Waiting..
Auto Scroll
Sync
Top
Bottom
Select text to annotate, Click play in YouTube to begin
00:00:02
foreign foreign [Music] welcome everybody thank you so much for joining us today welcome to today's book discussion with Andy Greenberg and
00:00:50
Joseph Cox here with us to discuss Andy's newest book tracers in the dark the global hunt for the crime Lords of cryptocurrency we have a good sized crowd here today virtually so let's get started so
00:01:04
cryptocurrency is everywhere in the news these days the FTX crypto exchange Fallout and its domino effect on other cryptographics and other crypto continue to dominate continue to dominate
00:01:17
as Observer and investors monitor the ongoing damage meanwhile crypto Andy I think you need to mute yourself for a second good meanwhile crypto is elsewhere in the news for example in the war and
00:01:29
relationship uh in the war in Ukraine where crypto assets are being used for donations to fund the Ukraine government and ngos and the Biden Administration and Congress are trying to play catch-up in an area best described many say as
00:01:42
the Wild Wild West earlier this fall federal agencies came up with a joint fact sheet on six principles and directions for crypto regulation in the United States Congress is only in infant
00:01:54
stages in trying to understand and regulate cryptocurrency and its various manifestations even closer to home last week New York Governor Kathy hokel signed one of the most restrictive laws in the U.S on regulating cryptocurrency
00:02:07
mining becoming the first state to impose such a ban Banning certain Bitcoin mining operations at the center of this discussion about crypto Financial volatility and domestic and geopolitical Affairs is the
00:02:19
phenomenon of crypto criminals and their ability to exploit the wild west that defines the cryptocurrency world and you can disagree with any of this when you talk with us today um to describe the criminals here in
00:02:33
cryptocurrency and efforts to address that criminality are two experts whose work speaks directly to many of the issues that converge in the crypto space Andy Greenberg is the author of Chasers in the dark he's a writer at wired where
00:02:45
he covers security Privacy Information freedom and agriculture he's the author of the book sandworm a new era of cyber War and the hunt for the kremlin's most dangerous hackers for which he and Joseph did an event here in 2019 so that
00:02:58
means in three years you guys will be back oh no we'll do Joseph's book before that like his fellow discussive Joseph Cox Andy has won numerous journalism Awards Joseph Cox is a journalist for
00:03:10
vice he covers cyber security the Digital Underground and the surveillance industry provides this technology section motherboard among the issues Joseph has covered and one that may interest many of us here at the center of national security is the security of
00:03:23
bone networks and how governments and corporations sell personal data for profit his forthcoming book dark wire will tell the story of how the FBI used its secretly run Tech startup called anom to wire hundreds of organized crime
00:03:36
gangs locally and I hear that nextbooks plans to turn the book into a movie um I'm really looking forward to this discussion Joe will start it Andy um and he will talk for much of the hour then
00:03:49
we will turn to audience questions in the latter part of the session so feel free to put your questions in the chat and I will introduce them to our our two discussions just FYI the station the session is being recorded Joe I turn it
00:04:03
over to you sure thank you so much for that uh introduction um Andy this is a very complicated uh not narrative that the book itself is
00:04:16
incredibly well written and it you follow the the myth of the anonymous cryptocurrency and how that was shattered and then that expands and expands but I guess just for everybody watching we should probably establish
00:04:29
first of all what is this myth of anonymous cryptocurrency and crucially how did you come to write this book because I think both of those are basically intertwined you know how did you come to write this and how does that
00:04:42
relate to the myth of anonymous Bitcoin foreign yeah well first of all thank you so much Karen for that kind introduction it's so nice to be doing something with this in our natural security again and a fellow
00:04:56
Greenberg no relation as always um but and especially I want to thank Joe though also for joining I mean Joe um has been like my friend of me competitor in this world of dark web
00:05:08
coverage and scooped me many times over the years and now just an actual um friends and I really appreciate uh having a partner in this discussion who knows so much about this world
00:05:20
um so yeah just to to get into the how I came to this story so I guess like a little over a decade ago I was really obsessed with this group called The cypherpunks Who Um was this move-in from the 1990s these sort of
00:05:33
radical crypto little Libertarians who and that they call themselves crypto anarchists even who believe that they could use encryption tools and anonymity tools enabled by encryption to take power away from governments and
00:05:46
corporations and give it to individuals and they dreamed up you know things that would become vpns and tour and the dark web essentially and that's where Wikileaks came from for instance
00:05:58
Julian Assange was a Cypher Punk too who dreamed of using these tools to give anonymity to journalistic sources um but then in 2011 just as I was like uh writing a book that was kind of in
00:06:10
some ways a history of the cyberpunks um I Came Upon what seemed to be this new Cypher Punk invention which was Bitcoin you know that's how it was described to me initially and um one of the first developers of of
00:06:24
Bitcoin Gavin Andreessen um sort of introduced in in a talk that way that I that I watched and and it was described as this untraceable Anonymous digital cache for the internet I mean it's hard
00:06:36
to believe that we talked about Bitcoin that way back then but but we truly did and even Satoshi Nakamoto the creator of Bitcoin who we still don't know like is that he or she or they
00:06:47
um wrote in their first email describing Bitcoin to a cryptography mailing list that participants can be anonymous so I really believed this and I wasn't alone like I mean very quickly Bitcoin
00:07:01
uh was adopted for things like the Silk Road this black market on the dark web for drugs and other Contraband of every kind imaginable and it really seemed like it was working like this was like
00:07:13
Bitcoin was monetizing this new Anonymous underworld of the internet and um that it was a way to kind of like send a briefcase full of unmarked bills from anywhere across the internet to
00:07:25
anywhere else in the world without identifying yourself and only now you know I mean not quite now but like only about almost a decade later that I kind of fully have this Epiphany that
00:07:38
actually it was the opposite the Bitcoin was the opposite of untraceable that it was in fact extremely traceable and that not only that but but it had served as a kind of trap for people seeking
00:07:51
Financial privacy and particularly criminals uh cyber criminals of every stripe for years and years and once I sort of Saw that this had happened I actually really
00:08:02
it came from seeing Justice departments announcements of takedowns and in each one they credited this one company called chain analysis which was uh I knew at the time a Bitcoin a
00:08:15
cryptocurrency tracing firm and it's began you know I sort of like read the research I'd seen hints over the years of how traceable cryptocurrency was but once I saw like how many of these cases
00:08:27
chain analysis specifically this startup tracing cryptocurrency was involved in I saw that in fact like this had been a a incredibly powerful almost like secret weapon for law enforcement for years and
00:08:39
that's when I started talking to chain analysis and then um they uh were the first to tell me about some of the major cases that had not been told before and I then went from there to find to finding sources within the law enforcement
00:08:52
agencies and the prosecutors who had done these cases and as well as some of the criminal suspects and um themselves and trying to tell them before we go down into that scale though
00:09:04
well one point is that yes before even before chain analysis I think there's a there's another link between you and the doctor there's another link between specifically Bitcoin is it I mean you
00:09:16
bought drugs on the dark web and this is of course mentioned in the book and I just want to touch on that briefly because at that point in time when you bought some cannabis off Silk Road or whatever you believe Bitcoin was
00:09:29
Anonymous at that point or you were at least exploring that idea right and that was shattered for you personally can you just briefly go through that because it's almost like a very small scale chain analysis you know what I mean then
00:09:40
we'll move on to that absolutely yes so um I think you know I so when the Silk Road first appeared I you know was I got pretty obsessed with this with not just the Silk Road drug Market itself but particularly it's it's
00:09:55
um Creator this guy who called himself The Dread pirate Roberts and he was this you know hyper libertarian ideological figure for that Silk Road Community and I interviewed I interviewed him
00:10:06
eventually um in 2013 and um in and for that piece I was I was I worked at Forbes Magazine at the time as just a sidebar to the piece I wanted to buy marijuana from three different dark web
00:10:20
drug markets at the time of course I said that like Forbes was buying it in the piece um and now I can admit like that I was just buying these drugs myself and sending them to the board and uh and having done this like I then
00:10:34
you know did a little piece on like what the experience of buying actual drugs online from from the Silk Road and two of its kind of CopyCat sites but then just after that this paper came out called A Fistful of bitcoin's
00:10:46
characterizing payments between men with no names um which was this seminal paper it turned out um that well I even knew at the time that it showed that it was possible to some degree to trace to trace Bitcoins I
00:10:59
think the degree to which it was possible the fully full traceability of Bitcoin didn't become clear to me until years later but uh when that paper came out I asked its author as its lead author Sarah micklejohn this researcher
00:11:12
at the University of California San Diego to see if she could trace my Bitcoins uh the trace of Bitcoins that I'd used to actually buy drugs on the Silk Road in other markets and she did uh very you know quite
00:11:24
easily and she demonstrated to me that that's uh like my illegal transactions and they were illegal at the time um could be traced but I still I don't know it's amazing like how um
00:11:37
how persistent this illusion of bitcoin's potential for anonymity still was because I thought like well you know I wasn't very careful I didn't like move my Bitcoins through enough obfuscating
00:11:51
hops around the blockchain I didn't like use anonymity tools properly if I was just a little better at this then I would have been able to evade her tracing and I think that is the mindset of every cyber criminal who's used
00:12:04
cryptocurrency over in that period they all thought that they could stay a step ahead um I mean we should say I should say like also why it is that Bitcoin seemed to be anonymous and that is because
00:12:16
I mean you know it's this sounds ridiculous now the Bitcoin is enabled by the blockchain this um instead of like being sort of guaranteed by a bank or a government or like there's nobody checking every
00:12:29
transaction at an institution like that but the blockchain is instead this list of every Bitcoin transaction that is recorded copied out to thousands of computers around the world and cannot be changed and that is a list of every
00:12:41
sorry to repeat this but it's nuts to think about the fact that we thought this could be anonymous a list of every Bitcoin transaction um ever made but just you know all you can see on the blockchain is like which Bitcoin address sent money to which
00:12:54
other address and that back in 2011 looked like uh it was a kind of elite it's not anonymity then pseudonymity like um if you can't figure out somebody's Bitcoin addresses then you'll never figure out their transactions
00:13:07
you'll never be able to follow the money from one address to the you know to the next in any meaningful way or tell who where it's going or what's illegal or legal um but Sarah Michael John was the one who
00:13:19
began to crack that code and to show that with some clever tricks I don't know if we need to like get into them exactly they're like um fun to talk about but like a little you know in the weeds maybe um she began to show that you could
00:13:31
actually tie together sometimes dozens or thousands eventually millions of Bitcoin addresses and show they all belong to one person or institution like the Silk Road and then you could actually using other tricks sometimes
00:13:43
Follow that money from uh hop to hop until it reached something like a cryptocurrency exchange where you know she knew that a law enforcement agency could send a subpoena and start to like uh
00:13:55
um actually get people's identifying information from that exchange so that's like how you know um I should have suffered from the same illusion I thought well if I could just like defeat those if I worked harder to
00:14:09
defeat those tricks I could have still done this anonymously after all the Silk Road had been online at that point for two and a half years and nobody seemed to be tracing the Bitcoins of the dread pirate Roberts for instance and so you
00:14:21
know I didn't it didn't seem to me like cryptocurrency could be used to actually capture criminals but that you know that was about to change right exactly and that comes on to right now
00:14:32
before the scale of chain analysis was still pretty early there is a seminal case right the tracing of the Bitcoins belonging and stolen by uh corrupt law
00:14:45
enforcement officials ironically working on the Silk Road investigation uh you know as someone who's covered those cases this was all new to me this was all entirely new to me the background uh
00:14:58
story of how this actually came about and at least my understanding from from reading the book is that this was the first time we know of that Bitcoin tracing was used by law
00:15:11
enforcement agency to get evidence to put somebody in jail I mean this is a hugely significant moment do you just want to run us through uh sort of what that story is and where it takes us
00:15:23
absolutely it is it is um bizarre that like after two and a half years of the Silk Road being online it was pulled off it was the dread parrot Roberts was identified as this 29 year old guy Ross Albrecht living in San
00:15:35
Francisco the Silk Road server was found through potentially anonymities in in the tour anonymity software um sorry vulnerabilities rather in Tor but then also through like some slip ups
00:15:47
that Ross Albrecht had made like leaking his email address in a forum post um made years earlier he wasn't caught through cryptocurrency tracing the first cryptocurrency tracing case that actually proved somebody's
00:15:58
guilt instead as you were saying was uh bizarrely this case where the an IRS criminal investigator who had not been involved in the Silk Road takedown this guy named tigrin gambarian I think he actually felt a bit left out
00:16:12
of the Silk Road case and his superiors um certainly were like why weren't we on top of this tigrant was based in Oakland right across the bay from San Francisco where Ross Albrecht was arrested and I think there was a sense of like this guy was right under our nose why did why
00:16:25
were why did we not figure this out um tigraine began to look at the Silk Road investigation after the fact uh got a tip from a cryptocurrency exchange that one of the DEA investigators in
00:16:37
that Silk Road case a guy based in Baltimore named Carl Mark force was cashing out hundreds of thousands of dollars worth of Bitcoins of Unknown Origin and so tigran you know uh like this was still a point in in history
00:16:49
when everybody thought Bitcoin was more or less you know untraceable certainly within law enforcement nobody was tracing Bitcoins but tigrin looked at this blockchain and was like why can't I trace this he had you know audited tax
00:17:01
returns for years he was an accountant and aside you know in addition to being a law enforcement agent who carried a gun and made arrests and stuff that's the weirdness of IRS criminal investigations
00:17:13
um and he sat down at his computer like after hours and just hand traced on the blockchain Karl Marx forces Bitcoin transactions and showed that they had come from the Silk Road that the money
00:17:25
that he was getting uh and cashing out these Bitcoins were in fact payments from The Dread pirate Roberts himself to Karl Marx force in exchange for ins for essentially acting as a mole inside the
00:17:38
DEA and selling law enforcement investigative information to the Silk Road as a double agent I mean uh it's bizarre and but then uh tigrin after proving this and Karl Mark force is
00:17:52
indicted uh prosecutors like there was still this they could see that there was this other sum of missing money like 350 000 worth of Bitcoins that they couldn't tell where it went everybody all the
00:18:05
prosecutors on this case believe that it must have gone through Karl Mark Force also this corrupt DEA agents and tigran alone looked at the blockchain and was like I see this going somewhere else and he traced those coins and found that
00:18:17
they had actually been stolen by a Secret Service agents also assigned to the Silk Road investigation also in Baltimore kind of amazingly two corrupt agents in Baltimore um who have been assigned to the Silk
00:18:30
Road case had been stealing as much money as they could from the case in every way they could think of like theft extortion um selling information to the dread pirate Roberts and these two guys crawl Mark force of the DEA and Sean Bridges
00:18:43
at Secret Service were both indicted and spent years in prison and that was um you know this bizarre case was the first time that cryptocurrency was ever traced to prove someone's guilt um and it's it's like uh I don't know
00:18:55
it's it's been described to me almost like lightning striking twice like what are the odds that two agents um on the same case and by the way they did not even know about each other's crimes uh they were not even aware of
00:19:08
each other even though they worked in the same office um and they were both stealing Bitcoins from the same case but what are the odds like these two federal agents would both have fallen for this you know corrupt behavior um but it seemed to me like it's actually
00:19:21
you can sort of understand how it happened if you think about the case at the time I mean the Silk Road was one of the first major cryptocurrency crime cases and these agents um were laboring under the illusion that they could just
00:19:34
grab any Bitcoins they could could get their hands on and could not be traced and they were both seduced by this same um false promise of untraceable money when it turned out to be anything but
00:19:46
like truly the opposite right exactly exactly um exactly um of course from there this is when stuff starts to ramp up a bit you know we've had that seminal case chain
00:19:59
analysis uh is uh so it's still a scrappy startup at this point or maybe it hasn't even uh started please please correct me on that but they're they're getting ready you know and they start looking for contracts looking for law
00:20:13
enforcement contracts as well eventually how uh how does that transition happen and I think after this I want to talk about the next major case in the book which is told incredibly well and there are some scenes I want to touch on there
00:20:26
which is Alpha Bay but before that just slightly where is where is chain analysis here and what and what is it exactly you touched on it just briefly but what are we even talking about right so um first of all chain analysis
00:20:40
was uh founded by this Danish guy Michael groniger who was an old school bitcoiner and I think it always believes that Bitcoin would be traceable then he read Sarah Michael John's paper and I
00:20:52
think like that only cemented his his you know notion of what was possible and he created this company chain analysis um in part to solve a very specific
00:21:04
mystery which was the theft of half a billion dollars worth of Bitcoins from the first cryptocurrency exchange Mount Cox um now this it feels like a familiar story these days with FDX but like now
00:21:17
gox was the this massive exchange that suddenly went bankrupt had lost everybody's money they blamed hackers but a lot of people suspected that it was the staff and gronagar created chain Alice's this cryptocurrency tracing
00:21:31
startup in part to try to solve this mystery um and in the sense to rescue Bitcoin um which was foundering you know after this massive bankruptcy of a central institution
00:21:44
um but then just as he was starting and he met T green gambarian just by chance in San Francisco and they worked together actually to trace the Bitcoins of Sean bridges that secret service agent Michael groniger kind of checked
00:21:54
tigran's work proved that together that that was in fact this corrupt secret service agent and so then they were this kind of unlikely team this like um sort of um I don't know uh combative IRS
00:22:08
criminal investigator uh and grongar this like very sort of like intellectual um uh academic almost Danish guy who would start a chain analysis and then
00:22:21
they ended up working on the same case uh again in a really unlikely way tigran gambarian IRS began to look into this other cryptocurrency exchange called btce that was this like uh extremely
00:22:35
Shady uh exchange where it seemed like all sorts of criminals were cashing out cryptocurrency from you know early ransomware operations from dark web markets that came about after the Silk
00:22:47
Road that replaced the Silk Road and other all sorts of other crimes and meanwhile groninger was looking into the chain into the mount gox mystery trying to find those that half billion dollars of stolen money
00:23:00
it turned out that that money had been fed into btce and just to skip ahead a little bit uh the remarkable thing is that groaninger and gambarian together figured out that
00:23:10
the same person was both involved with the hackers who had stolen all of Mount Cox's money bankrupted the company as was also um running btce so this one person who
00:23:23
turned out to be this Russian man named Alexander vinic uh I guess you know he's still fighting these charges he's innocent until proven guilty but he allegedly at least not only helped to steal this money but then created an
00:23:35
entire cryptocurrency exchange because he had so much Dirty Money on his hands that uh he needed to create an exchange to launder it and that's what BTC was and then it became uh you know also just
00:23:47
a really prolific and profitable way to cash out all kinds of other criminal cryptocurrency and uh Alexander vinic this Russian eventually did travel outside of Moscow
00:24:02
he went to Greece what on vacation and was arrested and that was um in some ways the first crime on a massive scale that was solved through cryptocurrency tracing and it was carried out it was that mystery was
00:24:14
solved of who stole the mount gox money in some sense and who was behind this Shady exchange btce and it was comparion and groniger IRS and chain analysis together who figured that out and they are the kind of like really powerful
00:24:27
team that and I would go on to solve like one massive case after another for the rest of the story of this book which you know which goes on for the for years to come and each case is kind of bigger than the last
00:24:41
right exactly and then exactly the the the the big case after that and the one which includes a ton of new reporting which again I wasn't aware of even though I covered Alpha Bay shutting down
00:24:53
Alpha Bay was you know it became the king of the dark web I think it was something like multiple times larger than the Silk Road right they sold stuff that Russell Bridge would never touch um it was just a lot more aggressive you
00:25:06
know that that is actually the point uh in my coverage when I initially started just covering drugs because of Silk Road Alpha Bay comes along and they're selling a lot more hacked data they're selling a lot more malware and then that's when I personally pivot into
00:25:19
hacking coverage and the sort of the more stuff that you did um so thanks Alpha Bay for that I guess um but when when it comes to the eventual shutdown of alpha Bay
00:25:32
cryptocurrency tracing is involved you know there is a lot of drama especially from the law enforcement side uh without any sport Oilers the one scene I do just want to point out which is incredible
00:25:45
and insane is eventually they track down the alpha Bay owner and the Agents responsible sitting on the table next to their target in a Bangkok hotel by pure happenstance
00:25:59
and that's all incredibly uh told in the story and that that blew me away I I had no idea that happened and I don't know you you couldn't make that up uh truly insane but how do we get to how do we
00:26:13
get to that point and what is and importantly how is cryptocurrency tracing related to that yeah so yeah it's interesting to be talking about this with you because I by the time there was this kind of
00:26:26
whack-a-mole following the Silk Road where like it was replaced when it was taken down by Silk Road 2 a copycat site that was basically run by some of the same staffers that was easily taken down because law enforcement already knew
00:26:39
those people um and then it was that was replaced by another dark web market and then another uh and then finally Alpha Bay appeared and by that time I had actually kind of um dropped the off the ball to some
00:26:52
degree and you interviewed Alpha O2 this mysterious Kingpin of alpha Bay um I remember and I you know I'd interview The Dread pirate Roberts but I had never even like really tried to seek out Alpha too I was like this is just
00:27:05
another dark web Market little did I know that it would grow into a market 10 times the size of the Silk Road by its peak um and as you said it was sort of a much darker like level of the dark web and or
00:27:18
somewhat darker anyway it was I had fewer rules the Silk Road had this idea of only victimless crime Alpha Bay what was full of like um you know not only like heroin and Fentanyl and things but also just
00:27:30
hacking tools stolen data credit card fraud that's where Alpha O2 in fact this creator of alphabet had come from he was a known credit card fraudster and by the end by like mid 2016 alphabet
00:27:44
was the biggest dark web Market ever and Alpha O2 was this notorious um figure who I think not probably not long after you interviewed him sort of disappeared uh in a sense he kind of just changed his username to admin
00:27:56
instead of like this you know cool name Alpha O2 and stopped talking to people on the alpha Bay just kind of slipped into the shadows and um and I would later learn you know that he had become
00:28:08
this sort of like uh Public Enemy Number One of every dark web investigator um yeah this story I I I've been so obsessed with it for so long I was kind
00:28:21
of almost like a uh just a happy coincidence that it turned out that this was solved with cryptocurrency tracing because um when uh I I've actually been trying to tell the story of alphabet and its
00:28:34
investigation and takedown for half a decade practically the um eventually you know this not only I don't know I'm sorry I'm skipping ahead here but like it was such a it's an incredible unprecedented investitation
00:28:46
because at the same time that Alpha Bay eventually was taken down and Alpha O2 turned out to be this French Canadian man living in Bangkok was arrested
00:28:57
um the same uh group of agents who included this Dutch police took over the second biggest market so that the refugees from alpha Bay would flood into a market that they were secretly controlling there was they were
00:29:09
running undercover and that in 2017 when it was announced was such a landmark operation that I knew that there was going to be like a crazy story about how they did this um to tell and I I worked you know for
00:29:22
years to try to get that story and only really once I found that cryptocurrency tracing was the kind of key investigative tool did the whole thing kind of start to come together and I managed to start to Define sources
00:29:36
um but the case I should say sort of began with a much what's what sounds like a um a much more obvious kind of lead which was that around um Thanksgiving of 2016
00:29:48
a DEA agent in Fresno of all places received a tip which was that uh in his first days online when Alpha Bay was just one of many dark web markets and as I said like it was hard to tell
00:30:01
that it was interesting at that point um it had a bug where when you signed up for its user form you would receive a welcome email and then that welcome email there was in the metadata of it an email address that was pimp pimp alex91
00:30:15
hotmail.com um that mistake mistake was fixed rather quickly um but this one tipster had found had got that email kept it for years until
00:30:26
alphabet grew into this massive market and then shared that with the DEA and it turns out that pimp Alex 91 was the Hotmail address of uh this kid Alexander cause and one when
00:30:40
the Fresno investigators began to search for this they found this guy this French Canadian guy um who had had like a sort of like hip-hop career they could see and then had switched to web developments and
00:30:52
moved to Bangkok where they could see from like his family's social media like his Thai wife and her family's posts that he had a Lamborghini he had a villa in the south of Thailand and Phuket this was not like typical web developer stuff
00:31:05
but it almost seems too good to be true that they had got this tip that just like had the guy's email address um and they wondered even then you know the prosecutors and agents in Fresno um if they had the right guy or if maybe
00:31:18
they were being set up you know they thought it first of all it wasn't enough to prove his guilt but also they thought maybe that he was being framed maybe cause was just the Patsy for the real Alpha O2 and
00:31:29
um the way that they finally proved that it was cause that it was this guy was through cryptocurrency tracing and okay analysis by 2016 had spent years
00:31:41
looking at Alpha Bay um which did some very clever things to try to evade the sort of tracing that was possible with the Silk Road like it's kept users money distributed in like many many thousands of addresses
00:31:54
rather than ever pooling it together in a way that was identifiable things like that but Alpha but she analysis after two years of looking at this had identified through their own kind of very clever fingerprints like the fee
00:32:06
structure of alphabet for instance uh the ways that like Alpha Bay used Bitcoin fees specifically in this sliding scale was recognizable it turned out and they used that to build a map of 2.5 million addresses that were being
00:32:19
used by Alpha Bay buyers Sellers and administrators but then it was these two FBI agents who asked me just to call them Ali and Aaron who worked in a totally different office of uh
00:32:32
of the FBI you know the other side of the country from Fresno they were in base they were based in Washington DC who had the kind of breakthrough idea of how to trace the money of alpha Bay's boss
00:32:46
which was uh this notion of looking at Exit scams um like just to explain you of course they were the Nexus campus but the the an exit scam is when the Creator or the whoever's running a dark web Market just
00:33:00
steals everybody's money and runs away with it um and whenever this happens users on the dark web warn each other like um never store more money in a market
00:33:12
than you are about to use to pull all of your money out of the markets whenever you can um and these two FBI analysts Aaron and Ally realize that the only person who would never have to worry about an exit
00:33:24
scam was the boss of a dark web Market himself and so they they looked at this map that chain analysis had created and and tried to find within the alphabet cluster of addresses where there were big
00:33:38
sums of money that had not moved even when an exit scam had happened like when everybody else was pulling out their money the Kingpin would leave it in those addresses and they did identify a cluster within the cluster that they
00:33:50
thought belonged to Alpha O2 they traced it out to to multiple cryptocurrency exchanges they actually sent a subpoena to one of those exchanges before they even heard the tip that Alexander cause uh was
00:34:04
Alpha O2 before that kind of like spread across the grapevine from Fresno they sent that to this subpoena and then just after learning Alexander kaza's name they got the results which confirmed that yes this account was in kaza's name
00:34:17
he was Alpha O2 now this thing that had been kind of a theory hanging by a few threads was nailed to the wall with like actual follow the money evidence they really like proved it and then they
00:34:30
continue to follow his money to like more than a dozen exchanges in his name and his wife his Thai wife's name and that was how they proved that cause was the Kingpin of this site I mean the story of how they then captured him is like
00:34:43
um one of the most like interesting fun I mean it's not I'm sorry to say it's fun it's about um somebody's life is was at stake here but like uh but the cause had learned from this Old
00:34:56
Road also that not only do you need to use encryption on the laptop you use to run your dark web markets but so that you can just close the lid of it and if you just close that lid then it's encrypted law enforcement will never be able to access its Secrets but he
00:35:10
learned also that you never log into the markets you never open that laptop outside of your home and he's in this home like behind the Gates in Bangkok and somehow the agents need to catch him
00:35:21
in a way where his laptop is open and alive and unlocked logged into Alpha Bay and the story of how they did that is like you know one of the most elaborate kind of physical sting operations I've I've you know certainly the most
00:35:34
elaborate I've ever written up and I had to assemble that from like lots of different sources in Thailand and and um this Fresno group and so um it's uh yeah just like uh I go far
00:35:48
beyond the point of proving his guilt but then there's also this whole story of how they took over the second biggest market and ran that in secret um I don't know how much I mean before you get yeah because before you get to
00:35:59
that you did mention a few times of course that you've spoken to law enforcement in Thailand and obviously the Americans and then some of the Dutch as well um at the top of this talk you mentioned
00:36:11
that you know blockchain analysis has been something of a secret weapon uh which is true why are these people talking now you know and there are some things they won't talk about but I'm just curious on the reporting process why do you think they spoke and how did
00:36:25
you get them to speak about the secret weapon that's been laying there dormant and nobody's been paying attention to it yeah it's an interesting I mean to call it a secret weapon I think it was
00:36:36
um initially a surprise a huge surprise for cryptocurrency criminals that they could be traced in this way and part of the surprise is that they can't erase the evidence even once they know that they can be traced it's on the
00:36:48
blockchain forever um so in that way like it's it doesn't even need to remain Secret in some sense but there but um to be effective but then like um it is interesting to see
00:37:00
that as this cat Mouse game develops there have been like some advances that remain secret chain analysis would tell me a lot of things they wouldn't tell me other techniques um just in terms of like the kind of
00:37:13
like I don't know questions like how do you get these sources and agents and prosecutors to talk I think that a lot of them um felt that these stories like deserve to be told they probably felt like they
00:37:25
deserved some credit some people to um never did tell you know didn't want their identities revealed but I think just the Epic nature of the cases felt like they had to tell somebody about them they had to get the story out there
00:37:37
and it had been five years since the alpha Bay takedown so these stories cool off a little bit and then I don't know they just are kind of like burning a hole in someone's pocket and they have to like make it public um
00:37:50
but then like uh they're also I should say that like IRS criminal investigations was wonderful to speak to because I think they feel perpetually under credited they're treated like accountants and like this nerdy like um
00:38:04
second-rate law enforcement agency when in fact they they were the ones Behind These enormous breakthroughs and um you know are really Central to the story of the book and have incredible investigators
00:38:17
um but then to you know there were parts of this story still that uh nobody wanted to really tell me um how it happened and one of them is how the alpha-based server was found in
00:38:29
Lithuania there you know um I was told that chain analysis and tigrant gambarian at IRS had essentially partnered and come up with this technique that was described to me only
00:38:42
as advanced analysis um and it was had something to do with cryptocurrency but it allowed to find the IP address of alphabase Central
00:38:54
Computer and located in Lithuania and that shouldn't be possible I mean there are no IP addresses on the blockchain so that was a huge mystery and something that I like really grappled with I mean I think that the sources wanted me to
00:39:07
just tell that part of the story as like a black box like like somehow I can't say how they wouldn't tell me they did this and the reason they wouldn't tell me in part was because they were using this technique to take down you know one
00:39:19
dark web site markets you know after another and they used it again and again after alphabet for like probably half a dozen sites and they wanted it to remain secret so that the administrators of this of these administrators of these
00:39:31
sites would not be able to fix their vulnerability um and each of them just like each Source in the story kind of told me like just enough that I was able to start piecing
00:39:42
it together then I just speaking to like security researchers who had who could give me educated guesses about how it worked I did I think come up with what I believed was the the technique um and I was going to describe it I was
00:39:56
sort of torn about whether to describe it in the book or not I mean it's a really difficult decision it's like an almost Edward Snowden kind of decision do you like when you know about a secret surveillance technique do you blow it up
00:40:09
um when you know people's privacy is at stake there are definitely legitimate users of Bitcoin who would be really upset I think to hear about this the fact that they're they're dark web
00:40:20
servers IP address can be found by Chain analysis but then also if you blow it up if you burn this tool then you are also protecting people running really abhorrent stuff on the dark web like
00:40:32
including child exploitation sites which is a later part of this the story of my book um and other really bad things and I sort of lay awake at night at one point in in the process of writing this book
00:40:44
think like just trying to decide what to do like do I reveal what I know about this technique and like thank God uh just near the end of the reporting process there was a leak from chain analysis
00:40:58
posted to the dark web that included a uh a presentation in Italian that they'd given to the Italian federal police that included the description of the secret tool so once it leaked onto the
00:41:10
dark web and it was actually shared with me by a dark web Market administrator um so it clearly had gotten out like the tool I think was somewhat burned at that point and I now I you know so the
00:41:22
responsibility thankfully was taken off me I felt like I could just like reveal what I knew about this without feeling like I was um you know I had this like ethical Dilemma on my hands so it is I do you know reveal how that worked in
00:41:36
the book I mean that kind of leads to my last question just before we may take questions from the audience in that uh that sort of brings us up to now right this tool has been burned but it's
00:41:47
certainly being used uh obviously cryptocurrency tracing is has never been more important really you know sure we we all think about the dark where we all think about Silk Road Alpha Bay whatever
00:41:58
but FTX of course uh the massive crypto exchange which is now closed down people are going to try and Trace those coins I mean I know through my own reporting without getting super explicit that top
00:42:12
tier organized crime is using Bitcoin 100 drug cartels in South America This Is How They are laundering proceeds so that is how you know maybe investigators will pivot to that as well just the last
00:42:25
question the last question is is how what does it look like now what and what happens now with Tracy it's really interesting to hear you say that because it seems that that like
00:42:38
you're seeing drug cartels still using cryptocurrency for money laundering of course the dark web drug markets and black markets still exist and persist and in fact um you know I should say that like I should
00:42:49
mention Alpha Bay has resurrected itself years after the takedown in a new form that only uses Monero this purportedly untraceable or at least much harder to trace cryptocurrency
00:43:02
I think that um it the degree to which Monero can be traced is still like a really interesting subject and I've seen examples of it traced in that same leaked chain analysis presentation they talk about tracing narrow so I don't
00:43:15
think that it's I think that same trap Maybe about you know maybe being sprung again on unsuspecting crypto users um but it seems to me like from what I can see that
00:43:28
there are that group of of criminals who think that they're unidentifiable cryptocurrency is shrinking even as the amount of cryptocurrency used in crime is growing um and that's in part because it's
00:43:41
shifting as so much cyber crime has to countries where visibility we're tracing is not enough like you can figure out exactly who carried out a ransomware attack you
00:43:53
can see like who they're partnered with how they're like sometimes even like how they're cashing out the money but you can't stop them because they're you know beyond the reach of Western Law Enforcement and the same is true of
00:44:06
North Korean hackers who are stealing billions of dollars of cryptocurrency to fund the Kim regime um like a true national security issue but nothing can be done about it because the fact remains even though Bitcoin
00:44:18
cryptocurrency is is traceable it is not always like censorable it's not always can always it's hard to stop the flow of it it means you can see the flow of it um so you know that that group of
00:44:31
Untouchable um but highly visible cyber criminals like still is out there and using cryptocurrencies but I but I believe you when you say that there are still you know people who maybe who may be
00:44:43
actually in extradition countries trying to get away with using cryptocurrency and I think that like they are in many cases switching to less traceable cryptocurrencies the degree to which any of them are untraceable is like an open question I think zcash is
00:44:57
the most interesting to me which uses very clever new crypto cryptography tricks to possibly truly be untraceable but then to your point about FTX also um you know we are watching like in real
00:45:10
time this is still happening as half a billion dollars or so of ftx's funds not just money that was like you know irresponsibly invested or over leveraged or whatever the money that was actually
00:45:23
stolen like by somebody like either in an internal embezzlement or external hackers stole this hundreds of millions of dollars worth of ftx's funds um that money is on the move like as you
00:45:35
know we're still I end more to the point all the crypto tracers in my book are watching this money move and it's very unlikely that whoever took it will be able to cash it out and make it
00:45:47
usable without being identified because of everything we've been talking about and so you know it's really interesting to see someone is trying to get away with stealing this money um but we will soon find out I think
00:45:59
whether that is that was an internal uh theft or whether it was outside or outside hackers um the mystery will probably be solved and the question is like will that will
00:46:10
the thieves be reachable will they be like onshore enough that something can be done about it or maybe the money can the money be recovered questions yes I think this is a good time to turn
00:46:27
to question so it's kind of interesting because Andy just answered a couple of the questions in that last answer about untraceable currency what do you think the next untraceable currency would be so you can answer that but let me follow
00:46:39
with another one and then you could which is what's the international law enforcement dimension of this and I think you know you can both talk about this if you'd like because you know you keep mentioning the fact that this is involves other countries and whether
00:46:52
it's for you know where the money's being hid hidden or where the um where the perpetrators alleged perpetrators are being hit et cetera Etc like what is the international law enforcement
00:47:04
mechanism is it is is it something formal are there countries that are better at this at detecting um and and preventing and you know blocking this or I just I'd like to get a sense of that and I I think um could
00:47:17
you answer that and and also if there's more untraceable issues you might want to talk about that as well yeah yeah yeah I mean um I think it's worth talking about like the untraceable question like are there untraceable
00:47:28
cryptocurrencies today that question you know I I was the one who made the mistake in the first place of thinking Bitcoin was untraceable um a decade ago so it feels like I'm potentially falling into the same trap again but I do believe as I was just
00:47:42
like mentioning briefly that Z cash this you know newer form of cryptocurrency may actually be untraceable because it doesn't uh it it doesn't have like it has a blockchain but it's entirely encrypted and uses
00:47:56
like this very clever thing called zero knowledge proofs to essentially like verify a transaction happens but without you know while gaining or just while revealing zero knowledge about anything about that transaction other than it
00:48:09
took place as described so um it is like a very interesting and new form of cryptocurrency relatively new still being adopted and if it starts to gain traction I do think like we are in
00:48:22
a new era where you know that these sort of crypto Anarchist Promises of the cyberpunks might actually come true in a way that they truly did not with Bitcoin and um whether you know it'll be if crypto
00:48:35
sorry if Z cash was like adopted by more criminals then the question is like will cryptocurrency exchanges delisted like not allow you to buy and sell it because it's a known criminal
00:48:48
tool um if that's the case can it still be used some other way or will it kind of Fall by the wayside I mean I I think that we haven't actually seen zcash adopted enough to know yet but we
00:49:00
may as like I don't know more people understand how traceable all the other cryptocurrencies are um and then we're and then we may enter this new realm of like actual you know interesting
00:49:12
um crypto Anarchy as the cyberpunks were sort of like trying to bring about so long ago but um now to your to the other question about like the role of of international law
00:49:24
enforcement agencies I mean the the book does um you know the Dutch police for instance were the ones who traced cryptocurrency in part to find the administrators to locate that second
00:49:36
biggest dark web market so that when Alpha Bay was taken down they were secretly controlling the number two sites I mean this is like such a Brazen incredibly um like audacious thing that they did to
00:49:48
run that dark web market for like more than a month um themselves as the administrators and then secretly surveil everybody inside so there's no question that like some law enforcement agencies around the world I would say like even more
00:50:00
aggressive and good at this stuff than um you know the US for instance um that but I think that the more like a more important point is probably just that chain analysis and in fact an entire
00:50:14
industry of competitors now are essentially contract firms they are they are like crypto tracers For Hire essentially they'll sell you the tools they'll help you with consultation on like how to do this stuff and Hands-On
00:50:27
investigative like you know that stuff that they do for law enforcement agencies she analysis is is now just one of a bunch of firms like trm labs and elliptic and ciphertrace that all do this and they absolutely sell to non-us
00:50:41
customers so it's becoming like more of a commodity tool that people will you know be able to buy in countries around the world and I think that that's um really interesting but also a little a little disturbing in the sense that like
00:50:54
you have to then ask to what degree are they selling this to even if you do trust the the US government like to what degree is chain analysis selling to
00:51:06
you know less Savory governments around the world and um I did ask them this and it's like kind of a gray area for them in the Middle East in particular I think is really interesting
00:51:17
um I I would guess that like the UAE um and other like pretty I know Saudi Arabia this this is an area where like these are U.S allies in in in theory and uh just I guess in
00:51:32
practice and and yet like um they're terrible human rights abuses and if anybody is like trying to use cryptocurrency in these countries then they may be being traced with tools similar to the ones that have been used against like what we would consider like
00:51:47
true criminals um and the question of like the abuse of these tools not necessarily which analysis help but like there's now an entire industry of these companies and in fact there will be no doubt you know
00:51:59
a Russian chain analysis a Chinese chain analysis if those countries are not developing these tools internally um and then the question is like what is you know Financial surveillance is a
00:52:10
powerful tool and not despite like the fund cops and robbers stories that we've been talking about is not an entirely good thing like you know there was a reason why the cypherpunks wanted to evade this kind of surveillance and the
00:52:23
fact that that they that cryptocurrency did not offer that escape and in fact offered a trap um for people seeking privacy is not entirely a good thing I mean when you think about journalists and
00:52:36
dissidents and activists who need privacy for good reason often from repressive regimes internationally Joe did you want to ask me in terms of what you found out with you
00:52:50
know Global crime gangs and uh just very briefly uh from my own reporting in that there there is so much collaboration now either if that's going to be an mlat so that's going to be in
00:53:02
task forces for particular operations uh the US government European governments they are they have no issue with going and collaborating say with Dubai Police or something like that just Ray Ray
00:53:16
briefly Dubai used to be a safe haven for top tier organized criminals in some case cyber criminals that's basically a myth now in the same way that the anonymity of Bitcoin was a myth you go
00:53:29
to Dubai the Dubai Police are going to catch you and gonna extradite you to Australia or something like that so there is real real change on the uh around the world when it comes to actually arresting uh these sorts of
00:53:41
criminals and you know maybe cryptocurrency tracing will play a part in that as well you know as Andy was saying you can you can trace the cryptocurrency but what if you can't actually knock down the guy's door in some cases you can knock down the guy
00:53:53
based or you know increasingly so we have another question we have a few questions actually um could you see the difference um in terms of levels of traceability among currencies that are now available
00:54:05
like if there are you know what's more traceable and what isn't or sure I mean I can see I can speak to it as much as I'm sort of aware of it and as I said like in more and more of this sort of like especially in the when it's
00:54:17
sort of contemporary it's hard to know the extent of anything's traceability because that is kind of only becomes clear sometimes years later um but just briefly I would say that like almost all cryptocurrencies are extremely traceable they essentially
00:54:30
have a blockchain just like Bitcoins um on the other end of the spectrum is zcash which I already talked about which is like I think pretty untraceable you know I hesitate to say it but it looks that way and then
00:54:41
One Step more traceable is Monero which is a really interesting one that is used far more than zcash and has been adopted for instance as the sole cryptocurrency of the new alphabet which is now the biggest drug web Market again although
00:54:54
it's still just a fraction of the size of the original and Monero is like a sub you know hotly contested thing I every time I write anywhere like on Twitter God forbid that like uh Monero can be
00:55:05
traced in any way I get attacked by all these Monero users who who want it to be that perfectly untraceable currency but I you know in the theft of 120 000 Bitcoins from
00:55:17
bitfinex by these two alleged money launderers in New York in the IRS public documents around that indictments it really looked to me like they traced Monero in one part of the case and I pointed this out and got a
00:55:30
lot of like you know attacks for it but um it really appears that way and then also in that leaked chain analysis document they say that they can trace Monero so you know in between Z cash and like Bitcoin the most traceable of all
00:55:43
you know or as traceable as anything um there was just a lot of gray area and a lot of debate one of the questions has to do with um and I it just tells you the the you
00:55:54
know you know how to complex complex conversation is how hard is it to get on the doorstep um because you know it sounds like this sort of like you know nether region and
00:56:08
the question is you know it some like what is that all about how does that work and I'm I should have raised this earlier um but one of our uh questioners is curious and and I think that's a good one to and then we have yeah go ahead
00:56:22
I'll let Joe answer it because I feel like Joe lives on the dark web um even more than I do or did at one point I'm not sure he still does yeah not so much anymore but I definitely did for several hours a day
00:56:33
so there is this again a myth that the dark web is completely inaccessible you can't Google the dark web is often said something like that you can literally Google addresses to go to on the dark
00:56:45
web that's how I find them you know um but the actual process is you will go and download the tour browser which is based on Firefox download it like any other sort of browser you open it up and that is routing your connection through
00:56:58
different hops around the planet computers run by volunteers you are now technically on the tour and the limiting Network to get to the dark web you'll find one of these addresses which is a very long string of random characters
00:57:09
mostly random characters uh dot onion so instead.com or dot Co dot UK they're all dot onion which is linked to the the layers of protection that Tor provides and then you can go from there if you want to find the addresses you might go
00:57:23
on normal Google and be like latest dark web addresses something like that but the only thing I would add is that I'm very interested U.S law enforcement did Target a website called deep.web several
00:57:35
years ago and that was sort of a News website for oh this is this drama is happening in the dark web but it also included trusted links to dark websites you could go well I know this is the alphabet link it's not a fishing one I
00:57:48
know this is a Silk Road one they got shut down because the administrator was actually taking Kickbacks for providing traffic to those sites so in the same way there is a bottleneck when it comes to the Bitcoin exchanges where law
00:58:01
enforcement can go and subpoena and get records there's you know not as tight a bottleneck but there's still sort of one on these public-facing websites that list all of the dark web marketplaces because you could I don't know get IP
00:58:13
addresses of those if you were going to do a very broad investigation or you just try to shut down that site as well it's another bottleneck as the way into the dark web thank you we have one last question um but so and we're out of time but I
00:58:27
want to ask it anyway um have you looked beyond the use of cryptocurrency and tracing by traditional ordinary criminals to whether and how they're used by governments and intelligence to mask payments and funding
00:58:39
and I think I think it's a good question that sort of goes into you know all of this you know um the way in which we go after cryptocurrency where's the interface particularly on the part of
00:58:50
government intelligence in terms of um you know normal criminal investigation as well as crypto I think this is the question is like do do intelligence agencies and do governments themselves use
00:59:05
cryptocurrency yeah I think that that's um it's really interesting it's it's like something I haven't heard like a lot about but I can think of off the top of my head like the example of the Russian hackers who
00:59:17
um who uh breached the Democratic National Committee you know that was um EBT 28 and sandworm the subject of my last book and um these Russian military agency hackers
00:59:30
the Gru and they absolutely did uh fund their um infrastructure they built their infrastructure using Bitcoin payments to pay for servers and things and that was absolutely intended to hide their tracks
00:59:43
I'm not um and in fact I think that they were some of the most careful about this of anyone I can think of they I think even mined Bitcoins to try to avoid buying them somewhere where they could
00:59:55
be identified but nonetheless Shane analysis talked to me about tracing those uh those transactions and I think that you know we eventually we I it was
01:00:08
never exactly revealed how um the Department of Justice was able to like identify all these members by name and face of uh many of these Russian hacker groups
01:00:19
abd28 and sandworm and but they were identified and we have pictures of these guys so um it may be that and I have also you know absolutely heard that intelligence agencies within the US like the NSA
01:00:32
trace cryptocurrency for these National Security investigations that they were even fooled by the apparent privacy of Bitcoin and that their cryptocurrency payments they use to try to cover their tracks were traced
01:00:46
well well but I have to say this has been a remarkable discussion so a couple of closing remarks um first of all um I thought three-dimensional chess was
01:00:58
like bad and hard but this sounds to me like you know many multiples of three-dimensional chess um that I think that is sort of has a lot of different players in it so thank you so much for sort of Illuminating
01:01:12
what some of that story is um tracers in the dark by Andy Greenberg is a book well worth reading not just because it'll teach you so much about what you what we don't know yet or might
01:01:26
not know about um crypto currency crypto criminals um crypto law enforcement Etc um but also because it reads about it really focuses on on Persons and not
01:01:39
just sort of the the legal regime and the financial regime and I I really think it illuminates a dark story that we you know uh an unclear story um and and so I really urge you uh to
01:01:54
read this book I also want to say we want to look forward to Joe vox's book um Joe Cox's book sorry a dark wire um when it comes out um Joe when is that coming up do you
01:02:05
know yeah okay we'll put that back up behind the curtain um um but I'm looking forward to it I think this is a really um wonderful topic that you've both given up some insights into and um I
01:02:23
can't wait to have you both back so thank you very much thank you and we'll see you all next time thanks so much Karen thanks Joe
End of transcript