Andy Greenberg on how 'Tracers in the Dark' found the dark web's worst criminals

View of a Bitcoin sign announcing the acceptance of the crypto for payments at the San Salvador Historical Center on June 22, 2022 in San Salvador, El Salvador. (Photo by Kellys Portillo/APHOTOGRAFIA/Getty Images)

Share

Written by

In “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency,” Wired journalist Andy Greenberg traces the evolution of bitcoin from its utopian origins to its role underpinning global cybercrime. It’s a pivotal story of the internet, the dark web and policing in the Digital Age. The book demonstrates in gripping, and sometimes thrilling detail, how law enforcement agencies such as the IRS Criminal Investigations unit have harnessed powerful emerging technology to trace cryptocurrency, which once seemed anonymous, right to the doorsteps of some of the world’s most wanted criminals.

He also highlights concerns from critics who worry that cryptocurrency tracing technology could be poised to threaten those who seek safety and financial freedom, such as dissidents and those fundraising for war efforts in Ukraine. But mostly this is a story of how police are using technology in their favor, busting Silk Road successor AlphaBay or arresting more than 300 child abuse perpetrators. Told through interviews with academics, technologists and law enforcement agents, “Tracers in The Dark” raises essential questions about the future of cryptocurrency.

CyberScoop spoke with Greenberg about the book, released on Tuesday. This conversation has been edited for clarity and length.

The Justice Department recently announced the seizure of $3.36 billion worth of cryptocurrency connected to the Silk Road. I have to admit, I was immediately trying to figure out if James Zhong, the person in this case, was one of the unnamed actors that you wrote about in the book. Were you aware of this case when writing the book? What do you make of its significance?

I also was scrambling yesterday to figure out if this was a story that I told in the book because initially I thought James Zhong was “Individual X”, this unnamed person who forfeited 70,000 bitcoins he had stolen from the Silk Road to the Department of Justice in an IRS Criminal Investigation case in 2020.

It was only after I reached out to some sources on background that I realized no, this is a different guy. Another hacker essentially had exploited probably the same vulnerability in the Silk Road and this time stole 50,000 Bitcoins — which by the time he forfeited them in late 2021 were worth even more than Individual X’s coins.

I mean, you can argue about which of these is the third or second or first biggest seizure of all time. But it’s just remarkable that IRS criminal investigations pulled off this massive seizure and then went on a few months after that to break their own record by seizing $3.6 billion in Bitcoin from this “Bonnie and Clyde” alleged money laundering couple in New York, who are accused of receiving that money from a hack of the BitFinex exchange. 

What it all points to is that this golden age of cryptocurrency tracing that has led to record-breaking cybercriminal busts and record-breaking financial seizures is still well underway. Those records are still being broken, even now. It just shows the power of this new forensic technique and the cases that it can break.

You tell the story of how technologists discovered cryptocurrency isn’t untraceable through two lenses: Sarah Meiklejohn, who’s a lifelong academic, and Michael Gronager, the co-founder of Chainalysis, a billion-dollar company whose technology plays a key role in some of the book’s investigations.  Without giving away the ending of the book, it seems like both reach different conclusions about the technology they’ve created. Why was it important to tell kind of those two parallel stories and what were you hoping to accomplish?

I told the story of Sarah Meiklejohn because she really is the inventor of so many techniques that have changed the world’s perception of bitcoin traceability and cryptocurrency privacy in general. I intended her character in the book to kind of be the conscience of the story. I didn’t want this book to be merely cheerleading for law enforcement or telling “cops and robbers” tales that make financial surveillance seem like an unalloyed good. And Sara Meiklejohn, I think, shares this kind of ambivalence. You know, she invented many of these tracing techniques and publicized them but intended her research to be almost like a public service announcement and never really wanted to be one of the cats in this cat-and-mouse game. 

It seemed important to capture that not everyone agrees that all money should be traceable, or that financial privacy is a bad thing, or used entirely by criminals.

How did you build trust with law enforcement to give that level of detail and were you surprised at all by what they were willing to share?

I’ve only rarely told stories from a law enforcement perspective before. I’ve never been the kind of reporter who is deep inside of the Washington, D.C. agencies getting federal agents to tell me all sorts of untold stories before. But I was lucky here with the correct choice of protagonists, all of whom happened to be underdogs in various ways, and I think were probably a little tired of the fact that their parts of the stories had not been told before.

And the central player I mean in all of that is IRS Criminal Investigations. They did so much of the important work in these crypto-tracing cases and continue to. They’re treated like these pencil-pushing accountants when in fact they are a real law enforcement agency within IRS — they carry guns, make arrests and travel around the world to capture the biggest financial criminals. And yet I had barely heard of them before embarking on this story.

Similarly, the AlphaBay case, which would become the biggest dark web bust of all time, began at the Fresno office of the Department of Justice. It’s not the Southern District of New York or Washington, D.C. — it’s not where you expect cases like this to originate.

Andy Greenberg’s latest book explores how law enforcement tracked down notorious cybercriminals. (Image courtesy of Doubleday)

Given the rise of ransomware and some of the obstacles it has posed, do you think the golden age of cryptocurrency tracing you described in your book is over and if not, what do you think is next?

Well, it’s clear from the Zhong case that this golden age of cryptocurrency tracing is not over. There are still cases coming to light, often based on evidence trapped in the blockchain from years ago that is still being excavated and exploited by law enforcement. It’s clear that these kinds of cases will continue to unfold for years.

But I do think that there are limits to what can be achieved through cryptocurrency tracing, and ransomware is definitely the clearest example of that. The North Korean cryptocurrency thefts are another example. Sometimes you can follow the money and can identify exactly who stole it or who received the extortion payment. But visibility is not always a silver bullet. The ability to trace ransomware payments for instance just gives us a front-row seat to see how rich Russian cybercriminals are becoming. It doesn’t always allow us to do anything about the problem.

Do you think that cryptocurrency still has potential as a privacy-preserving technology or is that out the window at this point?

I have to say that I’m guilty of thinking that bitcoin was a privacy-preserving technology back in 2011 when I wrote the first magazine piece about it and was really focused at the time on its apparent untraceability. I wrote in that Forbes article that it seemed like you could use this to buy drugs online, which then became one of its first big applications on the Silk Road. So, you know, forgive me if I’m making the same mistake twice but I do now, despite the story of this book, believe that untraceable cryptocurrency is becoming possible again.

To me, Zcash seems to not offer any loose threads that a crypto tracer can use to follow someone’s transactions. Not many people are using Zcash for criminal purposes or really using its private properties at all. For those that do, I haven’t yet seen any evidence that the anonymity can be cracked. So, it does seem like, after all this time, there is a completely untraceable cryptocurrency. And the implications of that could still be enormous.

I don’t think we’ve ever actually had true truly untraceable cryptocurrency before, and I don’t really know what that will mean for society and for law enforcement.

-In this Story-

AlphaBay, Bitfinex, cryptocurrency, cybercrime, ransomware, Silk Road
TwitterFacebookLinkedInRedditGmail