Book review of Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency by Andy Greenberg

Cryptocurrency corresponding to bitcoin has turn into the foreign money of selection for cybercriminals who consider that utilizing it protects them from regulation enforcement as a result of it’s nameless and untraceable.

It seems they’re solely half proper. Lower than a month after Colonial paid DarkSide, the Justice Division was capable of claw again practically half of the ransom. How may that occur with an untraceable foreign money? Know-how journalist Andy Greenberg explains in his new, immensely readable e-book, “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency.”

An editor and reporter at Wired, Greenberg is understood for his means to clarify sophisticated know-how in a approach anybody can perceive, and he doesn’t disappoint when he tackles crypto. Amongst different issues, he explains that cryptocurrency’s large public ledger, the “instantaneous examine of the blockchain, the unforgeable public document of who possessed each single bitcoin,” isn’t fairly as secret as criminals had imagined.

“In Bitcoin, for good and for unwell, everybody was witness to each fee … [which] provided an unlimited assortment of knowledge to research,” he writes. “Who may say what kinds of patterns would possibly give away customers who thought they have been cleverer than these watching them?”

To inform his story, Greenberg assembles an uncommon forged of characters, from IRS and DEA brokers to mathematicians corresponding to Sarah Meiklejohn on the College of California at San Diego, who first heard about bitcoin in 2011, throughout her PhD research. She had been centered on privateness analysis, finding out issues like methods that may enable individuals to pay highway tolls with out revealing their private actions or how thermal cameras may very well be used to trace the codes individuals punched into ATMs.

When she started to dig into the blockchain, she noticed a puzzle that may very well be solved. “Sure, identities behind these funds have been obscured by pseudonymous addresses, lengthy strings of between twenty-six and thirty-five characters,” Greenberg writes. “However to Meikeljohn, this appeared like an inherently harmful kind of fig leaf to cover behind. … The blockchain, like a large undeciphered corpus of an historical language, hid a wealth of secrets and techniques in plain view.”

What Meikeljohn found — and Greenberg lays out so effectively — is that there was a technique to collapse a few of bitcoin’s addresses into single identities. Typically a bitcoin transaction comes from a number of completely different addresses — as if, for a $10 transaction, you pulled a $5 invoice out of your pocket and fished one other one out of your pockets. Bitcoin software program makes that transaction by itemizing two addresses as inputs, after which whoever receives them as one output.

That’s a sample you possibly can see on the blockchain — and that was Meikeljohn’s epiphany. “She scanned her blockchain database for each multi-input transaction, linking all these double, triple and even hundredfold inputs to single identities,” Greenberg writes. “The end result instantly diminished the variety of potential Bitcoin customers from twelve million up to now to round 5 million, slicing away greater than half of the issue.”

Meiklejohn then began shopping for random issues with bitcoin to see how the wallets labored, and she or he found a quirk. “Many Bitcoin wallets solely allowed spenders to pay your complete quantity of cash sitting at a sure tackle,” Greenberg explains. “Every tackle was like a piggy financial institution that needs to be smashed open to spend the coin inside. Spend lower than the entire quantity in that piggy financial institution and the leftovers should be saved in a newly created piggy financial institution.”

So in case you are paying somebody “6 bitcoins from a 10-coin tackle … your change, 4 cash, is saved at a brand new tackle, which your pockets software program creates for you,” Greenberg writes. And that tackle the place your change is shipped can be utilized as an identifier. Meiklejohn realized that if she may “hyperlink the change addresses to the addresses they’d cut up off from, she may make her personal signposts. She may observe the cash regardless of its branching paths. The end result was that Meiklejohn may now hyperlink collectively complete chains of transactions that had beforehand been unlinked.”

Should you perceive this a lot concerning the mechanics of bitcoin and the blockchain, then the entire smoky world of crypto begins to open up. You’ll be able to piece collectively how regulation enforcement has managed to claw again ransoms (as within the Colonial Pipeline case) and carry the curtain on how cybersecurity and menace intelligence corporations have began tracing cryptocurrency transactions again to their supply — not as manually as Meiklejohn has performed, however with software program designed for that objective.

“Tracers within the Darkish” doesn’t cease there. With the basics defined, Greenberg takes readers on a romp by way of among the most notorious darkish net takedowns in latest reminiscence: the 2½-year observe and hint that recognized the founding father of the Silk Street market, 29-year-old Texan Ross Ulbricht; the 25-year-old Quebecois entrepreneur, Alexandre Cazes, who masterminded the drug market that took its place, AlphaBay. The tales are the stuff of thrillers, full with stakeouts and missed alternatives.

Greenberg makes a speciality of taking sophisticated tech and making it comprehensible. His final e-book, “Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers,” was a prescient cautionary story about Russia’s hacker corps and its vicious cyberattacks in opposition to Ukraine. He has now performed one thing equally deft in demystifying cryptocurrency.

After studying “Tracers within the Darkish,” I nonetheless rely myself as a crypto skeptic, only a barely extra enlightened one. Crypto nonetheless appears sketchy, not least as a result of its most important objective at this level seems to be permitting individuals to purchase unlawful issues on the web and enabling ransomware actors to receives a commission.

I’m not alone on this. “The truth that cryptocurrency is tough to clarify must be a warning signal,” the cryptographer Bruce Schneier as soon as instructed me. “You might be gonna get hoodwinked, you might be gonna get defrauded, you’re gonna lose your cash, when you don’t perceive it.”

Assume FTX. Whereas that implosion seems to be extra about fraud and oversight and never concerning the blockchain, it’s nonetheless a cautionary story. Which is why, as a lot as I loved Greenberg’s e-book, I’m sticking with money.

Dina Temple-Raston was a longtime correspondent at NPR and is now the host and government producer of “Click on Right here,” one in all Apple’s prime tech information podcasts about all issues cyber and intelligence.

The International Hunt for the Crime Lords of Cryptocurrency

Doubleday. 367 pp. $32.50