Your Case. Our Cause.

Back to Top

Blockchain Forensic Legal Analysis

Incident Case Study 9091


Debrief: North Korean Hack of South Korean Virtual Currency Exchange:

Money Laundering & Know Your Customer


Edit Post

Site Icon

Switch to draftPreview(opens in a new tab)UpdateAdd title



Incident Case Study 9091


Debrief: North Korean Hack of South Korean Virtual Currency Exchange:

Money Laundering & Know Your Customer


Add block

reported by Oliver Wright Esq.

Although BTC and ETH address ownership is anonymized through the alpha-numeric strings that substitute in the digital currency world for what are names in the physical, Sherblock Holmes and his trusty sidekick, GigaWatson, can identify the owner of a particularBTC/ETH address by analyzing the blockchain with their hi-tech spy gear and supercomputer like brain power. . Our …. ummm, their analysis may also reveal additional addresses controlled by other related individuals or entities,, which may reveal even more, until things to start resemble a Vegas slot machine showing straight 7s.

For example, a user or business may create many BTC addresses to receive payments from different customers. When the user wants to transact the BTC that it has received (for example, to exchange BTC for other currency or to purchase goods or services), it may group those addresses together to send a single transaction. We analyze the blockchain and attempt to identify the individuals or groups involved in the virtual currency transactions. Specifically, we create large databases that group transactions into “clusters” through analysis of data underlying the virtual currency transactions. The power of Artificial Intelligence continually increases the IQ of these databases so every second, more and more pieces of identifying information are associated within the neural network until the identities of bad actors come into focus and their associations with different wallets, mixers, and waypoints on the blockchain come into sharper and sharper relief.

In order to obfuscate their activities, attackers use a digital version of layering in which they create thousands of transactions in real time through one-time use crypto-currency burner wallets. Stolen funds following one attack in 2018 were transferred through at least 5,000 separate transactions and further routed to multiple countries before eventual conversion to fiat currency, making it highly difficult to track the funds. One of the analytical methods we uses is the “peel analysis.”

Peel Analysis: A “peel chain” occurs when a large amount of BTC sitting at one address is sent through a series of transactions in which a slightly smaller amount of BTC is transferred to a new address each time. In each transaction, some quantity of BTC “peel off” the chain to another address – frequently to be deposited into a virtual currency exchange – and the remaining balance is transferred to the next address in the chain.

The chart below illustrates a simple peel chain example in which a subject seeking to deposit 100 BTC into Exchange A uses a peel chain to make the transaction difficult to track. From left to right, the subject forwards 100 BTC through a series of transactions with 20 peels in inconsistent amounts, ultimately depositing the final five BTC into an exchange, at which point all 100 BTC are deposited. The above below is a relatively simple example of a peel chain. In practice, sophisticated criminals often use peel chains of hundreds of transactions to obfuscate the path of funds on the blockchain.
Read Rest of Report By Oliver Wright: Blockchain Forensic Analysis Case Study

reported by Oliver Wright Esq.

Although BTC and ETH address ownership is anonymized through the alpha-numeric strings that substitute in the digital currency world for what are names in the physical, Sherblock Holmes and his trusty sidekick, GigaWatson, can identify the owner of a particularBTC/ETH address by analyzing the blockchain with their hi-tech spy gear and supercomputer like brain power. . Our …. ummm, their analysis may also reveal additional addresses controlled by other related individuals or entities,, which may reveal even more, until things to start resemble a Vegas slot machine showing straight 7s.

For example, a user or business may create many BTC addresses to receive payments from different customers. When the user wants to transact the BTC that it has received (for example, to exchange BTC for other currency or to purchase goods or services), it may group those addresses together to send a single transaction. We analyze the blockchain and attempt to identify the individuals or groups involved in the virtual currency transactions. Specifically, we create large databases that group transactions into “clusters” through analysis of data underlying the virtual currency transactions. The power of Artificial Intelligence continually increases the IQ of these databases so every second, more and more pieces of identifying information are associated within the neural network until the identities of bad actors come into focus and their associations with different wallets, mixers, and waypoints on the blockchain come into sharper and sharper relief.

In order to obfuscate their activities, attackers use a digital version of layering in which they create thousands of transactions in real time through one-time use crypto-currency burner wallets. Stolen funds following one attack in 2018 were transferred through at least 5,000 separate transactions and further routed to multiple countries before eventual conversion to fiat currency, making it highly difficult to track the funds. One of the analytical methods we uses is the “peel analysis.”

Peel Analysis: A “peel chain” occurs when a large amount of BTC sitting at one address is sent through a series of transactions in which a slightly smaller amount of BTC is transferred to a new address each time. In each transaction, some quantity of BTC “peel off” the chain to another address – frequently to be deposited into a virtual currency exchange – and the remaining balance is transferred to the next address in the chain.

The chart below illustrates a simple peel chain example in which a subject seeking to deposit 100 BTC into Exchange A uses a peel chain to make the transaction difficult to track. From left to right, the subject forwards 100 BTC through a series of transactions with 20 peels in inconsistent amounts, ultimately depositing the final five BTC into an exchange, at which point all 100 BTC are deposited. The above below is a relatively simple example of a peel chain. In practice, sophisticated criminals often use peel chains of hundreds of transactions to obfuscate the path of funds on the blockchain.
Read Rest of Report By Oliver Wright: Blockchain Forensic Analysis Case Study
Read More

Leave a Reply

%d bloggers like this: