Bitcoin deanonymized: how to recognize change address

This is a post by guest author Sebastian Neumann about privacy in bitcoin transactions and methods of de-anonymizing addresses by determining a transaction’s change address.

The question of privacy has been one of the main concerns ever since the creation of cryptocurrencies and blockchain transactions. Can one follow the funds on blockchain and reveal senders privacy even if bitcoin mixers are used?

In this article we will explore the following problem: is it possible to recognize which of the addresses in a BTC transaction can be attributed to another person, and which still belongs to the sender because it is a change address.

(more…)

Sextortion scams: where the ransom money go

Definitely many of us have heard of sextortion, an online scam scheme already existing for at least a few years which usually targets victims of breached passwords. A monetary part of the scam consists of a claim to send bitcoin ransom in exchange for not sharing publicly some private photos or videos of you, which scammers claim they own (hint: they don’t).

(more…)

Peer-to-peer scam me my dear

Peer-to-peer cryptocurrency exchanges are sometimes a good option to buy crypto, especially if you want to have a little discount or use certain payment method for your personal convenience. And as soon as it involves a (pseudo-)anonymous counter-agent online, you are guaranteed by the exchange service but only if you stick to the rules. If you do not, chances are you could be lead into a scheme which would make you a victim and you will lose an otherwise legitimate dispute or claim.

(more…)

Bitcoin cloud mining scam: lose money without even giving them away

There is a certain scheme of crypto scam I have come across which is not a usual ‘bitcoin investment’ enticing you to put your money into some ‘binary trading’ establishment in a hope for sky high profits. This is a cloud mining offer which eventually does not seem like a straightforward scam for some, however it is still dangerous if you are not aware of some important details and general principles of securing your crypto wallet.

(more…)

Ready or no, here I come! (under your VPN)

Naturally, one would expect a savvy scammer to use VPN in order to hide their exact location. This is not always the case with amateurish wanna-be-cyber-criminals who might not care much of their own anonymization. Many cases of crypto scam reveal that no VPN is used at all, so it is pretty easy to estimate a scammer’s location from their IP address. But even VPN usage won’t guarantee a scammer from their location detection if no attention is paid to some important details.

(more…)

Cryptocurrency scam schemes: following the money

The most illustrative part of crypto scam investigation is visualizing the flow of funds through transactions and addresses associated with a scammer’s wallet. This method allows us to reveal related addresses or their clusters and also to track funds to certain centralized exchanges where they can be potentially cashed out. Additionally, we can also include in the graph other entities related to scammer in order to create a full picture.

We will approach this task using two different investigation tools: Maltego CE and GraphSense. Both tools are available for free in non-commercial versions.

(more…)

Nigerian cryptocurrency scams: uncovering the schemes

This post opens a series of articles dedicated to research of online crypto scam schemes orginated from Nigeria, which have emerged in the recent times on social media platform like Instagram, Facebook and Telegram. We are looking at these scams not only from a technical and investigative point of view (how exactly scam is commited), but also will touch social aspects of such crimes as well – why people are choosing this business of scamming others online this way.

(more…)