Criminal Cryptocurrency Transactions Will Drop by 30% by 2024 - Here's Why

Contrary to popular lore, cryptocurrencies are not a haven for anonymous criminals. In fact, armed with smart analytics, it’s easier to follow money trails on blockchains than it is on legacy payment networks, whatever circuitous route they may take. What’s still hard to figure out – for the time being – is the identity of the criminals using various blockchain addresses to move their stolen funds, especially when they rely on self-hosted wallets.

In our recently published “Predicts 2022: Prepare for Blockchain-Based Digital Disruption,” we predict that “by 2024, successful cryptocurrency thefts and ransomware payments will drop by 30% due to criminals” inability to move and spend funds off blockchain networks.” We attribute this to four developments.

1. Blockchains Are More Open Than Flat Payment Networks

Transparent blockchains are much easier platforms on which to track criminal payments than siloed, legacy payment systems ever were. Today about 23 blockchains make up approximately 99% of all blockchains’ market cap. This means that effective anti-blockchain-fraud systems must integrate with just 23 totally transparent platforms rather than thousands of enterprise systems and payment networks.

The hard part is turning the nondescript blockchain metadata into meaningful information and applying real-time machine learning and analytics to the data. The good news is if that is done well, the intelligence can see across all the blockchain platforms at once, trace criminal and suspect payments and addresses, and identify oft-repeated abnormal money movement patterns.

2. The Blockchain Intelligence Market Is Emerging

Vendors like ChainalysisCipherTrace (a Mastercard company), Elementus and TRM Labs provide insights to authorities who need forensics to investigate hacks. Increasingly, exchanges and DeFi protocols use their software to prevent fraud. 

It’s probably time to democratize these fraud prevention tools and let individual users acquire them directly, so they can receive proactive warnings before transmitting funds to a criminal address. Democratization of these tools is in the spirit of Web3 finance, where users are their own bankers. But it does pose a conundrum: how can we keep the tools opaque enough that criminals can’t reverse-engineer them and figure out how to evade detection and prevention tools during future heists?

3. Governments Are Across it

Aside from the increasing adoption of rapidly advancing blockchain intelligence and fraud prevention tools, the government is also stepping in to make it harder to use cryptocurrency for criminal purposes. There are three critical facts noted in our report on this below.

Firstly, the US government is making a concerted effort to curtail ransomware attacks and has already issued sanctions against a Russian cryptocurrency exchange used by ransomware-related criminals.

Secondly, high-profile hacks and ransomware attacks in 2021 resulted in criminals returning stolen funds or law enforcement clawing them back. Criminals find it increasingly difficult to cover their blockchain tracks as investigators analyze blockchain and off-chain curated data to identify blockchain addresses where stolen funds are parked.

Thirdly, once stolen funds are marked, they cannot easily be moved off the blockchain for subsequent use without being seized by watchful parties and law enforcers.

When you add it all up, it is getting harder and harder for criminals to commit crypto-related heists and move stolen funds off cryptocurrency networks. For example, TRM Labs just investigated the recent BadgerDao hack and reported to investigators that, “Even if the hacker used only fraudulent identity documents when establishing accounts with exchanges, there remains a good possibility that… they may ultimately prove fatal to the hacker’s anonymity. As of this moment, the hacker has stolen well over $120m worth of assets, converting them to bitcoin and ether.”

In the end, the BadgerDao hackers may go the way of the Polygon Network hackers and return most of the money they stole since they will likely be unable to get the funds off the blockchain without risking arrest.

4. VASPs Shield Us

It’s simply a myth that blockchain networks are criminal havens. A July 2021 report from the intergovernmental Financial Action Task Force (FATF) shows that transactions that go through virtual asset service providers (VASPs), which include cryptocurrency exchanges, are significantly less likely to be criminal than those that go through self-hosted wallets or non-VASPs.

There’s no doubt in our mind that, in the future, the bad guys will have an easier time moving laundered money and theft proceeds over a plethora of opaque legacy payment networks than through transparent and relatively few well-protected blockchain networks.

What’s Hot on Infosecurity Magazine?