Why Hackers Use Bitcoin and Why It Is So Difficult to Trace

Why Hackers Use Bitcoin and Why It Is So Difficult to Trace

Bitcoin is increasingly used in scams.



Photo:

Artur Widak/NurPhoto/Zuma Press

By now you have probably heard of bitcoin, even if you haven’t used it yourself. Launched 11 years ago, bitcoin is a digital currency that operates independently of third-party oversight from banks or governments. It allows two people anywhere in the world to exchange value across the internet in minutes.

Although it hasn’t found success as a mainstream, transactional currency, it is increasingly used in scams. On Wednesday, it was featured in a hack of prominent

Twitter

accounts. Purporting to be former President Obama, Bill Gates and Kanye West, hackers steered Twitter followers to send $1,000 in bitcoin, promising $2,000 in return. They drew more than $100,000 before the scam was shut down.

Here’s what you need to know about bitcoin.

Q: Is bitcoin actually money?

A: We call bitcoin digital currency or money, but really it is just a computer program. People trade bitcoin with each other directly, or buy and sell through online exchanges. At current prices, one bitcoin is worth about $9,000, but it can be divided and sold in smaller slices.

Anyone with a computer and an internet connection can download the software, which comes with something called a wallet, a place to store your bitcoin balance. That wallet has an address—a long string of numbers and letters, called the public key—that lets people find the account on the network. Anybody can send bitcoin into a wallet. Taking money out of that wallet, though, requires control of what is called the private key, another long string of letters and numbers.

Q: Why did the hackers ask for bitcoin in the first place?

A: Unlike opening up a bank account, you don’t have to provide any identifying information to start a bitcoin account. Bitcoin is effectively anonymous, and law enforcement can’t freeze your bitcoin account like they could your bank account.

“A bitcoin wallet is something you can possess and control without going through a third party,” said Yaya Fanusie, an adjunct senior fellow at the Center for a New American Security. “Bitcoin is a choice for scammers just because of that.”

The European Union Agency for Law Enforcement Cooperation says bitcoin is one of the most popular cryptocurrencies for criminal use. Meanwhile, cyber crime is rising and is expected to be more profitable than global illegal drug trade by next year, according to data provider Cybersecurity Ventures.

Q: Is bitcoin traceable?

A: Every bitcoin transaction since the network launched in 2009—billions of them—has been recorded and stored in a permanent, inalterable public ledger, which anybody can view and analyze at any time. This ledger is called the blockchain.

Everybody can see what you do on the network, but they can’t necessarily see your identity. Think of that transaction history as a fingerprint. It can conclusively identify you, if it can be connected to you. Connecting bitcoin transactions to malicious actors has become a valuable tool to law enforcement for this exact reason.

Q: So can we track the thieves?

A: We can track their movements, yes. Anyone can look at the scammer’s wallet on a website called an explorer and look at every transaction going in or out of that wallet.

In one that they used, there have been almost 400 transactions, with nearly 13 bitcoins, worth roughly $116,000, sent to it. The scammers have already moved virtually all of it out of that account.

But tracking that money’s movement across the entire network is daunting. There is an entire cottage industry of software companies designing sophisticated programs to do just this for law enforcement and regulated online exchanges.

One of those firms, called Chainalysis Inc., began combing through the previous transaction history of the wallets the Twitter scammers used. They found a number of transactions, including payments for merchant services, that could become valuable to law enforcement in helping to identify the perpetrators.

“Those types of avenues of investigation can be really fruitful in identifying what was bought and who they are,” said Chainalysis co-founder Jonathan Levin.

Q: Then why can’t we get the money back?

A: Tracking bitcoin is a complex, 21st century cat-and-mouse game.

Because the scammers know their movements can be traced, they typically move their illicit gains across hundreds, or even thousands, of transactions. They might control dozens of other wallets and move the money back and forth.

A specific kind of software called a “mixer” can help with this. A scammer could send a certain amount to the mixer. It takes that bitcoin, breaks it up in many smaller transactions, and “mixes” that in with other transactions from other people. They would get back the same amount put in, but it isn’t the same exact bitcoins.

“It’s reasonably difficult to cash out,” said Tom Robinson, co-founder of Elliptic, another data-analytics firm, which works with regulated exchanges to tag illicit funds. “Everything is visible on the blockchain. But there are things they can do.”

Q: How successful was this scam at getting real money?

A: The bitcoin they raised is likely passing between wallets, and the hackers will likely face great difficulty transferring it into hard currencies like the U.S. dollar or the British pound. Because of the prominence of the hack, exchanges would be likely to report and refuse exchanging bitcoin that came from the wallets in question, said Patrick McCorry, a former assistant professor at King’s College London who has researched bitcoin since 2013.

“I don’t think they’ll be able to spend those coins,” he said. “They’re being blacklisted on all the exchanges so they can’t really do anything with the money.”

Q: Is there any recourse for people who sent bitcoin to the hackers?

A: No, it is very unlikely they will see those bitcoin again. If there is any hope of getting their money back, it will be because authorities tracked down the scammers and took control of their accounts.

High-profile Twitter accounts, including those of Barack Obama and Elon Musk, were the target of a widespread attack that security experts are calling the worst hacking incident in the company’s recent history. WSJ’s Euirim Choi reports on the hack, which looks different from other security breaches. Photos: Robyn Beck/AFP via Getty Images, Sean Gallup/Getty Images and Dado Ruvic/Reuters

Write to Paul Vigna at [email protected] and Caitlin Ostroff at [email protected]

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Skip to content