Andy Greenberg: “Bitcoin is a trap that many criminals have fallen into”

The technicality of cryptocurrencies often creates huge misunderstandings. In recent days, the brutal crash of the crypto exchange giant FTX is a reminder that regulators are struggling to understand and control this tumultuous sector. A few months earlier, the sharp reversal of the crypto market (in one year, bitcoin lost 70%) was already taking many small holders by surprise who thought they had a winning lotto ticket.

In his exciting new book Cryptocurrency criminals. Stalking at heart of the Dark Web (ed. Saint-Simon), Andy Greenberg, investigative journalist specializing in cybersecurity from Wired shows how much the criminal sphere has also been terribly mistaken about cryptocurrencies. Many criminals have thus believed that bitcoin and its cousins ​​would be a perfect cover for their clandestine activities. But curious researchers and experts, quickly followed by law enforcement, have found formidable techniques in recent years to make the mysterious crypto “account books” that are blockchains speak. Maintenance.

L’Express: In your book, you show that cryptocurrencies are a double-edged sword for the criminal sphere. Did the criminals misunderstand bitcoin?

Limited offer. 2 months for 1€ without commitment

Andy Greenberg : When bitcoin emerged, the anonymous aspect of the system quickly intrigued. Did the underground economy and the Dark Web hold a new type of untraceable cash? Many people – myself included – had this impression because the blockchain does not record personal information about individuals carrying out crypto transactions. But that assumption was wrong: in the years that followed, experts established techniques to trace bitcoin transactions so precisely that it increasingly became possible to identify the person behind them. Bitcoin is a trap that many criminals have fallen into. They thought they had a tool to hide behind, it actually exposes them.

How then do we go about tracking down crypto transactions, especially those suspected of being linked to illicit activities?

The larger the volume of data, the more revealing patterns it becomes. American researcher Sarah Meiklejohn was the first to propose tracking techniques that would revolutionize the knowledge that we can have of the crypto sphere. The preliminary step is what is called “clustering”, it is the fact of grouping together the crypto addresses of the same person or the same entity in the same list. It’s not easy: there are millions of crypto addresses, and at first glance, nothing connects them to each other. But some tips can identify those that come from the same person. For example, if bitcoins located on different addresses are sent at the same time to a common receiving address, the sending addresses most likely belong to the same entity.

But there are other techniques to trace these money flows. Often, crypto wallets work like a piggy bank: if you have 5 bitcoins and want to spend only one, many wallets will not allow you to take the desired bitcoin leaving the other 4 on the initial address: they will send your bitcoin to the address of your choice and transfer the remaining 4 bitcoins to a new automatically created address. If we look at the date of creation of these addresses, however, it is easy to see which is your new address: it is the most recent since it has just been created. All this makes it possible to follow the circuit borrowed by the money of a person, from one transaction to another.

Once the circuit taken by the money has been established, how do we manage to discover the identity of the people behind these transactions?

Indeed, after having grouped together all the addresses belonging to the same entities, these must be identified. Researcher Sarah Meiklejohn started moving small amounts of money across a whole bunch of crypto services and making small purchases. In doing so, it retrieved, for each of these entities, one of their many addresses. She then compared it to that of the large clusters that she had established beforehand.

Investigative journalist specializing in cybersecurity, Andy Greenberg is the author of the book

An investigative journalist specializing in cybersecurity, Andy Greenberg is the author of the book “Cryptocurrency criminals. Tracking down the heart of the Dark Web” (ed. Saint-Simon).


Very schematically, the fact of making a purchase on SilkRoad makes it possible to obtain an address used by the platform. If, moreover, this address is itself part of a much larger group of addresses that we know belong to the same entity, this means that all this listing actually belongs to Silk Road. I asked the researcher if she could trace a few crypto purchases that I myself had made for articles on bitcoin and she brought them up very easily. Having the transaction circuits of suspicious entities is useful because in general, criminals use an exchange at one time or another (Editor’s note: a platform for buying or selling crypto). However, these platforms often have information about their customers. Justice can therefore, at that time, order them to transmit them to the authorities.

Identifying criminals using cryptocurrency is not always a guarantee of success, however. Sometimes, the trail goes back to areas where it will be impossible to arrest the culprit (Russia, North Korea…). This is the strangest and most frustrating case for the authorities: being able to track criminals’ money flows very precisely… and not being able to convict them.

Haven’t criminals also developed new techniques to further cover their tracks when using cryptocurrencies?

Criminals have figured out that bitcoin isn’t as untraceable as they first thought, but many believe that if they’re careful, they’ll be able to hide their identity. They use various techniques to protect their anonymity, but these remain imperfect. Criminals, for example, use so-called “crypto mixers”, services that promise to cover their tracks by mixing funds from various sources, legal and illegal.

“Criminals leave fingerprints on the blockchain that they can never erase”

On small quantities, it works, but when the funds to be laundered are large, this “mixing” is often not enough to effectively blur the origin of the flows. Several crypto mixers have also been closed by the authorities who have therefore been able to dive into their files. Ironically, finally, some platforms of this type very popular with criminals are sometimes themselves scams that do not achieve the jamming promised.

So cryptocurrencies are a trap for criminals?

Let’s say the game of cat and mouse isn’t over. New, harder-to-track cryptocurrencies have emerged. But the authorities are also refining their techniques. And it must be understood that when they make a decisive breakthrough, it is not only useful for current or future investigations: they apply their findings to all cases that have not been resolved in the past. Criminals therefore leave fingerprints on the blockchain that they will never be able to erase.

What interests do cryptocurrencies have for the criminal sphere?

Cryptocurrencies are not as untraceable and anonymous as first assumed. But they have other advantages that make them attractive to criminals, including being “uncensorable”, which means that an actor, authority or state does not have the power to block transactions s unfolding there. And this is a very interesting feature for actors with illicit activities.

“Cryptocurrency criminals. Tracking down the heart of the Dark Web”, Editions Saint-Simon. Release November 17, 2022.


Do criminals who mine cryptocurrencies have different profiles than those who use more traditional circuits?

Atypical criminal figures have indeed emerged in the crypto sphere. With his very nihilistic vision of society and his profile nerd, Alexandre Cazes, the founder of Alphabay (Editor’s note a huge illegal market place) hardly looked like a classic crime baron. Ditto for Ross Ulbricht, this thirty-year-old American very inspired by libertarian currents who had created the famous drug sales platform SilkRoad a few years earlier. In Ross Ulbricht’s eyes, no one should have the power to ban other people from taking drugs. And its entire platform was designed so that an Internet user could easily find and order the substance of his choice. But he didn’t tolerate some more violent activity on SilkRoad.

When Ross Ulbricht was arrested, however, other criminals with more “classic” profiles followed suit, setting up platforms similar to SilkRoad, but without these safeguards. The police have also been confronted with dramatic cases, in particular that of Welcome to video, a vast network for distributing pedophile videos. There, it’s a whole different level of darkness… The investigators have done a remarkable job which has enabled the rescue of dozens of children and the arrest of 337 people around the world, including the site administrator. The springs of the case are extremely shocking. The services that made it possible to dismantle this platform came mainly from the American tax administration and were not investigators accustomed to this type of business. During my exchanges with them, I measured how much they were traumatized by what they had seen. It is important to talk about this case. Internet privacy advocates often worry about child abuse issues being used to justify mass surveillance. And they’re not entirely wrong. But it is vital to keep in mind that this subject is not just a fantasy either: these horrors exist.

Do criminals use cryptocurrency frequently? In 2022, the firm Chainalysis revealed that only 0.15% of crypto transactions were linked to illicit activities.

Cryptocurrencies are of increasing interest to a wider audience and the number of legitimate crypto transactions has skyrocketed. As a result, the share of crypto transactions related to criminal activities has dropped significantly in proportion. But in volume, they have increased. Crypto criminals are more active than ever.


The chronicle of Christophe Donner

Image taken from the film Christopher Donner


The job market for fortune tellers has grown significantly over the past few years.By Sylvain Fort

The chronicle of Cécile Maisonneuve

Cobalt is transported on a conveyor belt after initial processing at a factory in Lubumbashi, DRC, on February 16, 2018 before being exported, mainly to China.By Cécile Maisonneuve, President of DECYSIVE and Advisor to the Energy-Climate Center of IFRI

To analyse

President Joe Biden during an election rally in Maryland, a state near the capital Washington, November 7, 2022Vincent Pons

Leave a Comment