 Good morning, good afternoon, good evening and welcome to the 11th episode of the Insights on Digital Financial Services during COVID-19 webinar series organised by ITU. We hope that you, your family, your friends and your colleagues are all keeping healthy and safe. The topic of this episode is about tools for tracking of crypto Ponzi schemes and is a follow-on of episode 9, Tracking of Digital Financial Services, Crimes and Fraud. In 2020, the global COVID-19 pandemic has raised the playing field, accounting for new risks and trends, impacting the volume and nature of the attack vectors. Mr Asaf Klinger has kindly accepted to share his experience on tracking of crypto Ponzi schemes and will also provide some information about tools that can be used for this purpose during today's webinar. We hope that you will find this webinar useful. I will now invite Asaf to start his presentation. Thank you very much for your attention. My name is Asaf and this is a pre-recorded webinar on how to track digital financial crimes and fraud, mainly how to track Ponzi schemes that use cryptocurrencies to operate. A little bit myself. I've been a security researcher for the past 18 years. I specialize in telecom and blockchain. I'm a blockchain AML investigator and I've done several investigations for local law enforcement in order to catch several criminals and crimes, criminal organizations that use cryptocurrency. I'm also a member of the ITUT Study Group 11. And these are my handles. Please feel free to contact me through them. This webinar is going to be focused on three things and it's going to be passed in three parts. The first part is to let you and give you some basic knowledge and understanding in blockchain and crypto. The second part is to let you get you a little acquainted with some online tools that can help you track cryptocurrency. And the third part is a few examples of scams and how to track them using the tools learned and presented on the second part. Let's go over the basics. What is cryptocurrency? Cryptocurrency is, by definition, the means in which value is transferred from person A to person B via digitally digital means and using cryptographic models to secure and control the transaction. That was big and mostly understandable. So one thing we should all know is that basically cryptocurrency are the byproducts of the blockchain. And it represents the value of the blockchain transaction. I think it will be more clearer down the road. Public cryptocurrencies are almost all decentralized. Decentralization means that there is no central governing body for the blockchain. And there is no jurisdiction or applicable law that governs the financial transactions of the blockchain. And the engine that drives cryptocurrency is DLT or Distributed Ledger Technology. A subset of DLT is blockchain, but DLT is broader than blockchain. In this webinar, we will be discussing blockchain. So why do scammers like cryptocurrency or crypto? Since they are decentralized, which means they have no governing body, no central regulator that governs and regulates the transactions. And they have the ability to move funds and money across national borders without any regulation on monitoring. And this is why a lot of the unlicensed digital investment schemes or UDISs have moved to cryptocurrency from the traditional regular central bank issued currencies. So what is a distributed ledger? A ledger is, as it says, it's a log. It's a logbook that tracks transactions. Each transaction is aligned in the logbook. So a centralized ledger is, as it sounds, there is one true copy, which is called the golden record that keeps all the logs entries on the ledger in one place. And they have clients that connect to that central centralized ledger and read the data from the ledger. They might also write to the ledger. But if there is a conflict between what the client is trying to write the ledger, the golden record is the winner, which means that if there's a conflict, then the golden ledger is always the winner of the conflict. An example for a centralized ledger is a bank which keeps the financial transactions stored on their internal databases. And no one else besides the bank has a copy of that ledger. A distributed ledger, on the other hand, is a completely different thing. In a distributed ledger, the entire ledger is copied and spread to many, many nodes. Each node containing a full copy of the ledger, and they are stored in different locations, perhaps in different countries. Now once a node wants to write a transaction to the ledger, the other nodes has to agree that this transaction is indeed true. This mechanism is called a consensus, which means that the majority of the nodes has to agree that the node that wants to write the transaction, then the transaction is indeed true. This protects the distributed ledger against altering attempts, whether through hacking or through insider threats. Because if a hacker tries or someone needs to influence a distributed ledger, they need to hack or influence 51% or more, depending on the type of ledger, that of the nodes of the distributed ledger in order for the change to take effect. And this is the main difference between a centralized ledger and a decentralized ledger. Both have advantages and disadvantages. So how does a blockchain work? For example, let's say that person A wants to send money to person B. Person A via his wallet, his blockchain wallet, registers a transaction. Then the node from that operates the wallet represents that transaction as a block. The block is then proliferated or broadcasts to every node in the network for the consensus to be reached. Once sufficient miners or nodes approve the transaction, saying this is a legitimate transaction, that block is added to the blockchain, which is a decentralized ledger, which is comprised of transactions or blocks. And the block on each transaction, each block, then is chained to the previous block, which creates the blockchain. And once the transaction is added to the blockchain, person B receives the money. There are several types of blockchains. We will try to analyze the types of blockchains on two axes or two scales. One, permissioned versus permissionless. And the second is public versus private. Let's start with the first. Permissionless blockchain means that anyone can operate a node on the blockchain without requiring any form of identification or any form of approval process in order to run a node. Permissioned blockchain is exactly the opposite. In order to run a node in a blockchain, you must first identify yourself and register with the governing body of that blockchain. Only after that you are allowed entry and are able to operate the node. Public versus private blockchains means public is, as it states, all of the data is visible to anyone on the Internet, which means the data is publicly viewable. Private is also, as it is, the data is not publicly available, and it is held only within the premises of the governing body of the blockchain. There are some examples of different types of blockchains. So the private permissioned blockchains are usually not used for cryptocurrency because they don't have the publicity, they're not public, and they're not available for anyone. So they're not suitable for applications such as money or currency, which would be available to anyone. On the other end of the scale, the public permissionless blockchains, such as Bitcoin, Ethereum, Monero, Zcash, Ripple, Dash, are the blockchains that are used for cryptocurrency or currency today because they are public and because anyone can run them, they are decentralized, they draw the most users to be used as money. On the other side, you have your public permissioned blockchains, which is basically an attempt to create the advantages of a public blockchain that can be used for cryptocurrency with the advantages of a single centralized governing body. Those attempts are Libra and Ripple, for example, and so far, those did not really catch on. Libra is experiencing a magnitude of regulatory problems in the US and Ripple is not catching on as a cryptocurrency. Still, the most dominant cryptocurrencies in the market today are Bitcoin and Ethereum. So let's talk about Bitcoin. Bitcoin is the first realization of blockchain, started in 2009. It's a decentralized anonymous peer-to-peer digital currency blockchain, which enables people to transfer transactions of Bitcoins or BTCs from one person to another. Each transaction is stored on a public ledger. Everything is open, encrypted, and open to the public public view. Transactions are placed in blocks, which are linked by hashes and a reward system for consensus is based on solving difficult mathematical problems, which is called proof of work. The Bitcoin blockchain is basically, as I said, a chain of blocks. Each block links to the next block through the hash, the fingerprint, and each block contains several transactions. The number of transactions of each block can differ and it's not set and it's not constant. For each block, miners mine, approve, agree on, and then receive the first miner who solves the difficult mathematical problem gets the fee. Ethereum is a very different blockchain. It's still based on the same principle of chain of blocks that are interconnected by signature or hash. But the difference is that in contract to the Bitcoin blockchain, Ethereum blocks are not textual. They're not comprised of transactions. They are code. Each block of the Ethereum blockchain is a Turing complete virtual machine, which is called a smart contract. The miners in the Ethereum blockchain approve and agree on the code of the smart contract, and then the code is signed and entered into the blockchain. This allows a much more sophisticated way to perform financial transactions, not just movements of funds from account A to account B. This can also be used for auctions, games, bets, legal agreements, because the transfer can be conditioned on cases external to the blockchain. So this creates a magnitude of opportunities for applications based on the Ethereum blockchain. The Ethereum blockchain also supports the creation of other cryptocurrency, which run on the Ethereum blockchain. Let's say if you want to use your own coin and issue your own coin, but you don't want to build a blockchain, you can use the Ethereum blockchain in order to create a sub-blockchain for your own currency. This standard is called ERC20. The third type of public permissionless blockchains I want to mention is the privacy blockchains. As I said before, the public blockchains have all of the information out in the open, which means on Bitcoin, for example, anyone can know for every wallet what is the balance, what is the transaction history, and with whom that wallet has traded in the past. And a lot of users found this to be troublesome because they were worried about their privacy. They said, I don't want my bank account or the balance of my bank account to be exposed to whomever wants to watch. Although the information on the Bitcoin ledger is anonymous, you don't know if this is John Doe's or Jane Doe's account, you still, if you know someone's address, you can see exactly what is their past history. For that reason, privacy blockchains began to emerge from 2014, which is Monero and then Zikash. That is a new type of blockchain, which obfuscates the public ledger data to increase the privacy, which means that while the blockchain is still public and permissionless, the transactional data, which is the identity of the wallets and the sum of the transaction is encrypted in the blockchain, which means if you don't have the view key, you cannot see the real wallet and the real amount of the transactions, which means you cannot know the history of the person you are trading with. To conclude this part of the basics, there are several must-know terms that I want to repeat and to emphasize because I'm going to use them quite often in the next part. The first one is Bitcoin. The first cryptocurrency, the most popular cryptocurrency, still holds the majority of the market share of the cryptocurrency market, even with all of its shortcomings. Second is Altcoin. Altcoin is a general name which reference all cryptocurrencies, which are not Bitcoin. Fiat. Fiat is the government or central bank issued currency, which is dollars, euros, pesos and any other currency. Fiat is the common name for a central country or a government, central bank issued and monitored currency. Address. In blockchain, there are wallets and addresses. Address is the location of the fund. It is the primary key that is used to store the value. Wallet is an address of a group of addresses. There could be one or more depending on the blockchain. For example, in Bitcoin, you can have multiple addresses in a wallet and in Ethereum, you only have one address in a wallet. A wallet is associated with a blockchain user. ERC-20, as I said before, ERC-20 is the standard, the technical standard for issuing tokens on top of the Ethereum blockchain. Ether or gas is the fuel that powers the Ethereum network, which means in order to log a transaction in Ethereum, you have to put gas in the block you are suggesting. Unlike Bitcoin, which the fee is calculated from the position of the block in the blockchain, in Ether, the gas is offered by the author, which means more gas, the more inclined are miners to sign the block. And the last one is the mainnet. The mainnet is the working blockchain, the production copy of the blockchain, which is contrary to testnet. When you are tracking crypto, please be sure that you are viewing the mainnet, the production network, and not the testnet, which is the developer's test blockchain where they test new features. So this is the end of part one. The next part of this pre-recorded webinar is a review of several online internet-based tools for tracking crypto, block explorers. Block explorer is the main tool used to track crypto and blockchain transactions. All public permissionless blockchains have block explorers. They are, as I said, the tool to use for tracking crypto. Privacy blockchains like Monero and Zcash also have block explorers, but the data from them is quite useless without the view keys. Block explorers are usually free and they are maintained by nonprofits or community, open source community, that either run the blockchain or as a project. They're also usually open source and have machine APIs to assist developers in creating new applications on top of the block explorers. In this webinar, this clinic, we will be using three block explorers. One is Naboo, the second which tracks Bitcoin and Ethereum. The second is Walls Explorer, which tracks Bitcoin. And the third is Bloxy, which tracks Ethereum. So how do I use block explorer? The block explorer used as a search engine, which means I have to input an address, a wallet, a hash, which represents a block, or a transaction ID. The output of the search is the value and history, if any, of the search items. For example, we can try and search this Bitcoin address through the Bitcoin block explorer. This BTC address, as you can see, this is the Bitcoin block explorer. It has received, over time, 875 Bitcoin. It has a current balance of near zero. And these are the transactions history for this address. For each transaction, you can see the wallet that gave money, the source of the funds. You can see the destination of the funds. And you can see the fee that was given to the miner for writing the transaction. So we were looking at this, and let's look at an Ethereum explorer. This is an example of an Ethereum block explorer, which is Bloxy. And you can see I'm searching for the same address. I'm getting a description. You can see the transaction of this address of funds. And of course, I can see the relationship with other addresses, the smart contracts that run on this block. And you can see all the transactions that this one has made. Bloxy also has an API, like I said before. And this one is a much better blockchain explorer than the previous one, because it provides more insights. So let's talk a little bit about crypto scams. Crypto scams are usually built like trees, which means you have your public-facing wallets. The public-facing wallets are the wallets that are advertised to the public. For example, this webinar is being recorded on July 16, 2020. On July 15, 2020, there was a major Twitter hack. And a lot of verified Twitter accounts, which belongs to a very high-profile persons, began to tweet crypto scams. Let me show you an example. This is a tweet by Jeff Bezos. As you can see, this is a verified account by the tag. And Jeff Bezos is advertising a crypto scan, which is say, I will double your money. Please send it to the following address. Another example is Apple. They're advertising the same address. And also Bill Gates and Elon Musk. This, as you can see, is the public wallet, which is the publicly advertised address of a scam. From the public wallets, the money is usually funneled to what I call a funneling wallet. This is done in order to hide the tracks of the money that was gotten from the illegal activity like yesterday's Twitter hack. From the funneling wallets, the money is collected in what I call root wallets. Root wallets are basically the collection of all the money gathered from all the public and funneling-facing wallets of a scam. And from the root wallets, the money is then exfiltrated out of the crypto ecosystem, either by exchanges and then exchanged to fiat or another cryptocurrency in order to disconnect the chain of the money or via coin mixers or via peer-to-peer transactions in different coins, like token swaps. The first thing in order to track crypto is to know of it or a crypto scam is to know of its existence. This is why the first step of tracking is to gather intelligence. Intelligence can be the form of the tweets that I just shown you, just follow the right pre-bill and you will get some tweets and you can get the addresses. But this is a very, very public event like the Twitter hack. It is a very, very public event. It doesn't happen that often. You can run through instant messaging groups like WhatsApp, Telegram, and on the dark web. There are several community-driven sites that aggregate those that intelligence or those scam alerts. For instance, Ethereum scan DB or Bitcoin abuse. There is several more that scanning those sites can give you an insight into what address is involved in a scam or sites that are involved in scams. So, as a friendly advice, if you are a trader in crypto, if you are trading with someone and he sends you an address to move the money to, check that address on those scam sites to see that the person that is trying to get money from you is not a scammer. Those sites are far from being complete because they are community-driven and they mostly rely on people who complain and extend the database because they were hit by scams themselves. So, once I have intelligence and I have access to the public wallets here at the bottom, then I can track the money through the funneling wallets into the root wallets and from there to see how it gets exfiltrated to the real world as fiat or to other cryptocurrencies. So, the tree that I presented is relatively simple. I can just track until I hit the root but life is usually more complicated. And there are some complications to the tree which makes it more like a graph. First are exchange pools. Exchange pools are basically the inbound and outbound accounts of big exchanges like Coinbase or Binance or any other big exchange. Usually, if you want to trade crypto on that exchange, you deposit your crypto into the exchange pools and then you create the account inside the exchange. This is what is referred to as a centralized exchange. It's just like an investment broker. You put in your money or stock into the broker's account or in this case your crypto into the broker's account which holds a lot of money from a lot of clients. And then you get credits inside the private internal broker system or exchange system and there you can trade crypto, you can do transactions, you can interchange between different coins and once you want to exit or want to take the money out, then the broker or the exchange then sends you the money from another pool or the same pool into your own account again when you want to finish or close the account. So exchange pools are complicating a lot of the tracking process because you cannot differentiate between different people's tokens inside the big pool. It's just like throwing money into a big pile of money and then you cannot discern which is which. The other mechanism that complicates tracking is coin mixers. In Bitcoin and some other factual ledgers like Ripple or Dash there's the possibility to perform many to many transactions which means a single transaction which has multiple inputs and multiple outputs which once again complicates the structure of the flow of the money because you cannot discern which is which and which input flowed into which output. The third mechanism that complicates tracking is token swaps. A token swap is a private peer-to-peer transaction between two people. One has one coin the second one has another coin. So the first person, let's say he is the scammer he has a lot of Bitcoin that he collected in the scam and he wants to move it into the Ethereum. So he contacts a person let's say an innocent and says hey I have a deal for you that publishes a deal on some sort of closed telegram or WhatsApp or some kind of bulletin board says I have a deal I want to sell Bitcoin I want to buy Ethereum and this is the rate that I'm proposing and the rate is obviously very good in terms of rates that other exchanges offer. So people sometimes unsuspecting or innocent can take this potential deal and say hey this is a chance for me to make money so I have Ethereum I want to sell so what happens that the innocent or the other side of the bargain opens a Bitcoin wallet which is empty and the scammer opens an Ethereum wallet which is empty and then the scammer moves the dirty bitcoins into the other the innocence new wallet and in turn the innocent transfers his Ethereum into the scammer's new Ethereum wallet and because there is no link between the Bitcoin and Ethereum blockchain there is no direct connection between the two transactions and because of the anonymity on the Bitcoin blockchain it looks just like the scammer moved or funneled his funds into another wallet and on the Ethereum it looks like just a transaction and this is a once again a mechanism that complicates tracking where do I stop which means when I look at crypto the money can flow on and on and on and on and sometimes the path is very very long and it splits and it rejoins and it looks very complicated and we stop we stop the tracking when we have reached a root wallet with positive balance and no outgoing transactions which means the money is resting this is the point we say ok this is a stopping point and now we will see if we can put a name to this wallet in order on address or an email to this wallet in order to see to catch the scam or if your tracking has led you to an exchange pool and then it is safe to assume that the funds from the scam were entered into a centralized exchange and then traded through that exchange either to another currency or to fiat so this was the block explorer explorer 101 some background on how to use the tools and now I will show you several use cases of tracking actual crypto scams the first use case we will examine is the MMM scam we will start with the MMM leaf wallet which is this address and the link for the this block explorer is displayed on the screen so what can we learn from this first is that we see that the wallet receives funds from an exchange and two other private wallets and then the first deposit was funneled the bottom red square 22 bitcoins and the second deposit was directly converted in a Chinese exchange from that leaf wallet now let's continue and follow on let's look at the funneling wallet where the first deposits were funneled to so here is the link for the block explorer funneling wallet main property is at zero balance with plenty of traffic there are what I call funneling cycles which is a collection of currency or money from the leaf wallets and then those that money is then funneled out to other funneling wallets or the root wallet here in the specific MMM scheme we can see that this funneling wallet has three funneling cycles they're all marked with red squares let's dive into the first funneling cycle this is another funneling wallet because we can see that the money from the funneling wallet was gathered with other funds from other funneling wallets and then funneled out in this funneling wallet we can see two funneling cycles you can see there are two transactions where all the money in the first case it was 268 bitcoin and in the second case it was 73.6 bitcoins were funneled out and then the balance returned to zero let's follow on so as you can see there are additional this is another funneling wallet and you can see that there is additional funneling and some transactions with exchanges to exaltrate some money into fiat if we look at this wallet we can see that 11 bitcoin went to HAO BTC and 18 bitcoin went to BTCC both are exchanges and from there on they were either converted to other cryptocurrency or fiat currency but the majority of the funds funneled to this last wallet here let's take a look at that this looks like the root wallet why does it look like the root wallet because this wallet transacted over 7500 bitcoin over 40 54 million dollars from May 2015 until about a week ago this probably is a hot wallet working in tandem with the cold wallet because we can see transactions going in to a cold wallet which is only active let's say rarely and the probably cold wallet that I've mentioned here in this link holds around 3.1 million dollars today and it has performed over 250 thousand transactions so what's next for MMM so MMM can be further mapped to find additional funnels and leaves what I've looked here, what I've showed you today is just one leaf and the funneling of that leaf into a root but MMM is a very complex scheme and it has many leaves, many funnels and many roots however low enforcement can contact the regular exchanges that scammers traded it like how BTC or BBTC and gather the KYC data that the scammers used when they opened up those accounts and transferred the money into the exchange pools so law enforcement can get the KYC data and from there we can put a name to the owner of the root wallet let's look at another use case this time let's pull a scam from EtherScamDB just for test our intelligence source I've pulled a scam it's called bit-donor.com and it is an active Ponzi as you can see from the website they have promised return of 140% after 48 hours or 350% after 72 hours which is clearly too good to be true this is a scam so let's look at the leaf wallet which is the wallet that is listed on bit-donor.com website so this is the leaf wallet and this is the block exporters page as we can see here there are a lot of deposits from victims who basically deposited money into this scam money is funneled out to a funneling wallet you can see there are 4, sorry, 5 funneling cycles in this leaf wallet the next wallet is this wallet which is very busy, it's been active since March 2019, transacted around $14,000 bit-donor.com is not a very successful scam but it is a simple one to this why it is in a use case so this wallet is the funneling wallet also directly exported about $600 to LUNO and coin payments which are centralized exchanges just like in the MMM case law enforcement can contact LUNO and coin payments with this address and say who is the KYC what is the KYC data from the person who transferred money into that account and about 75% of the funds are funneled into another bitcoin address which is listed here let's look at that funneling wallet as you can see there are several funnel cycles just like in MMM case you see the behavior the deposits and then moving out the funds moving in and then moving out moving in and out and the balance remains so this funneling wallet has 46 transactions and 12 funneling cycles and large amounts were funneled to 3 wallets the first one is probably the root wallet because we see that from this wallet funds are exfiltrated to fiat the second one is another funneling wallet and the third one is another funneling wallet as you can see sometimes the tree of a scam is not a tree it's like circular or a graph so let's take a look at the first wallet so this is the block explorer screen for this root wallet as you can see this account has been active currently so the scam is active and is running and you can see there are many many many deposits to Wobby of 3 bitcoin and here it was 1 bitcoin another by the way this wallet is not marked as Wobby but it is a Wobby address ok so this is definitely the root wallet you see the money from the scam is being laundered or exfiltrated to either fiat or other cryptocurrency through the Wobby exchange and this has been going on for quite a while so this was a use case of the bit donor scam ok I told you I probably attended with other several wallets overall this scam has laundered a lot of money over 138 million dollars and one wallet currently holds about 19,000 bitcoins so this money still sits there so if law enforcement could get to the owner of this wallet they could probably confiscate the money and perhaps retrieve some amount of the money stolen from the victims so what's next this campaign to the map to find additional funnels and leaves starting with the jackpot wallet and going down these wallets also interact regularly with regulated exchanges through these links and law enforcement can also retrieve the KYC data and investigate the owners of these wallets so let's look at another use case this time of an Ethereum scam so intelligence is this wallet also came from EtherScanDB and the tool right now we're going to use is Naboo so once we look at the leaf wallet we can clearly see it's a Ponzi first of all wallet marked in red which means that it has direct involvement with illegal activity because this tool Naboo also has an internal database of scams which means that if a certain wallet appears on EtherScanDB or any other open source community driven site it will mark this wallet as red and also this is a leaf wallet because it receives funds from green or victims and funnels to another red wallet in this tool we can also see the source and the explanation of why this is red and you can see that this specific wallet appeared on EtherScanDB or in another site called DTC scams and as listed as a scam so from the leaf wallet we see that the funds were funneled into a funneling wallet let's look at the funneling wallet the funneling wallet like the previous ones the balance is zero which means it has funneling cycles it receives money and then funnels it out and you can see through the funneling cycles it has four funneling cycles for example which are obvious using the tracker from the funneling wallets the funds are sent and sent to an exchange pool in this case Qcoin which is a UK based exchange which means that the money is then transferred to the exchange pool and then converted either to fiat or other crypto so this campaign can also be further mapped to find additional funnels and leaves for example there are another funneling wallet other leaf wallets that can be further mapped and after mapping the entire scam we get this picture we see the leaf wallets and we see the funneling wallets up to the root wallet and from the root wallet the money then flowed into Qcoin and then converted either to fiat or to other cryptocurrency thank you very much this concludes the pre-recorded webinar if you have any questions feel free to approach me on these addresses my email my twitter or my LinkedIn account I hope you enjoyed it and I hope it will be fruitful and I will see you again in future webinars thank you very much and have a good day