Abstract
Hacks are one of the most damaging types of cryptocurrency related crime, accounting for billions of dollars in stolen funds since 2009. Professional investigators at Chainalysis have traced these stolen funds from the initial breach on an exchange to off-ramps, i.e. services where criminals are able to convert the stolen funds into fiat or other cryptocurrencies. We analyzed six hack subnetworks of bitcoin transactions known to belong to two prominent hacking groups. We analyze each hack according to eight network features, both static and temporal, and successfully classify each hack to its respective hacking group through our newly proposed method. We find that the static features, such as node balance, in degree, and out degree are not as useful in classifying the hacks into hacking groups as temporal features related to how quickly the criminals cash out. We validate our operating hypothesis that the key distinction between the two hacking groups is the acceleration with which the funds exit through terminal nodes in the subnetworks.
Highlights
The Bitcoin network is a distributed, public ledger, secured through blockchain technology
We find that temporal features, such as the rate at which the hackers send funds to exit ramps, are the most effective features to use for grouping specific hacks together and classifying them to their hacking groups
We find that this method might prove useful as a component of some automated classification system designed for anti-money laundering or anti-fraud detection of transaction ledgers, for the specific use case that we describe in the work below as specific to these investigations, Chainalysis, or even bitcoin as a whole
Summary
The Bitcoin network is a distributed, public ledger, secured through blockchain technology. All transactions occur between two distinct public addresses and are permanently recorded on the specific blockchain built for bitcoin. The process of securing these transactions is handled by bitcoin miners, who use their computing power to solve complex cryptographic problems and in the process verify blocks and transactions (Nakomoto 2009). Anyone can create a bitcoin address to receive funds through a variety of software projects such as Blockchain.info (BLOCKCHAIN LUXEMBOURG S.A 2011) or Electrum wallets (Electrum 2011). There is no limit to the number of bitcoin addresses that any individual or organization can make. It is completely free to make an address, it costs money to transfer money on the network by paying transaction fees
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
