I've looked over the content of the recently released IOCTA 2020 report (
note: this links to a Europol website:
https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2020 and linked therein pdf), to see specifically what mentions are made on Bitcoin (the report is interesting to whip through per se, but I’m focusing on the Bitcoin derivate here). The document is runs 64 pages long, but if anyone wants a brief summary, I’ve extracted some verbatim quotes I consider interesting. Proper context though should be derived from the completeness of the referenced document itself:
1.4. Cryptocurrencies facilitate payment for all forms of Cybercrime
<…> These activities have been long established with Silk Road emerging in 2011 and Cryptolocker hitting its first victims in 2013. At that time, more than 20% of transactions were directly attributable to criminal activity. Although the level of criminal abuse has grown substantially, the legitimate use of cryptocurrencies grew at a much faster rate. In 2019, the overwhelming majority of bitcoin transactions were linked to investment and trading activity so, despite considerable abuse, criminal activity corresponds to only 1.1% of total transactions <…>
The latter information is bases on a report by ChainAnalysis.
<…> The last two years have seen an increase in extortion spam, where the suspect attempts to frighten the victim with a promise of a devastating event should they not receive payment in cryptocurrency, typically bitcoin corresponding to hundreds or even thousands of euros <…>
<…> According to a recent study analysing a subset of 4 million intercepted sextortion emails, over 12 500 bitcoin addresses were extracted, 245 of which received one or more payment <…>
The above is interesting, as it partly quantifies the sextortion emails, and shows the usage of way more BTC addresses than I’d expected.
<…> The obfuscation methods continue to develop. Centralised mixers troubled with exit scams and high fees seem to be gradually replaced by non-custodial mixing solutions where users do not need to send bitcoins to a third party. Privacy-focused service aside, the bitcoin protocol itself is expected to soon implement features that will make it less transparent to casual observers and investigators alike. <…>
5.3. ADMINISTRATORS AND USERS ADAPT AS THEY AIM TO ENHANCE SECURITY AND RESILIENCE
<…> Administrators are also looking to upgrade their security apparatus with other new features. Some marketplaces are already shifting to wallet-less and user-less markets, adopting multi signatures on Bitcoin and Monero, lacking registration requirements and enacting no JavaScript policies <…>
5.5. PRIVACY ENHANCING WALLETS EMERGE AS A TOP THREAT, AS PRIVACY ENHANCING COINS GAIN POPULARITY
<…> Initially, Darkweb markets relied solely on Bitcoin. However, over the past few years this has changed. An increasing number of markets are recognising the benefits of offering multiple coin alternatives, including Litecoin, Ethereum, Monero, Zcash, and Dash. While Bitcoin still remains the most popular payment method (mainly due to its wide adoption, reputation and ease of use), the use of privacy-enhanced cryptocurrencies has somewhat increased albeit not at the rate expected by their proponents. Monero is gradually becoming the most established privacy coin for Darkweb transactions, followed by Zcash and Dash. All these privacy coins may present a considerable obstacle to law enforcement investigations <…>
Now the above just assess the situation and framework for their recommendations, which start on page 60 of their report. Amongst those figure:
<…>There is a persistent need for better cooperation with hosting services, social media platforms, and ISPs. Companies need to be more proactive in illegal content and activity and blocking it as soon as they detect it. One way of improving this is to invest in technologies that make sure their platforms are clean. They should also be able to demonstrate more willingness to assist law enforcement agencies to deal with, for example, CSE, and show improved openness and transparency.<…>
<…> Considering the fast nature of cybercrime, it is important to make the exchange of information in light of international cooperation faster by implementing channels with, for example, the relevant ISPs at the European level (VPN, anonymisers, anonymous email providers, cryptocurrency exchanges, etc.).<…>
<…> Darkweb threat actors increasing reliance on encrypted email services, privacy-enhanced cryptocurrencies and BPH providers pose a substantial problem to law enforcement. This calls for increased KYC type policies.<…>
<...> Two years, 4 million intercepted, not all of them, and only 250 payments? <...>
Payment addresses, not single payments (1 address-> n payments).