IMDEA Software researchers Gibran Gómez, Pedro Moreno-Sánchez and Juan Caballero have created an open-source automated tool to trace the financial relationships of malicious entities abusing Bitcoin technology, tested on 30 malware families. The study “Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration”, in which they present their research and the tool, was presented at the prestigious CCS’22 conference (ACM Conference on Computer and Communications Security) in November last year.
Cybercrime is the scourge of the digital environment. Fraud, phishing, identity theft, identity theft, phishing or computer fraud are just a few examples of illegal activities on the network. Blockchain technology and cryptocurrencies, such as Bitcoin, have consistently attracted the attention of cybercriminals, who have often used them as a means of payment and even as a means of storing data for illegal purposes.
Gibran, Pedro and Juan are aware of this problem and have analyzed more than 7,500 Bitcoin addresses belonging to 30 malware families, including ransomware families, clippers, sextorsion, crypto-jackers or info-stealers.
The main advantage of the back-and-forth exploration method, used in the study, is that it allows the tracking of all transactions produced by a Bitcoin address recursively. This means that if a Bitcoin address receives cryptocurrencies from another address, and this in turn sends them to a third address, the entire path of the cryptocurrencies can be traced from the first address, or from the last.
As Gibran Gómez points out, “one of the main advantages of the tool is that the user can replicate the whole process in a transparent way, which allows the results to be verified”.
The tool, in addition to serving Bitcoin users themselves, could be particularly useful for law enforcement agencies, as it would allow them to identify paths between malicious addresses and deposit addresses used by operators of illegal activities belonging to financial entities regulated by KYC guidelines, such as such as exchanges (cryptocurrency exchanges). This means that the National Police can, for example, use such routes as evidence to obtain a court order to demand from a stock exchange personal information relating to the addresses involved, and to find out who the final recipients of the illegal money are.
In addition, Gómez advises users to take certain precautions before conducting transactions to avoid becoming the target of cybercrime: “It is important to be careful about including the destination address in a transaction. It is necessary to check several times that the destination address is correct to avoid clippers”. To prevent malware, he suggests always using antivirus software and running frequent computer scans and finally performing constant backups to avoid losing important data that could result from a ransomware attack.
Risk Warning: Cryptocurrency is an unregulated virtual notoriously volatile asset with a high level of risk. Any news, opinion, research, data or other information on this website is provided for news reporting purposes as general market commentary and does not constitute investment or trading advice.
