter­ror-des­ig­nat­ed group respon­si­ble for the Oct. 7 attack against Israel, and oth­er mil­i­tant groups raised mil­lions of dol­lars through cryp­to plat­forms, using meth­ods meant to obscure financiers.

    Some law­mak­ers have used these exam­ples to rail against cryp­to, though most illic­it finance is still con­duct­ed through the tra­di­tion­al finan­cial system—several tril­lion dol­lars a year ver­sus a few hun­dred bil­lion annu­al­ly for cryp­to.

    More than a hun­dred law­mak­ers signed on to a let­ter sent to Trea­sury and Nation­al Secu­ri­ty Advi­sor Jake Sul­li­van ear­li­er this week press­ing the admin­is­tra­tion to detail its plans to dis­rupt ter­ror financ­ing through cryp­to. Led by a promi­nent crit­ic of the cryp­to indus­try and co-author of the let­ter, Sen. Eliz­a­beth War­ren, (D., Mass.), the law­mak­ers urged the admin­is­tra­tion “to swift­ly and cat­e­gor­i­cal­ly act to mean­ing­ful­ly cur­tail illic­it cryp­to activ­i­ty and pro­tect our nation­al secu­ri­ty and that of our allies.”

    ...

    ———

    “U.S. Tar­gets Cryp­to Mix­ers Over Mon­ey Laun­der­ing Risks” By Ian Tal­ley and Mengqi Sun; The Wall Street Jour­nal; 10/19/2023

    The U.S. Trea­sury Department’s unprece­dent­ed proposal—using laws usu­al­ly deployed against for­eign banks and for­eign jurisdictions—will require spe­cial record-keep­ing and report­ing for any finan­cial trans­ac­tions involv­ing inter­na­tion­al mix­ers. The poten­tial tar­get­ing of an entire class of trans­ac­tion rep­re­sents a sig­nif­i­cant reg­u­la­to­ry step meant to shape the future of the glob­al finan­cial sys­tem. ”

    For the first time ever, the US Trea­sury Depart­ment is plan­ning on deploy­ing pow­ers orig­i­nal grant­ed in the wake of 9/11. Pow­ers dubbed “death-knell sanc­tions” that can close for­eign banks and oth­er finan­cial insti­tu­tions believed to be nation­al secu­ri­ty threats. It sounds like ‘mix­ers’ any­where in the world poten­tial­ly face US sanc­tions if they don’t iden­ti­fy, col­lect and report cer­tain infor­ma­tion relat­ed to mix­er trans­ac­tions includ­ing per­son­al infor­ma­tion, which real­ly would be a death-knell for an indus­try that exists to exe­cute mon­ey laun­der­ing by obscur­ing the own­er­ship of cryp­to cur­ren­cy. It’s a high­ly tar­get­ed crack­down on what is a rel­a­tive niche form of laun­der­ing since the vast major­i­ty of mon­ey-laun­der­ing today is done through the tra­di­tion­al bank­ing sys­tem as has been the case for decades. This is a good time to recall how the UN announced in 2009 that hun­dreds of bil­lions of dol­lars in drug car­tel mon­ey helped keep the bank­ing sys­tem afloat dur­ing the 2008 finan­cial cri­sis. But it’s the kind of tar­get­ed crack­down that could, hope­ful­ly, put a major dent in the abil­i­ty of groups that don’t have access to the tra­di­tion­al bank­ing sys­tem. Like ter­ror­ists. Or child abusers:

    ...
    Mix­ers are cryp­to plat­forms that enable users to exchange cryp­tocur­ren­cy with rel­a­tive anonymi­ty. These plat­forms have come under intense reg­u­la­to­ry scruti­ny in recent months, with U.S. reg­u­la­tors sanc­tion­ing plat­forms and charg­ing their founders.

    The pro­posed rules would ask U.S. finan­cial insti­tu­tions and finan­cial agen­cies to iden­ti­fy, col­lect and report cer­tain infor­ma­tion relat­ed to inter­na­tion­al mix­er trans­ac­tions, includ­ing per­son­al and trans­ac­tion­al infor­ma­tion. The offi­cial iden­ti­fi­ca­tion of mix­ers as pri­ma­ry mon­ey-laun­der­ing con­cerns could poten­tial­ly give Trea­sury broad sanc­tion author­i­ty, includ­ing the abil­i­ty to cut tar­gets off from U.S. mar­kets.

    Trea­sury is propos­ing to use rarely-used pow­ers cre­at­ed in the wake of the Sept. 11, 2001 ter­ror­ist attacks against the U.S., dubbed “death-knell sanc­tions” because they can close for­eign banks and oth­er finan­cial insti­tu­tions believed to be nation­al secu­ri­ty threats.

    Mix­ers only rep­re­sent a frac­tion of the cryp­to mar­ket, but the pro­posed reg­u­la­tion rep­re­sents a warn­ing shot to oth­er cryp­to plat­forms. As cryp­to and oth­er forms of new finan­cial tech­nol­o­gy begin to sup­plant tra­di­tion­al finan­cial sys­tems, finan­cial watch­dogs, nation­al secu­ri­ty agen­cies and law­mak­ers are grap­pling with how to shape reg­u­la­tion. Chief among reg­u­la­tor, law enforce­ment and nation­al secu­ri­ty con­cerns is the anonymi­ty cryp­to can pro­vide if plat­forms don’t require users to ver­i­fy their iden­ti­ty.

    Trea­sury offi­cials say that by tar­get­ing anonymi­ty, it can allow the fin­tech sec­tor to grow but help ame­lio­rate those risks. If anonymi­ty is addressed, cur­rent and for­mer secu­ri­ty offi­cials say that blockchain finan­cial tech­nol­o­gy also could be a very pow­er­ful tool for author­i­ties to trace mon­ey laun­der­ing and ter­ror finance, dis­rupt­ing and pre­vent­ing illic­it finance because of the immutable paper trail that blockchain rep­re­sents.

    “The lack of trans­paren­cy sur­round­ing inter­na­tion­al [con­vert­ible vir­tu­al cur­ren­cy] mix­ing activ­i­ty is an acute mon­ey laun­der­ing and nation­al secu­ri­ty risk,” Trea­sury said in jus­ti­fy­ing its action. “Increas­ing trans­paren­cy in con­nec­tion with this activ­i­ty is a key com­po­nent to deny­ing illic­it actors access to the U.S. and glob­al finan­cial sys­tems.”

    ...

    The Wall Street Jour­nal last week report­ed that Hamas, the ter­ror-des­ig­nat­ed group respon­si­ble for the Oct. 7 attack against Israel, and oth­er mil­i­tant groups raised mil­lions of dol­lars through cryp­to plat­forms, using meth­ods meant to obscure financiers.

    Some law­mak­ers have used these exam­ples to rail against cryp­to, though most illic­it finance is still con­duct­ed through the tra­di­tion­al finan­cial system—several tril­lion dol­lars a year ver­sus a few hun­dred bil­lion annu­al­ly for cryp­to.
    ...

    And note how, while the Octo­ber 7 attacks and crack­ing down on Hamas is the stat­ed rea­son for this pro­pos­al, it was some­thing reg­u­la­tors had like­ly been work­ing on for months, long before the attacks. Cryp­to mix­er ser­vices are sim­ply too bla­tant a laun­der­ing mech­a­nism to ignore:

    ...
    The pro­pos­al comes amid increas­ing pres­sure from Capi­tol Hill about the role of cryp­to in help­ing finance mil­i­tant groups fol­low­ing the Oct. 7 Hamas attack on Israel.

    “Today’s action under­scores Treasury’s com­mit­ment to com­bat­ing the exploita­tion of con­vert­ible vir­tu­al cur­ren­cy mix­ing by a broad range of illic­it actors, includ­ing state-affil­i­at­ed cyber actors, cyber­crim­i­nals, and ter­ror­ist groups,” said Wal­ly Adeye­mo, deputy Trea­sury sec­re­tary. “More broad­ly, the Trea­sury Depart­ment is aggres­sive­ly com­bat­ing illic­it use of all aspects of the CVC ecosys­tem by ter­ror­ist groups, includ­ing Hamas and Pales­tin­ian Islam­ic Jihad.”

    ...

    FinCEN’s pro­pos­al could have a chill­ing effect by fur­ther asso­ci­at­ing cer­tain cryp­to activ­i­ties with ter­ror­ist financ­ing and mon­ey laun­der­ing, accord­ing to Alex Zer­den, a for­mer Fin­CEN offi­cial who found­ed finan­cial tech­nol­o­gy and risk advi­so­ry firm Capi­tol Peak Strate­gies.

    “No one was sur­prised to see this iden­ti­fied,” con­sid­er­ing recent actions tak­en by the U.S. author­i­ties against mix­ers, said Zer­den. Although the pro­pos­al has like­ly been in the works for some time, announc­ing it now is a way to demon­strate to law­mak­ers the Biden admin­is­tra­tion is tak­ing action, Zer­den said.
    ...

    Also, note that the 90 review peri­od should be up any day now, so it’s pos­si­ble these new rules will come into effect soon­er rather than lat­er:

    ...
    The pro­posed new reg­u­la­tion, unveiled by the Finan­cial Crimes Enforce­ment Net­work on Thurs­day, will be open to pub­lic com­ment for 90 days before pos­si­ble adop­tion. The pro­posed rule-mak­ing allows its tar­gets to take reme­di­al action, even poten­tial­ly secur­ing their release from the sanc­tion.
    ...

    2024 could end up being a wild year for the cryp­to mar­kets. Thanks to a crack­down on anonymi­ty. Because as the fol­low­ing Wired piece (also by Andy Green­berg) notes, with­out these mix­ing ser­vices all cryp­to trans­ac­tions are essen­tial­ly pub­lic:

    Wired

    Cit­ing Hamas, the US Wants to Offi­cial­ly Treat Cryp­to Anonymi­ty Ser­vices as Sus­pect­ed Mon­ey Laun­der­ers

    With a new empha­sis on the Hamas attacks on Israel, the US Trea­sury has pro­posed des­ig­nat­ing for­eign cryp­tocur­ren­cy “mix­er” ser­vices as mon­ey laun­der­ers and nation­al secu­ri­ty threats.

    Andy Green­berg
    Secu­ri­ty
    Oct 19, 2023 6:59 PM

    Hamas’ attacks Against Israel on Octo­ber 7 have shift­ed the geopo­lit­i­cal land­scape and trig­gered a loom­ing Israeli ground assault in the Gaza Strip. Now the rip­ple effects are reach­ing the cryp­tocur­ren­cy indus­try, where they’ve become the Unit­ed States Depart­ment of the Treasury’s ral­ly­ing cry for a crack­down on cryp­tocur­ren­cy anonymi­ty ser­vices.

    The US Treasury’s Finan­cial Crimes Enforce­ment Net­work (Fin­CEN) today released a set of pro­posed rules that would des­ig­nate for­eign cryp­tocur­ren­cy “mixers”—services that blend users’ dig­i­tal funds to offer more anonymi­ty and make them hard­er to trace—as mon­ey laun­der­ing tools that pose a threat to nation­al secu­ri­ty and would thus face new sanc­tions and reg­u­la­tions. The new rules, if adopt­ed fol­low­ing a 90-day peri­od of pub­lic com­ment and debate, would poten­tial­ly rep­re­sent the broad­est restric­tions imposed yet on the mix­ing ser­vices and could make it far hard­er for cryp­tocur­ren­cy hold­ers to put their mon­ey through the ser­vices before cash­ing it out at a US cryp­tocur­ren­cy exchange, or even at a for­eign exchange that accepts US cus­tomers.

    ...

    Cryp­tocur­ren­cy mix­ers have exist­ed almost as long as Bit­coin itself. They offer to take in a user’s cryp­tocur­ren­cy, blend it with that of oth­er users, and return the funds so that they are hard­er to fol­low from their ori­gin to des­ti­na­tion on blockchains, which gen­er­al­ly record every trans­ac­tion in full pub­lic view. The Treasury’s rule change would des­ig­nate those cryp­tocur­ren­cy-mix­ing services—or at least the major­i­ty of them that are based out­side the US—as a “pri­ma­ry mon­ey laun­der­ing con­cern.” They would thus be con­sid­ered a threat to US nation­al secu­ri­ty as defined by sec­tion 311 of the Patri­ot Act, a sec­tion of the law designed to restrict how domes­tic finan­cial insti­tu­tions inter­act with poten­tial sources of ter­ror­ist financ­ing.

    The rule change would mean that US finan­cial ser­vices, as well for­eign ones with US customers—including cryp­tocur­ren­cy exchanges—would have to go through extra record-keep­ing and report­ing require­ments for funds that have touched a for­eign cryp­tocur­ren­cy mix­er, and it might even allow the Trea­sury to block US exchanges from han­dling those funds. “We’ve nev­er seen any­thing like this before,” says Ari Red­bord, the head of glob­al pol­i­cy for TRM Labs, a blockchain analy­sis firm. Red­bord notes that the rule change isn’t propos­ing a blan­ket ban on for­eign mix­ing ser­vices, only new rules for inter­act­ing with them. “The real­i­ty, how­ev­er, is that 311 actions often­times have a sort of name-and-shame effect, where peo­ple are just not want­i­ng to engage with these plat­forms out of fear of being caught up in mon­ey laun­der­ing or oth­er type of illic­it activ­i­ty.”

    ...

    Hamas and mil­i­tant groups’ use of cryp­tocur­ren­cy, while sig­nif­i­cant, pales in com­par­i­son to the amount of cryp­tocur­ren­cy used by oth­er illic­it actors. Hamas, for instance, raised $41 mil­lion in cryp­tocur­ren­cy over the past two years, and Pales­tin­ian Islam­ic Jihad raised $91 mil­lion, accord­ing to a report last week in the Wall Street Jour­nal that cit­ed analy­ses by cryp­tocur­ren­cy trac­ing firms and seizures by the Israeli gov­ern­ment.

    It’s not clear, how­ev­er, how much of those funds actu­al­ly made it to these groups before being seized. In fact, Hamas asked its donors to stop using cryp­tocur­ren­cy in April of 2023, due to the pub­lic nature of the trans­ac­tions on blockchains and the risk of pros­e­cu­tion. Cryp­tocur­ren­cy trac­ing firm Chainal­y­sis, which fre­quent­ly works with gov­ern­ment and law enforce­ment cus­tomers, went so far as to pub­lish a blog post yes­ter­day cau­tion­ing against mis­tak­en analy­ses that over­es­ti­mate the role of cryp­tocur­ren­cy in financ­ing enti­ties like Hamas and the Pales­tin­ian Islam­ic Jihad.

    North Kore­an state-spon­sored cyber­crim­i­nals, Russ­ian ran­somware gangs, and oth­er crim­i­nal groups, by con­trast, have pock­et­ed bil­lions of dol­lars through their theft of cryp­tocur­ren­cy or use of the tech­nol­o­gy as a means of demand­ing extor­tion pay­ments from vic­tims. Thieves stole $3.8 bil­lion in cryp­to last year—much of which went to the North Kore­an regime—and ran­somware hack­ers extort­ed close to $450 mil­lion in just the first half of 2023, accord­ing to Chainal­y­sis.

    Those crim­i­nals often use cryp­tocur­ren­cy mix­ing ser­vices, fun­nel­ing hun­dreds of mil­lions of dol­lars into ser­vices like Chip­Mix­er and Sinbad.io. In fact, US law enforce­ment and the Trea­sury Depart­ment have aggres­sive­ly sanc­tioned or shut down one mix­er ser­vice after anoth­er in recent years, includ­ing Blender, Tor­nado­Cash, and Bit­zla­to, often cit­ing their use in laun­der­ing the prof­its of those North Kore­an and Russ­ian hack­ers.

    The new Fin­CEN rules would be less severe than those sanc­tions, indict­ments, and busts—a new reg­u­la­to­ry process rather than a ban—but also far wider in scope, says Jason Somen­sat­to, Chainal­y­sis’ head of North Amer­i­ca pub­lic pol­i­cy. “The impact can be much broad­er,” says Somen­sat­to. “They can say that this applies to all mix­ing ser­vices that peo­ple are inter­act­ing with.”

    As the Trea­sury dou­bles down on its push to cut off cryp­to-based mon­ey laundering—and now points to Hamas as a new impe­tus for that crackdown—TRM Labs’ Red­bord cau­tions that US reg­u­la­tors shouldn’t go too far in cen­sur­ing ser­vices that do, in some cas­es, offer finan­cial pri­va­cy to legit­i­mate users. After all, with­out mix­ers, most cryp­tocur­ren­cy trans­ac­tions are ful­ly pub­lic in nature. “I think the chal­lenge for reg­u­la­tors is, how do we thread the nee­dle between stop­ping illic­it actors from using these plat­forms but at the same time allow reg­u­lar users to enable some degree of pri­va­cy?” Red­bord says. “I think the con­cern is that this could very much be throw­ing the baby out with the bath­wa­ter.”

    ———-

    “Cit­ing Hamas, the US Wants to Offi­cial­ly Treat Cryp­to Anonymi­ty Ser­vices as Sus­pect­ed Mon­ey Laun­der­ers” by Andy Green­berg; Wired; 10/19/2023

    “As the Trea­sury dou­bles down on its push to cut off cryp­to-based mon­ey laundering—and now points to Hamas as a new impe­tus for that crackdown—TRM Labs’ Red­bord cau­tions that US reg­u­la­tors shouldn’t go too far in cen­sur­ing ser­vices that do, in some cas­es, offer finan­cial pri­va­cy to legit­i­mate users. After all, with­out mix­ers, most cryp­tocur­ren­cy trans­ac­tions are ful­ly pub­lic in nature. “I think the chal­lenge for reg­u­la­tors is, how do we thread the nee­dle between stop­ping illic­it actors from using these plat­forms but at the same time allow reg­u­lar users to enable some degree of pri­va­cy?” Red­bord says. “I think the con­cern is that this could very much be throw­ing the baby out with the bath­wa­ter.””

    Mix­ing ser­vices aren’t just a con­ve­nience. They’ve been a vital anonymi­ty tool that have exist­ed for almost the entire­ty of the cryp­tocur­ren­cy era. It’s not clear there are alter­na­tives to these mid­dle-men obfus­cat­ing the pub­lic blockchain trails. And while the new reg­u­la­tions only involve finan­cial insti­tu­tions that do busi­ness with US cus­tomers, it’s not hard to imag­ine laws like this spread­ing to gov­ern­ments around the world, whether the rea­son is fight­ing ter­ror­ism, mon­ey-laun­der­ing, or child sex abuse. There’s no short­age of excus­es for gov­ern­ments to impose these kinds of rules:

    ...
    The US Treasury’s Finan­cial Crimes Enforce­ment Net­work (Fin­CEN) today released a set of pro­posed rules that would des­ig­nate for­eign cryp­tocur­ren­cy “mixers”—services that blend users’ dig­i­tal funds to offer more anonymi­ty and make them hard­er to trace—as mon­ey laun­der­ing tools that pose a threat to nation­al secu­ri­ty and would thus face new sanc­tions and reg­u­la­tions. The new rules, if adopt­ed fol­low­ing a 90-day peri­od of pub­lic com­ment and debate, would poten­tial­ly rep­re­sent the broad­est restric­tions imposed yet on the mix­ing ser­vices and could make it far hard­er for cryp­tocur­ren­cy hold­ers to put their mon­ey through the ser­vices before cash­ing it out at a US cryp­tocur­ren­cy exchange, or even at a for­eign exchange that accepts US cus­tomers.

    ...

    Cryp­tocur­ren­cy mix­ers have exist­ed almost as long as Bit­coin itself. They offer to take in a user’s cryp­tocur­ren­cy, blend it with that of oth­er users, and return the funds so that they are hard­er to fol­low from their ori­gin to des­ti­na­tion on blockchains, which gen­er­al­ly record every trans­ac­tion in full pub­lic view. The Treasury’s rule change would des­ig­nate those cryp­tocur­ren­cy-mix­ing services—or at least the major­i­ty of them that are based out­side the US—as a “pri­ma­ry mon­ey laun­der­ing con­cern.” They would thus be con­sid­ered a threat to US nation­al secu­ri­ty as defined by sec­tion 311 of the Patri­ot Act, a sec­tion of the law designed to restrict how domes­tic finan­cial insti­tu­tions inter­act with poten­tial sources of ter­ror­ist financ­ing.

    The rule change would mean that US finan­cial ser­vices, as well for­eign ones with US customers—including cryp­tocur­ren­cy exchanges—would have to go through extra record-keep­ing and report­ing require­ments for funds that have touched a for­eign cryp­tocur­ren­cy mix­er, and it might even allow the Trea­sury to block US exchanges from han­dling those funds. “We’ve nev­er seen any­thing like this before,” says Ari Red­bord, the head of glob­al pol­i­cy for TRM Labs, a blockchain analy­sis firm. Red­bord notes that the rule change isn’t propos­ing a blan­ket ban on for­eign mix­ing ser­vices, only new rules for inter­act­ing with them. “The real­i­ty, how­ev­er, is that 311 actions often­times have a sort of name-and-shame effect, where peo­ple are just not want­i­ng to engage with these plat­forms out of fear of being caught up in mon­ey laun­der­ing or oth­er type of illic­it activ­i­ty.”
    ...

    That’s all part of what’s going to make these new “mix­er” rules a sto­ry to keep an eye on. This could be a very very big deal. Arguably the biggest deal in the his­to­ry of cryp­to cur­ren­cies. For all the hoopla about the pow­er of cryp­tog­ra­phy in ‘secur­ing’ cryp­tog­ra­phy, it’s long been the abil­i­ty of these mix­er ser­vices to oper­ate as for-prof­it obfus­cat­ing trans­ac­tion­al mid­dle-men that has enabled cryp­tocur­ren­cies to oper­ate as plat­forms for anonymi­ty. An abil­i­ty that was heav­i­ly pred­i­cat­ed on the will­ing­ness of gov­ern­ments to tol­er­ate the exis­tence of these kinds of busi­ness. So it appears we are in store for both a stress test of the via­bil­i­ty of cryp­tocur­ren­cies to oper­ate in an envi­ron­ment where mix­ers are cracked down on, but also a poten­tial polit­i­cal stress test on the will­ing­ness of politi­cians to imple­ment these crack­downs. Will the Biden admin­is­tra­tion face polit­i­cal heat over this move? Or is pro­tect­ing the anonymi­ty of ter­ror­ists and child porn ped­dlers a bridge too far even in today’s polit­i­cal envi­ron­ment? It’s also a kind of test of the pow­er of US sanc­tions. Will there be gov­ern­ments will­ing to oper­ate as mix­er safe havens? Time will tell. But a poten­tial­ly his­toric new reg­u­la­tion that could effec­tive­ly kill cryp­to-anonymi­ty — or at least make it a lot hard­er to main­tain — is about to come into force. A long over­due stress-test that will hope­ful­ly break the things that should have been bro­ken years ago.

    Posted by Pterrafractyl | January 15, 2024, 5:05 pm

Post a comment