Darknets and anonymity networks have traditionally provided a safe haven for buyers and sellers of illicit recreational drugs, appearing as they do to provide total anonymity for users.
However, a new study from the Fraunhofer Institute for Secure Information Technology has shown that it can be possible to obtain darkweb users’ details by detecting links between accounts. Working on the premise that darknet transactions are not fully anonymised and are instead simply obfuscated, BlockTag researchers monitored links between Bitcoin addresses, transaction data and product offerings on darknet marketplaces to follow the flow of money between traders.
The researchers devised BlockTag, an open source tagging algorithm which uses BlockSci as its analysis tool, to follow financial transactions between user accounts. The algorithm’s system uses vertical crawlers to tag transaction information with unique identifiers, allowing researchers to draw links between accounts: for example, the ability to connect a bitcoin address with its owner’s Twitter or Reddit account.
BlockTag: a link between worlds
BlockTag classifies three forms of tags: Twitter and Bitcoin Talk user tags, service tags for service providers and darknet marketplaces; and text tags relating to user-generated text. Researchers used these tags to track and quantify darknet marketplace trading.
Many of the tags found by BlockTag were linked to Bitcoin mixers on Tor, suggesting trace-savvy users were trying to boost their anonymity by making it harder to track their online movements.
The algorithm found a significant number of transactions relating to darknet marketplaces such as Dream Market, Tochka and Wall Street Market; along with a number of other, smaller sites. The transactions could be linked to users’ posts on Reddit, Twitter and Deepdotweb.
In addition to BlockTag’s evident potential as a law enforcement tool for detecting trade in illegal substances and materials, researchers noted it could hypothetically be used to detect and isolate Bitcoin addresses linked to online Ponzi schemes.
