Skip to content

FBI on Bitcoin,between cybercrime opportunity & digital choice

by Pierluigi Paganini on May 11th, 2012
Bitcoin

Law enforcement, FBI first, are worried by the diffusion of the Bitcoin network that could be used by groups of criminals for several activities. The main problem related to the payment system is that is completely anonymous making impossible to trace the transitions and related users.

Bitcoin is a decentralized electronic cash system that uses peer-to-peer networking, digital signatures and cryptographic proof so as to enable users to conduct irreversible transactions without relying on trust. Nodes broadcast transactions to the network, which records them in a public history, called the blockchain, after validating them with a proof-of-work system.

Starting on January 2009, the usage of Bitcoin make possible to make transition using a digital currency that hasn’t the backing of and doesn’t represent any government-issued currency.

The editorial staff of Wired has obtained a not classified document, titled “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity,”   prepared by the FBI related to Bitcon system.

The report highlights the difficulty made to obtain information on suspicious transaction records and the impossibility to track users that made them.

Through a peer to peer communication and the usage of cryptography, Bitcoin system implements an on line currency that allows anonymous transactions.  The only part of the process that requires theoretically the identification of a subject is the step of the conversion between Bitcoins and a real currency. I said theoretically because exists many third-party Bitcoin services that don’t require customers to submit valid identification or banking information for the conversion.

Despite Bitcoin system could be regarded with suspicion by those who are accustomed to the ordinary processes of payment it is used as a legitimate form of payment by numerous online retailers selling any kind of products such as clothing, software and music.

Naturally every payments system id object of interest of criminals that desire to make profits implementing fraud schemes.

The Bitcoin payment model, due the anonymity of the transaction, is largely debated in illegal environment for the sale of illegal product and services. Underground sites like Silk Road allow users to pay using the virtual currency.

How does the system work?

Each user installs client software on his computer to generate bitcoins and manages its Bitcoin account, a unique 36-character string of numbers and letters, used in the transaction. The currency is stored on the user’s computer in a virtual “wallet.”

Transfer of bitcoins is also simple, it is necessary to address the destination account providing its account number to the client software. To guarantee the non-repudiation of the operations the sender digitally signs the transaction and sends the information to the peer-to-peer Bitcoin network, which validates the transaction and releases the coins for the receiver.

Each bitcoin is similar to a certificate that is associated in a not repudiable way to the individual that has exchanged it using a an digital signing process. Transferring a bitcoin to another individual, the signature encryption related to the coin is passed to the new user and is store in its wallet.

Core of the entire architecture are programs called miners that take into account the number of Bitcoins transactions to give a quotation for the currency, miners are similar to the Federal bank that analyze the circulation of the money to prevent phenomenon of inflation or deflation.

The Bitcoin economy according the FBI report is amazing, considering a quotation of about $4 and $5 per bitcoin and a total amount of more than 8.8 million bitcoins in circulation, we are facing with an economy of worth between $35 million and $44 million, really desirable for the cybercrime.

FBI is really concerned regarding the usage of Bitcoin for illegal activities, in the report is reported:

“If Bitcoin stabilizes and grows in popularity, it will become an increasingly useful tool for various illegal activities beyond the cyber realm,” the FBI writes in the report. “For instance, child pornography and Internet gambling are illegal activities already taking place on the Internet which require simple payment transfers. Bitcoin might logically attract money launderers, human traffickers, terrorists, and other criminals who avoid traditional financial systems by using the Internet to conduct global monetary transfers.”

Despite analyzing Bitcoin transaction records publicly available is possible to retrieve sensible information related to the source and destination of the payments and to the bank account information or shipping addresses, the FBI enumerated several ways to protect user anonymity:

  • Create and use a new Bitcoin address for each incoming payment.
  • Route all Bitcoin traffic through an anonymizer.
  • Combine the balance of old Bitcoin addresses into a new address to make new payments.
  • Use a specialized money-laundering service.
  • Use a third-party eWallet service to consolidate addresses. Some third-party services offer the option of creating an eWallet that allows users to consolidate many bitcoin address and store and easily access their bitcoins from any device. Individuals can create Bitcoin clients to seamlessly increase anonymity (such as allowing users to choose which Bitcoin addresses to make payments from), making it easier for non-technically savvy users to “anonymize” their Bitcoin transactions.

No one is safe

Of course the statement “No one is safe” is also valid for cyber criminals, their great enemies are also groups of hacker who are specializing in the theft of this digital currency. In the past, hackers have already implemented malware, such as Infostealer.Coinbit, able to steal bitcoin from the e-wallet installed on the infected machine.

Another sensible problem that affect the Bitcoin payment model is the counterfeiting of bitcoin, or better saying the possibility to auto produce bitcoins in illegal way. This opportunity is of great interest, according official source of FBI hackers and criminals have already tried to compromise cluster of machines at an unidentified Midwestern university in an attempt to manufacture bitcoins.

Conclusions

Bitcoin and other payment systems peer2peer have introduced a revolutionary and uncomfortable concept of decentralization of the currency. The concept is at odds with the monopoly power of governments that are the only holders of the issue of currency, such a system puts into question the legitimacy of monetary policies in a global and digital economy.

The complete control of the monetary system allows governments to define the price of money by controlling the market.  The real danger of digital money, above the vulnerabilities in its processes, is the impossibility for the governments to exert control over financial flows, this could lead to a distortion of the main mechanisms of control and taxation, bringing total chaos in a market already in disarray and promoting the development of illegal activities through the coverage of cash flows.

The real problem is:

Is any individual able to exercise full control of its currency?

I remind the answer to you …

Pierluigi Paganini

From → Malware, Security