How to use OSINT in Cryptocurrency Investigations?
The most basic framework of any financial investigation consists of identifying a target, searching for information related to them, identifying the target’s associates, and then searching for information on them. Cryptocurrencies fit perfectly to this investigation. Cryptocurrencies have become the favored means of exchange for cybercriminals and those avoiding restrictions of traditional banking, due to being increasingly dependent on cryptographic protection and a decentralized P2P system, money ownership is tacitly pseudonymous, while its flow is publicly accessible and perceptible.
Analyzing Wallet Addresses using Blockchain Explorers
In cryptocurrency investigations, blockchain ledgers play a significant role. To render it simpler to comprehend and make sense of the information, investigators use Wallet explorers to conduct analysis on wallet addresses and transactions.
Transaction analysis is crucial in cryptocurrency investigations since it not merely permits investigators to follow the money, but also determine the source and what sort of tools the suspect employed
One of the more known Explorers is Blockchain.com. It allows us to look up the wallet address and see all of its past transactions. It also shows how much currency it currently holds. Blockchain transactions are simple to track in the case of public ledgers like Bitcoin or Ethereum.
Few other Explorers:
Wallet explorers usually update in real-time with the details of each transaction, comprising of:
- Hash: The transaction ID which serves as a way to look up a particular transaction on the blockchain. (Not to be confused with Cryptographic Hashes)
- From/To: The sender’s address and the recipient’s address.
- Time Stamp: Each block includes the precise time for when the transaction entered the blockchain. Thus, the time the block was mined.
- Actual Cost/Fee: The price of the transaction.
- Transaction Receipt Status: Confirmation of the transaction’s status.
- Value: How much cryptocurrency was sent and the equivalent USD value.
Using OSINT Tools for further analysis
Employing additional open-source intelligence tools (OSINT) for uncovering related emails, locations, social media sources, and other relevant information as part of investigations, such as Maltego, Recon-NG, theHarvester, FOCA, etc. further help with the investigation.
We can also visualize data that we scrape from sites using Gephi or DataVis Tool.
Case Studies by Benjamin Strick
- https://medium.com/coinmonks/tracing-an-offshore-bank-and-a-dark-web-service-using-the-blockchain-an-osint-investigation-a1000251c3ec
- https://medium.com/@benjamindbrown/tracing-syrian-cell-kidnappers-scammers-finances-through-blockchain-e9c52fb6127d
- https://medium.com/@benjamindbrown/tracing-syrian-cell-kidnappers-scammers-finances-through-blockchain-e9c52fb6127d
Justin Seitz Blockchain Analysis using Python
This blog just gives a scratch idea onto how OSINT can leverage investigations related to cryptocurrency. The further blogs will contain more insights onto this. Till then happy investigating!!
