The battle lines have been drawn

Recently there was a story in the news about takedown of the plunder obtained by a ransomware hooligan:


Washington — The federal government has recovered millions of dollars in cryptocurrency paid in ransom to cybercriminals whose attack prompted the shutdown of the country's largest fuel pipeline and gas shortages across the southeastern U.S. last month, the Department of Justice announced Monday.

And I thought ... how hard would it be to make a "tainted BTC address list"?  Certainly the people paying a ransom know where it is going, so the first address in the money laundering chain is known, even if the owner is not.  And then one can follow transactions via the immutable blockchain and see where this money ends up.  I'm sure the FBI already does this.

But then ... I read about a service coming at the problem from the other side!  How do you make sure your money laundering is going well?


A new dark web service is marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. Dubbed “Antinalysis,” the service purports to offer a glimpse into how one’s payment activity might be flagged by law enforcement agencies and private companies that try to link suspicious cryptocurrency transactions to real people.

I think in the early days cryptocurrencies were probably pretty useful for money laundering, but I think those days are ending.  Which is probably a good thing, as ransomware has done a lot of damage to real people.

Update:  I just read this from Bruce Schneier:

In a chain swap, the criminal transfers the bitcoin to a shady offshore cryptocurrency exchange. These exchanges are notoriously weak about enforcing money laundering laws and — for the most part — don’t have access to the banking system. Once on this alternate exchange, the criminal sells his bitcoin and buys some other cryptocurrency like Ethereum, Dogecoin, Tether, Monero, or one of dozens of others. They then transfer it to another shady offshore exchange and transfer it back into bitcoin. Voila­ — they now have “clean” bitcoin.