builderall

Illicit Markets on the Dark Web: Use of cryptocurrencies to commit crimes and as a Means to Launder the dirty money derived therefrom.


Published September, 2023.



by Miguel CASSAGNE


INTRODUCTION.


Cryptocurrencies are increasingly being used to facilitate a variety of illicit activities that generate illegal profits, known as predicate offenses for money laundering. Some of the main ones, which we will further develop over time, include:


·        Fraud and Scams: Including investment frauds like Ponzi schemes, phishing to steal private keys, romantic scams, and BEC (business email compromise) scams.


·        Thefts: Encompassing hacks, exploits, thefts through malware like ransomware, and physical theft through extortion or kidnapping.


·        Illegal Trade: Covering illicit markets on the dark web, sale of stolen cards and personal information, and trafficking of stolen goods.

·        Tax Evasion: Using cryptocurrencies to evade taxes on capital gains or other tax obligations.

·        Market Manipulation: Such as "pump and dump" schemes, front-running, and paid promotion to promote cryptocurrency projects.


·        Illicit Payments: From bribes and corruption to terrorism financing and sanctions evasion using crypto assets.


·        Espionage: Using cryptocurrencies to covertly transfer funds and support intelligence operations.


·        Child Sexual Abuse: Payments with cryptocurrencies on the dark web to obtain child sexual exploitation material.


Understanding each of these predicate offenses is essential, as their proceeds are later laundered through crypto assets using various techniques. In this article, we will exclusively focus on analyzing and understanding one of these offenses, related to the illegal trade carried out through the so-called "Dark Web," understanding its origins, operational methods, and its connection with the use of cryptocurrencies and money laundering.


What is the Dark Web and How Did It Originate?


As indicated by a study from the International Monetary Fund in 2019, the so-called "dark webs" originated in the late 1990s when two research centers within the United States Department of Defense led efforts to create an anonymous and encrypted network that would protect sensitive communications for the country's spies. Ordinary Internet users would not be aware of its existence or have access to it.


Although the original secret intention was never fully realized, some researchers saw a different value proposition: creating a non-profit organization to protect the anonymity of activists advocating for privacy and human rights. In this regard, the Tor network was born (short for "The Onion Router," due to the multiple layers that encrypt data in transit). Tor is the technology that enables the so-called "dark web," understood as a set of hidden and inaccessible sites for common browsers, and search engines like Google do not index them.


With the Tor browser, available for free download, anyone can access this corner of the web where privacy is paramount. The Tor network comprises over 65,000 Unique Resource Locators (URLs) that use the ".onion" extension, and its most common functions facilitate communication through forums, chats, file and image upload services, as well as virtual commerce.


Proper Use of the Dark Web.


The mentioned functions of the dark web, especially in the realm of communications, support many uses considered legal and legitimate in free societies. In this sense, the research company Terbium Labs, after analyzing 400 randomly selected sites with the ".onion" extension, determined that more than half of the domains on the dark web are actually legal.


Indeed, for those living in oppressive regimes that block much of the Internet or punish political dissent, the dark web is an escape route that provides access to information and protects against persecution. In freer societies, it is an essential tool for communication and reporting irregularities that protect people from retaliation or censorship in their workplace or community. Additionally, it offers privacy and anonymity to those opposing how companies and governments monitor, utilize, and monetize their data.


In the United States, many organizations, major newspapers, Facebook, and even the CIA maintain hidden sites on the Tor network because doing so demonstrates (sometimes symbolically) a commitment to privacy. For example, for The New York Times and the CIA, the idea is to facilitate virtual communication accessible to anyone who can provide sensitive information.


Illegal Use of the Dark Web.


The flip side, however, is that the same privacy and anonymity that provide protection against tyrants and targeted advertisements make the dark web a platform for criminal activity. Indeed, the shadow of this extreme anonymity facilitates a growing underground market that cunning criminals use to traffic drugs, stolen identities, child pornography, and other illicit products and services.


The most common illicit activities include arms trafficking, drug sales, and the distribution of pornography, violent images, as well as other forms of abuse, often involving the exploitation of children.


Moreover, since the primary mode of payment on these sites is through undetectable cryptocurrencies, close collaboration between law enforcement, financial institutions, and regulatory agencies worldwide is required to combat this nefarious activity. This combination of dark web services and cryptocurrencies has led to expectations of an increase in criminality.


As is known, in 2008 the first cryptocurrency (Bitcoin) was created by an unknown cryptographer (an expert in deciphering passwords) using the alias "Satoshi Nakamoto." Bitcoin was the first currency and payment network not subject to state control. Although initially designed as a medium of exchange for the tech community, by 2011 Bitcoin had become the preferred currency of drug traffickers trading on a dark web site called Silk Road.


In recent years, through the combination of an encrypted network hidden from most of the world and a transaction currency practically undetectable by law enforcement, a small but significant market of illegal merchandise vendors was created. Many of the most harmful threats to society today manifest in the shadow of the Tor network and therefore must be examined by international researchers.


Out of nearly 200 domains classified as illicit by Terbium Labs, more than 75% appear to be virtual markets. Many of these markets operate with bitcoins and other cryptocurrencies like Monero. The most common goods are drugs and pharmaceuticals, followed by identity documents, stolen and counterfeit credit cards and bank data. Some sites offer hacking and cybercrime services, such as harmful programs, distributed denial-of-service attack tools, as well as hacking services for hire. A good number offer an assortment of these services in addition to pornography and counterfeit merchandise.


Some Illicit Statistics from the Dark Web.


According to more general estimates from the United Nations, the amount of money laundering worldwide represents between 2% and 5% of the global GDP annually, i.e., between USD 1.6 trillion and USD 4 trillion. In this regard, while the total economic volume of illicit activity on the dark web remains relatively small, many of the most harmful threats to society today manifest in the shadow of the Tor network and therefore must be examined internationally by regulatory agencies, financial institutions, and law enforcement entities.


According to recent research by the entity TRM Labs, DNMs (Darknet Markets) currently move up to $1.49 billion annually in payments with crypto assets. Over 80% of this volume corresponds to Russian-speaking markets, while the largest market in the West, ASAP Market, accounts for less than 10% of the total.One of the most prominent DNMs was Hydra Market, the world's largest drug market until it was dismantled in 2022. It had been operating since 2015 and processed monthly transactions of about $700 million in Bitcoin before its closure.


An Example of the Use of the Dark Web for Synthetic Drug Sales (Fentanyl).


In addition to traditional drugs like cocaine and cannabis, illicit markets on the dark web have become a primary source for obtaining synthetic substances and dangerous opioids like fentanyl. According to a 2021 UNODC study, the trade in synthetic opioids on the dark web paid with cryptocurrencies had exponentially grown in previous years. Only between 2017 and 2018, this modality multiplied by 10 times.


The U.S. Centers for Disease Control and Prevention (CDC) warn that illegal and synthetic fentanyl causes the majority of deaths from opioid overdoses, and much of that drug is obtained in illicit markets on the dark web.


A notable case was the store "SinMed," operating on the dark web, dedicated to the sale of synthetic opioids and operated by Aaron Shamo, who was sentenced to life imprisonment in the U.S. in 2022. It is estimated that SinMed alone distributed more than 450 kg of fentanyl and heroin in thousands of shipments paid with bitcoins.


The trafficking of these lethal substances through cryptocurrencies on the dark web presents a major challenge for authorities. It requires not only dismantling the markets but also tracing the flows of crypto assets to pursue the perpetrators.


The Dark Web and Money Laundering.


Although the direct purchase of illicit goods does not constitute money laundering per se, these dark web markets facilitate laundering by providing a vehicle for criminal organizations to introduce their illicit money into the financial system through cryptocurrencies.


Experts warn that DNMs could be laundering billions through sophisticated techniques. In this sense, lacking Know Your Customer (KYC) or anti-money laundering and counter-terrorism financing (AML/CFT) controls, nothing prevents criminals from depositing funds of criminal origin in these markets using crypto, rotating them through multiple transactions to hide traces, and eventually withdrawing them as "clean" funds.


Even without withdrawing the funds, the simple act of introducing them to these platforms and converting them from cash to crypto assets constitutes a form of placement, the first stage of money laundering. Moreover, they can subsequently layer them by purchasing various goods and services within the marketplace itself, ultimately integrating them into the formal financial system.


Although reliable estimates on the dimension of laundering through DNMs do not yet exist, their technological sophistication and global reach suggest that sums could reach billions of dollars.


Balancing Ensuring Freedom for the Oppressed and Preventing Illegal Use of the Dark Web: The Task for Local Authorities and the International Community.


Authorities must deploy cutting-edge tools, such as blockchain tracing and analysis of criminal networks, to detect suspicious patterns in the use of crypto assets on these dark markets. Only in this way can they confront this new and insidious form of money laundering through blockchain technology.


Protecting political dissidents, privacy advocates, and whistleblowers must not come at the expense of empowering pedophiles, arms traffickers, or drug traffickers.

This is precisely the challenge that regulatory agencies and law enforcement face: how to balance the protection of liberal principles in an era of information control with the detection and eradication of the most insidious activities taking place in that dark realm.


International Collaboration.


In recent years, the international community has made significant progress in this regard by improving the exchange of information, enhancing the technical capacity of police forces to dismantle illicit markets, and regulating cryptocurrency transaction transfers. The first step to addressing the darkest web's most nefarious activities is to improve the exchange of information between law enforcement agencies and financial institutions.


Given the global nature of this network, international cooperation is essential.


As an example, in 2018-19, Interpol and the European Union brought together law enforcement agencies from 19 countries to identify 247 suspects of high interest and exchanged the necessary information to enforce the law, with more than promising results. This effort led to the arrest of suspects and the shutdown of 50 illegal sites on the dark web, such as Wall Street Market and Valhalla, two of the largest drug markets.


"Deanonymization" of Tor Servers.


The rise of illegal operations on the dark web has also spurred authorities in many countries to control crime by enhancing the capabilities of national law enforcement entities like the United States Federal Bureau of Investigation (FBI).


In the specific case of the FBI, it has conducted operations to "deanonymize" Tor servers by establishing nodes on the network that allow it to see the identity and location of certain illicit virtual pages on the Tor network. This enabled the dismantling of the Silk Road 2.0 site in 2014, the primary illicit virtual market on the dark web at the time.


This investigation revealed that, over two and a half years of activity, several thousand drug dealers and illegal vendors had used the site to distribute hundreds of kilograms of drugs and other prohibited products and services to over 100,000 buyers. Additionally, the site was used to launder hundreds of millions of dollars from these illicit transactions.


In total, the site generated sales of over 9.5 million bitcoins, equivalent to around $1.2 billion at that time. AlphaBay and Hansa Market, two of the main successors to Silk Road, were also successfully dismantled in 2017.


International and Local Regulation.


The capacity to suppress dark web activities has continued to develop. In addition to carrying out dismantling operations, governments and international organizations are attempting to directly regulate cryptocurrencies that fuel dark web markets.


In June 2019, the Financial Action Task Force (FATF) issued guidelines urging companies that process cryptocurrency transfers to identify both senders and beneficiaries. These guidelines align with the recommendation of the 2018 G-20 summit, which called on international regulatory bodies to consider measures related to cryptocurrencies, especially regarding the principle of customer knowledge, anti-money laundering, and counter-terrorism financing.


Prevention Efforts in Argentina.


The ecosystem of startups that have created markets, wallets, and other mechanisms facilitating crypto payments is far from having the necessary infrastructure to adopt regulations like those of the financial sector. Nonetheless, supervisors need to start by laying the foundations for better oversight.


In this regard, Argentina is in the process of introducing a significant reform in its Anti-Money Laundering and Counter-Terrorist Financing system. A bill (with partial approval) is being discussed in the National Senate, aiming to include Virtual Asset Service Providers (VASPs) in the exhaustive list of Obliged Entities under Article 20 of Law No. 25,346 (the core of Argentina's anti-money laundering system). These entities are required to register with Argentina's Financial Information Unit's (UIF) Supervisory and Registration System, as well as to establish strict Anti-Money Laundering policies (including KYC and Due Diligence rules and monitoring of client transactions) and to report any suspicious money laundering operations that their clients intend to or have engaged in with the UIF. Additionally, consideration is being given to the possibility that VASPs must also be registered in the records maintained by the National Securities Commission.


This constitutes a starting point, where authorities face the challenge of finding the balance between regulating these markets to prevent illegal and abusive use, while avoiding suffocating the development of the cryptocurrency market and the tool for protecting individual freedoms as the dark web was originally conceived.


Conclusion:


The convergence of cryptocurrencies and the dark web has created a complex terrain where privacy and crime intertwine. The dark web, simultaneously a haven of freedom and a breeding ground for illegal activities, has made it clear that innovative approaches like blockchain tracking are needed to unravel its nature. Global collaboration between agencies and the regulation of cryptocurrencies are crucial steps in combating money laundering and cybercrime in this evolving environment.


In this intersection of challenges and possibilities, the dark web's murky landscape blurs between protecting dissidents and persecuting criminals. The need to balance freedom and security manifests in international cooperation and cryptocurrency regulation. As technology and crime evolve, it is clear that the intersection of cryptocurrencies and the dark web will remain a constantly changing field that requires joint vigilance and innovative measures.


Miguel Cassagne

(September 2023)


Sources: International Monetary Fund (IMF) ? Financial Action Task Force (FATF) - Official Gazette of the Nation - TRM Labs ? New York Times."