Title: The Evolution of Cryptocurrency Crime: From Silk Road to DeFi and Beyond
Author: David Carlisle, Vice President of Policy and Regulatory Affairs at Elliptic
Translation by: JIN, Techub News
Over the past decade, criminals have utilized various technologies to launder cryptocurrency assets. These include the use of mixers, privacy coins, unregulated cryptocurrency exchanges, DeFi, NFTs, and combinations thereof, showcasing the cunning and diversity of criminal methods to evade regulation. In response to the continuous evolution of money laundering techniques, governments and companies have also strengthened their research into related technologies, developing methods to uncover these illicit activities. In my recently published book, “Cryptocurrency Launderers: From the Dark Web to DeFi and Beyond,” I describe how law enforcement agencies, regulatory bodies, and private sectors have adapted to technological changes and evolving criminal strategies, achieving significant victories in making the cryptocurrency ecosystem safer.
In “Cryptocurrency Launderers: From the Dark Web to DeFi and Beyond,” I review the efforts made over the past decade to combat financial crimes in the cryptocurrency field, as well as how public and private sectors have responded and adapted to the rapid changes in this domain.
From the Silk Road to blockchain analysis techniques, the Silk Road dark web case (2011 to 2013) was the first major case in which law enforcement agencies discovered criminals using cryptocurrencies for illegal activities on a large scale. The Silk Road quickly became a multimillion-dollar black market website, facilitating the buying and selling of drugs and other illicit items through Bitcoin transactions. This event shocked law enforcement officers, who were concerned that the internet could give rise to new digital currency black markets.
During the early stages of the Silk Road case, US law enforcement agencies discovered a tool for investigation: the blockchain, the public transaction ledger of Bitcoin. As described in “Cryptocurrency Launderers”:
As law enforcement investigators delved into the Silk Road, they quickly recognized the pivotal role played by Bitcoin. Undercover agents began purchasing Bitcoin on cryptocurrency exchanges to make purchases on the Silk Road. As they became familiar with Bitcoin, they discovered a crucial characteristic of this technology: because all transactions are publicly recorded on the blockchain, government agencies could identify their transactions with the Silk Road by examining the ledger. When illicit vendors were instructed to send Bitcoin to Silk Road addresses for staged payments on the website, the vendors could see the Bitcoin received from the buyers of illicit goods and pay the website’s suppliers in Bitcoin as a transaction fee. This feature allowed the FBI to monitor hundreds of thousands of transactions flowing in and out of Silk Road Bitcoin addresses in real time.
In fact, during the investigation of the Silk Road, government agencies found that the blockchain provided an entirely different source of intelligence compared to traditional domains, which made accessing financial intelligence easier than with traditional money laundering cases. Unlike investigating money laundering through banks, investigators did not need subpoenas to obtain banking records, nor did they need to go through the complex process of obtaining international fund flow information through Mutual Legal Assistance Treaties (MLATs). As Bitcoin’s ledger is globally public and decentralized, anyone can view real-time, constantly updated transaction information, providing a continuous flow of financial intelligence.
Using blockchain technology, US law enforcement agencies combined transaction data from the Silk Road with other intelligence sources, successfully apprehending and convicting its founder, Ross Ulbricht, on charges of money laundering and other crimes.
The Silk Road case not only demonstrated the astounding innovative abilities of law enforcement agencies when faced with new technologies but also showcased their ability to adapt to the ever-changing criminal environment. As the cryptocurrency field continued to evolve, criminals also adapted and evolved. New dark web markets, such as Alphabay and Hansa Market, emerged, surpassing the scale of the Silk Road. Additionally, new types of cryptocurrency mixers like Helix Mixer and Bitcoin Fog allowed illegal users to “clean” billions of dollars’ worth of Bitcoin. Scammers and Ponzi scheme orchestrators also increasingly targeted innocent and unsuspecting cryptocurrency investors in an attempt to steal billions of dollars, leaving victims bankrupt.
In the face of an expanding cryptocurrency crime ecosystem, law enforcement agencies cannot solely rely on manual analysis of blockchain data, as they did in the Silk Road case. New specialized capabilities are required to address this complex environment. As described in “Cryptocurrency Launderers”:
The Silk Road case and subsequent investigations into dark web markets clearly demonstrate that law enforcement agencies need sophisticated capabilities to investigate the expanding cryptocurrency crime ecosystem. While the open and transparent nature of the blockchain is suitable for monitoring transactions, it is impractical for law enforcement investigators and compliance analysts at cryptocurrency exchanges to manually analyze billions of cryptocurrency transactions. Both public and private stakeholders require specialized tools to efficiently comb through the growing volume of blockchain data in a fast and seamless manner.
With the proliferation of cryptocurrency varieties, including thousands of new coins, the need for blockchain data analysis becomes even more significant. As each new cryptocurrency has its unique transaction history, analyzing data from the entire cryptocurrency ecosystem, excluding Bitcoin, requires the ability to efficiently navigate the increasing volume of transaction information across thousands of ledgers. Investigators or analysts must navigate through vast amounts of cryptocurrency transaction data without being overwhelmed by various pieces of information that may hinder the progress of their investigations.
These challenges have given rise to the blockchain data analysis industry, which specifically develops software to enable quick analysis and detection of illegal activities within the entire cryptocurrency ecosystem.
In fact, several years after the Silk Road case, blockchain data analysis techniques have been widely used in law enforcement investigations involving cryptocurrencies and have played a crucial role in criminal cases such as the 2020 Twitter hack.
Responding to New Challenges
For law enforcement agencies, acquiring new investigative tools is crucial in dealing with the evolving landscape of crime and cryptocurrency. As new and more sophisticated criminals begin to utilize updated technologies, new challenges arise.
For example, by 2018, evidence showed that organized crime syndicates were attempting to launder money across borders using Bitcoin ATMs, converting their illicit cash proceeds into cryptocurrencies through these self-service kiosks. As described in the book:
With the growth in the number of Bitcoin ATMs, organized crime networks started adopting the trend of using Bitcoin more widely. In the early days of cryptocurrencies, illicit users mainly came from online black markets and internet fraudsters who discovered that digital payment methods supported their criminal activities. However, organized crime networks involved in physical-world crimes such as street drug trafficking or human trafficking did not initially adopt cryptocurrencies on a large scale, as these criminal activities often involved significant amounts of cash.
Over time, evidence showed that organized crime syndicates increasingly integrated cryptocurrencies into their existing money laundering schemes. International drug trafficking networks have long used various methods to launder money through the banking system, including strategies like “smurfing” and complex trade-based money laundering techniques, which involve repeatedly depositing small amounts of cash into different bank accounts to avoid suspicion from large cash transactions. For decades, drug trafficking networks have also relied on trade-based money laundering techniques, such as the infamous “Black Market Peso Exchange,” a money laundering method that allows South American drug traffickers to purchase goods with funds obtained from drug transactions and then sell these goods overseas through international trade to realize their value. With the popularity of Bitcoin ATMs, organized crime syndicates discovered an opportunity to combine these long-standing money laundering techniques with new technology.
The physical nature of Bitcoin ATMs meant that law enforcement agencies had to combine their policing skills used on city streets with new tracking capabilities for cryptocurrency assets. Successful cases, such as the crackdown on a money laundering network in Spain in 2019, which used Bitcoin ATMs to transfer illicit drug sales proceeds to South American drug cartels, demonstrate the effectiveness of this approach.
Similarly, advanced cybercriminals, particularly those associated with sanctioned countries like North Korea, Iran, and Russia, have utilized cryptocurrencies for activities such as ransomware attacks and hacking cryptocurrency exchanges, presenting new challenges for detecting and disrupting illicit fund flows. “Cryptocurrency Launderers” describes the complexity of the emerging online money laundering ecosystems that these cybercriminals can exploit:
Like ransomware attackers, exchange hackers can utilize increasingly sophisticated money laundering ecosystems to move large amounts of stolen cryptocurrencies. In addition to familiar techniques such as laundering through non-compliant exchanges, using mixers and coin swapping services, or laundering through the dark web, hackers can employ other methods to deal with their large cryptocurrency holdings. For example, they can purchase stolen credit card, debit card, and prepaid card information from the dark web or buy personal identity information that helps them bypass AML/CFT controls of compliant exchanges, enabling them to cash out funds stolen from other exchanges. This method prompts hackers to recruit “money mules” or proxy teams specifically dedicated to providing money laundering services.
Faced with increasingly complex cryptocurrency money laundering methods, investigators must dedicate more resources to research and decryption. And they have indeed done so.
In the Colonial Pipeline case, US law enforcement agencies successfully identified and seized Bitcoin from Russian ransomware attackers. In the Bitfinex hack case, investigators relied on advanced technology to analyze transaction flows on the blockchain, marking the largest hacking attack in US history. The details of these cases are extensively reviewed in “Cryptocurrency Launderers.”
From Cross-Chain Crime to NFTs
With the arrival of the 2020s, public and private sectors dedicated to reducing cryptocurrency crimes face a new set of challenges: how to address emerging and innovative criminal technologies in the cryptocurrency field.
Firstly, the emergence of DeFi has opened up vast new possibilities and opportunities for innovators seeking to launch financial products in the cryptocurrency field, such as DEX. However, it has also created new avenues for cross-chain money laundering. As stated in “Cryptocurrency Launderers”:
With the increasing number of token transactions within the Ethereum ecosystem, DEX trading volumes have grown rapidly. In particular, the issuance of stablecoins has enabled users to quickly transfer funds into and out of DEX, greatly enhancing DEX liquidity. DEX trading volumes were relatively small between 2017 and 2019, but experienced significant growth in 2020. By mid-2021, monthly DEX trading volumes exceeded $160 billion. This rapid growth has had a significant impact from a money laundering perspective: the highly liquid DEX ecosystem does not require user identification, transactions are fully automated, and there are no intermediaries, providing new opportunities for criminals to attempt to conceal their illicit activities by swapping tokens.
DeFi presents new challenges for regulatory bodies, including how to regulate a decentralized environment. However, one key point remains: transactions conducted within the DeFi ecosystem are transparent, and even if criminals attempt to obfuscate their activities through cumbersome processes, detection and tracking of funds can still be achieved through blockchain data analysis techniques. This enables investigators to trace the flow of funds within the DeFi ecosystem, as demonstrated in recent cases such as the theft of funds during the collapse of the FTX exchange in November 2023.
Another innovation, NFTs, emerged in the early 2020s and quickly became involved in fraud and scam cases, forcing investigators to adopt creative approaches. Despite NFTs being a novel and innovative technology, investigators have been able to utilize the skills and techniques they have developed over the past decade to bring criminal charges against those using NFTs for illegal activities and ensure convictions.