cryptocurrency Archives | Forensic Blogs

September 20, 2019 by LCDI

Virtual Currency Investigations: Fear Not the Blockchains

At the Magnet User Summit this year, I listened to a presentation by Eric Huber, Vice President of National White Collar Crime Center (NW3C). With a broad background in digital forensic investigations, he spoke about the changing field in cryptocurrencies and blockchain analysis. He gave a brief overview on different types of cryptocurrencies and how to use them. Then he dove into how cryptocurrencies are evolving and how digital forensics needs to catch up to the changes.

Cryptocurrencies

Cryptocurrencies are a little bit more complicated than just currencies that solely run on the internet or through the cyberspace. Currencies like Ethereum and Bitcoin are purchased and are traded in cyberspace to purchase goods and services just like fiscal currencies, but because of the push back against government control, these currencies can be used to purchase illegal goods and services without being tracked easily. Cryptocurrencies are on the rise and are becoming more popular than ever. With ATMS popping up all over the world, they are becoming even more accessible.

Blockchains

Blockchains are the ledgers of cryptocurrencies. Unlike most banks and budgets, blockchains never list the total cryptocurrency that someone might have. Instead, they list who exchanged it and how much. Cryptocurrency mining is figuring out the hashes or the specific string of characters and numbers to figure out the transaction and post it directly on the ledger. After claiming that position, not only would the miner claim some cryptocurrency, but every time that section of the ledger is referenced to calculate how much an individual has of that cryptocurrency, the miner earns more cryptocurrency.

Public vs Private

Different types of cryptocurrencies have different types of blockchains. The public can openly access public blockchains, like what Ethereum and Bitcoin. Law enforcement can also subpoena them to learn who performed the possibly illegal transaction. However, there can always be more privacy. The more privacy achieved, the more complicated arresting and subpoenas become. Private blockchains involve each individual block becoming private and not available to the public. Not only is the ledger inaccessible, but law enforcement is unable to subpoena individual miners. They would only have parts of the ledger anyways.

With a developing field, digital forensics and incident response is developing blockchain analysis to track backwards after figuring out specific blocks of ledgers to figure out the specifics of transactions and more. This is the changing part of cryptocurrencies and how digital forensics needs to evolve to adapt to accommodate these changes since cryptocurrencies are not fading away anytime soon.

Blog written by Champlain College’s Nurit Elber.

Be sure to check us out on Twitter @ChampForensics, Instagram @ChampForensics, and Facebook @Champlainforensics to see other important information pertaining to our project!

The post Virtual Currency Investigations: Fear Not the Blockchains appeared first on The Leahy Center for Digital Forensics & Cybersecurity.

September 21, 2018 by LCDI

Bits Behind the Coin

: Following the Trail of a Cryptocurrency Investigation

This year at Enfuse, John Wilson, a digital investigator from Discovery Squared, LLC presented “Bits Behind the Coin: Following the Trail of Cryptocurrency Investigation.” This session presented a lot of valuable information regarding the ins and outs of blockchain and cryptocurrency. I will be breaking down some of the content learned and will apply it to how blockchain technology can support a forensic investigator.

Blockchain and cryptocurrency: two technologies that have forever changed how the world views money, peer-to-peer communication, and even processing power. These terms can be a little overwhelming for readers, but I’ll be breaking down how these technologies work. Lets get started!

What is peer-to-peer networking?

Peer-to-peer (P2P) networking is not a new concept. It has been around way before the internet when computing was first new and exciting. It allowed people to share information between one computer and another. This was the most basic type of network, but since the spread of the internet throughout the world, we have seen a comeback of P2P sharing with torrenting and also music services such as Limewire. It is important to note that these technologies use P2P to allow users to download and access files. There is no central place where the shared files are stored, but these devices communicate directly to transfer data. P2P networking is also difficult to stop, and there is no central authority who can take action to prevent files from spreading.

What is blockchain?

Blockchain uses P2P networking to send immutable data to a group of users. This can be information such as files, pictures, text, or even raw data. All data that is sent to blockchain cannot be changed, and everyone who sends new data to the blockchain must always be up-to-date with the latest block. It is important to re-state that blockchain is decentralized, so once the information is released, there is no way to remove it from the clients it’s shared with. There are many modern-day uses for blockchain. Large corporations such as Maersk and Walmart use blockchain to keep track of product shipments. Blockchain has many uses but cryptocurrency marks only one modern use.

What is cryptocurrency?

Cryptocurrency is a virtual currency which utilizes blockchain technology. With the rise of Bitcoin, using this technology has sparked a lot interest with decentralized currency. There is no central authority that has access to bitcoin wallets — only their owner. Due to the decentralized nature, this makes transactions nearly anonymous, and only a finite amount of information can be gathered from forensics. At Enfuse this year, John Wilson taught about how you can investigate cryptocurrency wallets to see past transactions and even how you can use this information with tools to see the flow of money. This is a very challenging task because of the anonymized nature of cryptocurrency.

Conclusion

Using forensics to gather information about cryptocurrency transactions is not an easy task. Unfortunately, the anonymity of cryptocurrency makes it more difficult, and the only investigation that can truly be done is gathering data. Butwait – there’s more! Before I mentioned that blockchain is “immutable.” This means that information within the blockchain cannot be changed. However, this also means that every client with the blockchain on it can see the information that has been transferred in the past. One of the problems we face is if the information contained is illegal or contains contraband. This can make investigations extremely difficult if the source of the contraband cannot be determined. Mostly relying on the past can help put pieces together. Blockchain in the future, if used in a non-anonymized fashion, will speed up the amount of time an investigation will take due to its ability to keep track of the past.

There is so much complexity to cryptocurrency that Wilson spoke about, it truly revealed a lot of the challenges faced when dealing with it. Thank you to Mr.Wilson and Enfuse for providing the opportunity to learn about these new technologies, and the challenges we face moving forward in digital forensics.

To learn more about the LCDI or our projects. Follow us on our Facebook and Twitter pages or send an email to lcdi@champlain.edu!

The post Bits Behind the Coin appeared first on The Leahy Center for Digital Investigation.

June 18, 2015 by LCDI

Bitcoin 101

CEIC 2015 Student Session Series: Bitcoin 101 Students from Champlain College and the Leahy Center for Digital Investigation (LCDI) attended multiple training sessions while at the Computer Enterprise Investigation Conference (CEIC) 2015. Student Kevin Dobrolet presents some highlights from the Bitcoin 101 session. Presenter Andy Reid helped pull Bitcoin out of its low public profile and […]

The post Bitcoin 101 appeared first on Computer & Digital Forensics Blog.