Why is Bitcoin popular among cybercriminals, and what is the future of cryptocurrencies in the darknet?
Due to the transition of many people around the world into a “stay at home” mode, where the only viable way of communicating and receiving something is through the global network, some new information regarding darknet activity has begun to surface.
In the time of COVID-19, there has been an increase in both the activity of cyber fraudsters using the capabilities of cryptocurrencies and general illegal activity on the World Wide Web.
Of course, not all darknet operators are using the epidemic for malicious advantage, and comply with the code of honor. Nonetheless, Cointelegraph decided to figure out how Bitcoin is associated with the darknet, whether the global pandemic affects illegal crypto operations, and how authorities around the world are coping.
Crypto and the darknet
Digital assets are used in many areas, including acting as a means of payment on the darknet by those seeking maximum anonymity while performing operations deemed questionable by regulators.
Cryptocurrencies are especially popular with sellers of items like illegal drugs, weapons and other restricted goods. Darknet users provide impetus to markets in the network by using special software such as the TOR browser to circumvent inaccessibility to such goods through the use of crypto, with its pseudo-anonymity for transactions. These kinds of transactions and the concept of decentralization itself has put limitations on the control of global intelligence agencies.
Sellers of illegal goods latched on to the decentralized principle of cryptocurrencies early on, using them long before Bitcoin (BTC) became a household name. A striking case is the online market Silk Road, launched as part of the darknet. It relied heavily on Bitcoin while the token was still a mystery to many back in 2011.
On the darknet, all connections are established between trusted nodes through special protocols and ports. All IP addresses are hidden, so it’s not possible to enter the darknet through familiar browsers such as Chrome, Firefox or Safari. The entire network operates on the principle of decentralization and is not controlled by any authority. Due to this, users receive some degree of security, since many sites in the darknet use TOR encryption protocols, which hide the identities of users and replace their IP addresses.
There are many sites selling illicit goods on the darknet, among which AlphaBay and Oasis stand out. They have arguably caused the price of privacy-oriented cryptocurrency Monero (XMR) to skyrocket in the past after adding the token as a payment option. Anonymous token transactions have allowed the dark network to progress, but this has, in turn, developed a connection between cryptocurrencies and illegal activity in the minds of many people today.
Aleksadnr Lazarenko, the head of the R&D department at Group-IB — one of the biggest providers of solutions aimed at detecting and preventing cyber attacks — shared his opinion with Cointelegraph on why cryptocurrencies are popular among criminals:
“Despite the fact that transactions carried out in Bitcoin are noted for their transparency, they still grant cybercriminals with considerable anonymity. Since cryptocurrencies are normally decentralized and do not belong to some particular national jurisdiction, operations with their use are not that closely monitored by monetary authorities. Another obvious reason that explains cybercriminals’ passion for cryptocurrencies, is no need to disclose valid personal information for their holders.”
Does the darknet need Bitcoin?
There is still an opinion that BTC and other cryptocurrencies are used only for criminal purposes. However, offshore banking systems are more suitable for financing terrorist activities and money laundering than an anonymous decentralized network through which payments pass.
Undoubtedly, BTC helped to run the darknet economy of Silk Road, but marketplaces on the darknet have begun to close up shop over the last few years — and for good reason. According to Chainalysis experts, darknet deals flourished in 2019, especially thanks to cryptocurrencies. However, these online assets are subject to sharp fluctuations in price, which affects their use on the darknet.
Carles Lopez-Penalver, cybercrime analyst at Chainalysis, told Cointelegraph that sellers reduced their activity during periods of decline in the BTC price, fearing that the funds they accept may not be worth anything the next day:
“While we think darknet markets are resilient and here to stay, it was interesting to observe that darknet market revenue fell much more than we expected following Bitcoin’s recent major price drop associated with COVID-19.”
Nevertheless, experts agree that no matter what the price rate of a particular cryptocurrency is, they will still be popular on the darknet. Lazarenko opined:
“Cryptocurrency is de facto the main currency of the underground, therefore, it will definitely be popular. The extent of its popularity and use will directly depend on the state of the underground market — if it grows, there are likely to be more transactions in cryptocurrencies. When it comes to the main payers on this market, there are few cryptocurrencies that can compare to Bitcoin in their popularity, perhaps, we’ll see the growth of Ethereum 2.0, once it sees the world, but it is still likely to be behind Bitcoin.”
Could TON become the new darknet?
Despite the decline in cryptocurrency operations on the darknet, criminal activity seems to be moving to distributed platforms and encrypted applications, and this is where Telegram Open Network may come in.
Many think that TON will be a new darknet, and here is why. The usual websites that users see when opening a link in a browser work on the basis of the Transmission Control Protocol, Internet Protocol and Hypertext Transfer Protocol. TCP is responsible for the reliable transfer of the byte stream from one computer to another, IP is for routing the dataset or determination of all data transfer points, and HTTP works one level higher, allowing for information to be encoded in the form of documents.
Overlay networks such as TOR or a VPN can be created based on these protocols. Most of them are designed to eliminate privacy issues like low security and lack of anonymity. The Telegram team has proposed another one — TON Sites. Technically, the sites created on the TON network will look like regular web pages, but the difference is that content will not be stored on any server but rather distributed across network nodes and users. Instead of IP addresses on this network, there will be an Abstract Datagram Network Layer protocol providing encryption by default, while access to regular HTTP sites and vice versa will be possible through gateways.
Not surprisingly, some analysts see TON sites as an element of a technologically advanced darknet platform, the core of which is the Gram cryptocurrency. Russian law enforcement authorities have thus voiced concerns about the platform, publishing a notice in March that called on contractors to investigate and block anonymous networks, including both TOR and TON as targets.
Moreover, darknet platforms like TOR or potentially TON don’t solely utilize cryptocurrencies, but also blockchain technology as a whole. There are already a few projects that are actively using the blockchain in order to access their resources. Experts at Chainalysis confirmed:
“There are some markets and fraud shops that have implemented blockchain technology beyond a mode of currency. Multiple carding shops and some small drug shops operate through Blockchain DNS, which uses Namecoin and Emercoin to protect marketplaces against ISP DNS blocking to make sure their customers are able to access their marketplace.”
Authorities fight cybercrimes
Regulators around the world are increasingly concerned about the role of cryptocurrencies in money laundering and the financing of various illegal activities. Since the beginning of 2020, many governments have begun to actively combat this situation, and have introduced various legal measures designed to strengthen their protection against financial cybercrime.
According to Chainalysis, the number of darknet users directly relates to how strict government policies are toward the internet. Therefore, the darknet is mainly used in the United States, Russia and some European countries such as Germany, the Netherlands and France.
Echoing moves by Russia, where the central bank periodically introduces strict recommendations on how financial institutions should detect suspicious transactions including digital currency exchange, the U.S. law enforcement and regulatory agencies established a cryptocurrency intelligence program in March that proposed new rules and tax reporting requirements to help pave the way for the widespread adoption of blockchain technology.
At the end of March, the International Criminal Police Organization announced a partnership with South Korean data intelligence startup S2W Lab to analyze darknet activity, including cryptocurrency transactions. However, it is not yet clear how effective their measures will be, as users on the dark side of the net tend to find new ways of continuing their illegal activities one way or another.