A blockchain analytics tool has reportedly been introduced on the dark web, enabling Bitcoin or BTC addresses to be checked for “links to criminal activity.” Known as Antinalysis, it allows cryptocurrency launderers to test or determine whether their funds will be “identified as proceeds of crime by regulated exchanges.”
Crypto-assets have become a fairly important tool for cybercriminals, according to a report from Elliptic which notes that the likes of ransomware and darknet markets “rely on payments being made in Bitcoin and other cryptocurrencies.”
But laundering and cashing-out these funds is a significant challenge, the team at Elliptic acknowledged while noting that crypto exchanges make use of blockchain or DLT analytics tools, like those offered by Elliptic. These tools are used “to check customer deposits for links to illicit activity,” the company explained.
It also mentioned that by tracing a particular transaction back through the blockchain, these tools are able to reliably identify whether the assets originated from a certain wallet associated with ransomware “or any other criminal activity.” The Elliptic team also mentioned that the launderer therefore “risks being identified as a criminal and being reported to law enforcement whenever they send funds to a business using such a tool.”
As noted in the update from Elliptic:
“Antinalysis seeks to help crypto launderers to avoid this, by giving them a preview of what a blockchain analytics tool will make of their bitcoin wallet and the funds it contains. The site runs on Tor, an anonymous version of the web commonly used to host darknet markets and other illicit services.”
Users of Antinalysis get charged about $3 to check “a single bitcoin address,” the company added in its blog post while noting that the site offers a “breakdown of where it thinks the bitcoins have come from, categorizing by risk.”
The company also mentioned that the proceeds of darknet markets, ransomware, and theft are “considered to be ‘extreme risk,’ while funds from regulated exchanges and freshly-mined coins are classed as ‘no risk’.”
The creator of Antinalysis is also “one of the developers of Incognito Market, a darknet marketplace specializing in the sale of narcotics,” the Elliptic team revealed while adding that Incognito was launched in late 2020, and takes payments in Bitcoin and Monero (XMR), which is a cryptocurrency offering “heightened” anonymity.
As noted in the update from Elliptic, the launch of Antinalysis likely “reflects the difficulties faced by the market and its vendors in cashing out their Bitcoin proceeds.”
The company added:
“Antinalysis claims to offer highly accurate results and to have verified this by comparing them to those generated by commercially available blockchain analytics tools. However, Elliptic’s own evaluation of the results returned for a range of bitcoin addresses shows that it was poor at detecting links to major darknet markets and other criminal entities.”
According to Elliptic, this is “perhaps not surprising—providing accurate blockchain analytics requires significant investment in technology and data collection, over long periods of time.”
The Elliptic team also noted:
“Regardless, the tool represents a significant new capability for crypto launderers. They can now test their own laundering methods, be it the use of mixers or layering techniques, by screening their own Bitcoin wallet, before taking the risk of making a deposit at an exchange or other service provider. Compliance professionals should be aware of this new tactic.”
It’s s also significant since it makes blockchain or DLT analytics accessible to the general public for the very first time. To date, this type of analysis has been used mainly by “regulated financial service providers” and individuals or retailers worried about receiving funds from criminal activities may now “begin to pre-screen addresses before taking payment in Bitcoin.”
The Elliptic team further noted:
“For exchanges and other crypto businesses, the launch of services such as Antinalysis means that it is more important than ever that they make use of cutting-edge blockchain analytics tools, such as those offered by Elliptic. As our own testing here has shown, such a tool cannot match the sophistication of solutions based on several years of R&D and data collection—allowing our clients to see links to criminality that are invisible to the criminals themselves.”
The company also mentioned in its blog post that (as suggested earlier by Brian Krebs), they’re now able to confirm that the results offered by Antinalysis are “identical to those provided by AMLBot.” As noted in the blog, it’s therefore “likely that Antinalysis makes use of the AMLBot API” and AMLBot is itself “a reseller for Crystal Blockchain, an analytics provider.”