Book Review: "Tracers in the Dark"

While I’m only halfway through reading “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency,” by Andy Greenberg, I’m posting today because it fits so perfectly with WatchingTheHerd’s book review of “Going Infinite.” Both books are focused on cryptocurrency exchanges.

One of the attractions of cryptocurrency to the underworld of criminal activity and money laundering was said to be its anonymity. Although all transactions were permanently etched into the blockchain records, the identities of the participants were obscured.

“Tracers in the Dark” is the story of how experts in academia and government law enforcement (IRS, FBI, Justice Department, etc.) discovered how to trace the blockchain records to their individual participants. In the process, they discovered the identity of one of the earliest crypto exchange organizers, “Dread Pirate Roberts,” who was sentenced to two life sentences without parole. Also discovered that two separate members of law enforcement teams had been stealing cryptocurrency from exchanges for years under the cover of investigating them.

One lesson in the book is that the internet is forever. A tip led to the discovery that a very canny organizer of a criminal exchange had posted photos of himself at age 17, connecting him to the identity of his much more cautious adult self.

Another lesson is that nothing connected to the internet is truly safe from either thieves or government investigators. Any security loophole can be exploited. A thief who is located in Russia can’t be extradited for prosecution. (Even if his server is located in the U.S. because it’s safer than Russia.)

Although the book is about cryptocurrency exchanges, I wonder whether our conventional financial institutions (e.g. Fidelity, Vanguard, the banks, etc.) are equally vulnerable. In the conventional financial world, losses are insured by the FDIC and SIPC, so we are supposedly safe.

However, a friend’s wife was tricked by a spoofer into somehow allowing him to control her computer (I’m not clear about the details.) The spoofer then used the password to steal $20,000 from their Fidelity account. Fidelity refused to reimburse this.

I recommend “Tracers in the Dark” for anyone who enjoys reading about step-by-step investigations. By the way, I still think that cryptocurrency is a speculative trap for the unwary and wouldn’t touch it with a 10 foot pole.



One additional data point.

Some person or group has been “sharing” open source Python libraries via public code repositories with the intent of other individuals incorporating them into projects or home hobby scripts. These libraries ostensibly do SOMETHING that seems to be valuable to the downloader to simplify their programming problem but the libraries actually include logic that scans the computer running the library for signs the host contains crypto wallets, folders associated with other security utilities, etc. Most insidiously, it installs software that constantly monitors the Clipboard of the host as data is copied into the clipboard, looking for strings that match cryptopayment accounts and replace them with their own in an attempt to divert payments to their own accounts.

How is the bad code included with the “ruse” code? It’s HIGHLY unlikely the hackers literally shared ONE Python source code file called that has both some innocent “useful” function followed by 400 lines of functions named “extractIdiotWalletCredentials()”. Instead, the bad code is likely embedded in one of possibly dozens of other files “included” by the top level library file. When a developer wants to use the top level library, they enter a command like this:

python -p pip install somemodule

which looks for somemodule in known trusted libraries. If somemodule is found, that library is scanned for any libraries it includes and they are all installed automatically.

Is this the end of the world for cryptocurrencies? No. Is this something likely to affect the average nube who owns $20,000 of bitcoin but doesn’t know Python from a rattlesnake? No. But it is the type of activity that could trip up a crypto fan who IS into using Python for data analysis side projects at home and lets their guard down thinking their home hobby experiments aren’t that important to worry about all the helper libraries they’re using.



That happened to my sister. She received a notice that her computer was hacked and to call Microsoft now. She called them and then they said they needed remote access to her computer in order to remove virus from her computer. She gave them access, became worried, unplugged the computer and called me. I had to work on it for a few days to get rid of all the virus’s they installed.

I also was having a problem with Verizon. I had bought a 5G phone and couldn’t receive speeds faster than 1 meg at my house but if I walked 10 blocks north I was up to 250 meg. Well, in the middle of all this, A scammer called me telling me that they were with Verizon and if I would like to upgrade my service. I told them I had already upgraded and wasn’t happy with the service, They said they would give me a month service free but that I would have to pay a “Fee” first for the faster service and all I had to do was send it via Zell. What are the chances of that?