Ax1al
Published in

Ax1al

How to use OSINT in Cryptocurrency Investigations?

Source: ScienceMag

The most basic framework of any financial investigation consists of identifying a target, searching for information related to them, identifying the target’s associates, and then searching for information on them. Cryptocurrencies fit perfectly to this investigation. Cryptocurrencies have become the favored means of exchange for cybercriminals and those avoiding restrictions of traditional banking, due to being increasingly dependent on cryptographic protection and a decentralized P2P system, money ownership is tacitly pseudonymous, while its flow is publicly accessible and perceptible.

Analyzing Wallet Addresses using Blockchain Explorers

In cryptocurrency investigations, blockchain ledgers play a significant role. To render it simpler to comprehend and make sense of the information, investigators use Wallet explorers to conduct analysis on wallet addresses and transactions.

Transaction analysis is crucial in cryptocurrency investigations since it not merely permits investigators to follow the money, but also determine the source and what sort of tools the suspect employed

One of the more known Explorers is Blockchain.com. It allows us to look up the wallet address and see all of its past transactions. It also shows how much currency it currently holds. Blockchain transactions are simple to track in the case of public ledgers like Bitcoin or Ethereum.

Few other Explorers:

WalletExplorer

BitcoinWho’sWho

BitcoinAbuse

IntelX

Wallet explorers usually update in real-time with the details of each transaction, comprising of:

  • Hash: The transaction ID which serves as a way to look up a particular transaction on the blockchain. (Not to be confused with Cryptographic Hashes)
  • From/To: The sender’s address and the recipient’s address.
  • Time Stamp: Each block includes the precise time for when the transaction entered the blockchain. Thus, the time the block was mined.
  • Actual Cost/Fee: The price of the transaction.
  • Transaction Receipt Status: Confirmation of the transaction’s status.
  • Value: How much cryptocurrency was sent and the equivalent USD value.
Details of WikiLeaks BTC Wallet and their transactions on Bitcoin Who’s Who
Details of WikiLeaks BTC Wallet and their transactions on Blockchain.com
Details of WikiLeaks BTC Wallet and their transactions on Walletexplorer.com

Using OSINT Tools for further analysis

Employing additional open-source intelligence tools (OSINT) for uncovering related emails, locations, social media sources, and other relevant information as part of investigations, such as Maltego, Recon-NG, theHarvester, FOCA, etc. further help with the investigation.

We can also visualize data that we scrape from sites using Gephi or DataVis Tool.

Visualization of Transactions of Daily Stormer Cryptocurrency Wallet

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Argonyte

Argonyte

OSINT | Red Team | Threat Hunter | Malware Analyst. Member of AX1AL. Website- https://argonyte.github.io