Presentation on theme: "Illicit Use of Bitcoins By, Scott Amack. Agenda Government View Silk Road Bitcoin Laundering Malware and Hacks Botnets Exchanges Illegal Mining Recent."— Presentation transcript:
Agenda Government View Silk Road Bitcoin Laundering Malware and Hacks Botnets Exchanges Illegal Mining Recent Opinions
FBI Definition “Bitcoin – a decetralized, peer-to-peer (P2P) network-based virtual currency --- provides a venue for individuals to generate, transfer, launder, and steal illicit funds with some anonymity”.
FBI Concerns Popular payment method Will be used to launder money Criminals will exploit bitcoin users Used to fund criminal enterprises Hard to find “owner” unless converted to cash
Is Bitcoin Anonymous Transactions are posted online with your IP Keys are public With IP Data, keys, and transaction history can find owner
FBI “Tips” for being Anonymous Use new bitcoin address for every transaction Use an anonymizer for all bitcoin traffic Combine balances after each transaction Use money laundering service Use third party e-wallet service Bitcoin clients can be made to increase anonymity
IRS View Bitcoin income is taxable Getting your wallet stolen and losing income is not claimable Rules for digital currencies are unclear Tax Preparers do not understand digital currencies Bitcoin on foreign servers is foreign currency… or is it Recognizes that laws need to be clarified
Silk Road Revealed in a June 2011 Article by Gawker The Underground Website Where You Can Buy Any Drug Imaginable The Underground Website Where You Can Buy Any Drug Imaginable
Silk Road Story dramatized the acid buying experience Gave positive spin on site, called it the Amazon of the drug world Silk Road only allowed purchase with Bitcoin March 2013 70% of product offered was illegal drugs Site earned 614,305 BTC in commission $79.8 million Had 146,947 buyers 30% based in the U.S. 3877 Vendors Site shutdown by FBI October 2013
How is Bitcoin Laundered Bitcoin is used to purchase virtual game currency Virtual game currency is used to purchase game items Game items are sold to other players for real money Online games are a common laundering service for illegal money
Bitcoin Tumbling Tumblers Mix Coins with others The mixed coins are randomly redistributed Stolen Coin is potentially transferred to a new owner If the tumbler is flooded you will just get your own coin back Need to distribute the coin amongst a lot of different tumblers
Infostealer.Coinbit Malware created to steal your bitcoin wallet Takes advantage of unencrypted wallets Stolen coin cannot be recovered
Google “Hacks” for wallets Make it easy to search for web servers to steal wallets intitle:index.of "wallet.dat” Intitle:indox.of wallet filetype:dat Encrypt your wallets!
Zeus Botnet Only Accepted Payment with Bitcoin Botnet was used to steal banking information Used keylogger and form grabbing
Zeroaccess Botnet Discovered July 2011 Microsoft attempted to destroy in 2013 Estimated to have infected 2 million plus Estimated to generate 2.7 million in Bitcoin per year Botnet is still in operation and evolving
MtGox Launched in 2010 2013 Handled 70% of Bitcoin transactions 2011 Breach of Credentials caused value to dip March 2013 Transaction log split into two causing two different rule sets to exist April 2013 Trading Suspended for “Market Cooldown” June 2013 Withdrawals suspended August 2013 Announced significant losses from crediting deposits which had not actually cleared November 2013 users complaining that withdrawals were taking weeks to months Filed for bankruptcy protection 2014 “Lost” 850,000 BTC - $450 Million
Flexcoin Hacked 896 Bitcoin “Stolen” from “Hot” Wallet Took advantage of bad code that did not verify balance of account Still have coins safe in “Cold” Wallet Was supposed to be a safe wallet Users will have coins returned that were in cold wallet Company is shutting down as a result
Poloniex Hacked Lost 12.3% of total supply Code vulnerability used to hack them “Borrowing” 12.3% of each users balance Will repay after it makes up the balance “Temporarily” raising transaction fees to makeup loss
Silk Road 2 Hacked Lost 4776 Bitcoins ($2.6 million) Transaction Malleability Hack Utilized o Alice runs an exchange the Eve has money on o Eve requests coins from Alice o Alice Sends Eve Coins o Eve pretends Alice did not send them by changing the transaction ID o Eve retransmits the transaction o If the network confirms Eve’s new transaction it will be assumed to be valid and wont record Alice’s transaction o Eve then complains about the missing coin Alice wont see her transaction in the blockchain (since Eve’s transaction was placed first) o Alice Resend the Bitcoins o This is repeated until Alice has no Bitcoin Silk Road is planning on paying back all lost coins
Illegal Mining Using Dorm Rooms for mining Apartments that include electricity Plugging in miners at work Using Academic Super Computers Using School Computer Labs for mining Penn State Bitcoin Club
Economist Nouriel Roubini Predicted 2008 Financial Crisis Calls Bitcoin a Ponzi Scheme Ponzi scheme is where you payback investors with money borrowed from future investors.
Big Fish Games Will start accepting bitcoin for all of their titles Stated it will be a fun project Considered keeping 8% of transactions for investment Will convert coin to cash immediately
Patrick Byrne CEO of overstock.com “the zombie apocalypse is coming, and there's one thing that can save us: bitcoin” Overstock.com is going to start accepting bitcoin as payment Feels economy should be controlled by the people not government Has invested personal funds into bitcoin Company does not state if they are holding coins or are converting to a fiat currency
References http://cryptome.org/2012/05/fbi-bitcoin.pdf Reid, F.; Harrigan, M., "An Analysis of Anonymity in the Bitcoin System," Privacy, security, risk and trust (passat), 2011 ieee third international conference on and 2011 ieee third international conference on social computing (socialcom), vol., no., pp.1318,1326, 9-11 Oct. 2011 http://resources.infosecinstitute.com/botnets-unearthed-the-zeus-bot/ http://www.zdnet.com/blog/security/new-bitcoin-malware-steals-bitcoin-wallets-infostealer-coinbit/8804 http://www.symantec.com/connect/blogs/bitcoin-botnet-mining http://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/Sophos_ZeroAccess_Botnet.pdf http://blog.turbotax.intuit.com/2011/07/18/bitcoins-the-taxless-currency/ http://www.irs.gov/pub/irs-pdf/p2104.pdf http://www.coindesk.com/bitcoin-bank-flexcoin-close-600000-bitcoin-theft/ http://www.coindesk.com/silk-road-2-loses-bitcoins-hack/ http://www.wired.com/wiredenterprise/2014/03/bitcoin-exchange/ http://gawker.com/the-underground-website-where-you-can-buy-any-drug-imag-30818160 http://en.wikipedia.org/wiki/Silk_road_website http://www.theverge.com/2013/12/19/5183356/how-to-steal-bitcoin-in-three-easy-steps http://blog.magicaltux.net http://blogs.wsj.com/moneybeat/2014/03/10/nouriel-roubini-bitcoin-is-a-ponzi-game/ http://www.usatoday.com/story/tech/columnist/baig/2014/03/09/mark-cuban-cyber-dust-sxsw/6226925/ http://invezz.com/news/forex/8778-bitcoin-usd-bill-gates-doesnt-thinks-digital-money-is-about-bitcoin http://venturebeat.com/2014/03/11/big-fish-games-partners-with-coinbase-to-accept-bitcoin-payments-for- games/ http://venturebeat.com/2014/03/11/big-fish-games-partners-with-coinbase-to-accept-bitcoin-payments-for- games/ http://www.overstock.com/80786/static.html?ehid=EF916438FE97B21EE040010A249C4B4A