In May 2021, hackers launched a cyberattack against Colonial Pipeline Co., the company behind the largest gasoline pipeline in the United States. It was the kind of incident that American officials had been expecting for years. Colonial was forced to shut down for six days, causing panic buying, shortages, and an increase in gas prices. The company paid the hackers a ransom of 75 Bitcoins, which was equivalent to about $4.4 million at the time.
A month later, the US Department of Justice announced that it had recovered nearly all of the Bitcoin. The FBI followed the ransom Colonial paid to an account related to DarkSide, a Russia-based criminal group affiliated with the attackers, and stepped in to take it. Criminals reportedly favour cryptocurrencies since they are thought to be difficult to monitor. It demonstrated that US law enforcement could access assets held by attackers working outside of the nation, which represented a significant advancement in the fight against cyberextortion. “There is no place beyond the FBI’s reach,” said Deputy Director Paul Abbate in a statement.
The bureau had enlisted the assistance of Chainalysis Inc., a company that has developed software to track the entities involved in crypto transactions and where the monies end up. The startup has become a key partner for the US and other governments investigating crypto-related crime, acting as the establishment’s private eye in an industry that has historically been anti-establishment. “There hasn’t been hardly any case of any significance” in the world of crypto crime that “we haven’t been involved in,” says Gurvais Grigg, Chainalysis’ global public-sector chief technology officer and former FBI agent.
The New York-based company is a pioneer in a subset of the cryptocurrency industry known as blockchain analytics, which also includes SoftBank-backed Elliptic Enterprises and Mastercard’s CipherTrace. Blockchains are essentially transactional records. Although they do not contain personally identifiable information, detailed accounts of how cryptocurrencies move between wallets can be reconstructed. Chainalysis collects massive amounts of public data from blockchains and then augments it with information it collects or obtains from clients. It processes the data using machine learning, statistical analysis, and other techniques to cluster wallets together and understand where the cryptocurrency went.
“It’s a bit like a street map, but it’s a street map without any names of the streets, without any names on the buildings,” says Caroline Malcolm, Chainalysis’ head of international policy. We provide an overlay that tells you what street you’re on and what building that is.” According to Malcolm, Chainalysis does not connect its map to the names of real people, leaving that step to law enforcement professionals, who can often connect accounts to their owners by obtaining records from crypto exchanges or other means.
Companies that conduct this type of blockchain analysis disprove the notion that transacting in cryptocurrencies ensures anonymity. It’s actually pretty scary how much they can figure out about what you’re doing on public blockchains, says Roger Ver, whose early support for virtual currencies earned him the moniker Bitcoin Jesus. It’s as if your bank account or credit card bill is posted online for all to see.
Gronager, 52, is a pleasant Danish man with a Ph.D. in quantum mechanics. He became seriously interested in cryptocurrency in 2011, and downloaded the Bitcoin source code to learn how it worked. He soon became involved in the creation of the cryptocurrency exchange Kraken. Gronager was working as Kraken’s COO in 2014 when Mt. Gox, the world’s largest crypto exchange, declared bankruptcy, claiming it had lost nearly $500 million in virtual coins due to a hack. Kraken was hired by the bankruptcy trustee to assist in the search for the missing Bitcoin. Gronager flew to Japan to work on the probe, eventually leaving Kraken to devote his full attention to the project, and then began coding the prototype for Chainalysis’ software.
Chainalysis quickly became involved in many of the high-profile investigations into blockchain-based malfeasance. It assisted US officials in recovering more than $1 billion in funds linked to Silk Road, a popular dark web marketplace, as well as tracking funds stolen and laundered by the North Korean hacking group Lazarus. It assisted in the identification of the operator of Welcome to Video, the world’s largest site for child sexual abuse materials, in 2019. Chainalysis reported earlier this year that illicit crypto volume reached an all-time high of $14 billion in 2021, but that such activity accounted for only 0.15% of all crypto transactions.
Chainalysis is expanding most rapidly in the Asia-Pacific region, with offices in Australia, Japan, Singapore, and South Korea. Gronager claims that the company’s continued growth—it now employs 850 people—helps secure its dominance because the more data it collects, the better its products become, making it more difficult for competitors to catch up.
Gronager and his colleagues argue that they are fighting a good fight, claiming that cracking down on criminal use of cryptocurrency will bring credibility and growth to the industry. Not everyone in the crypto community agrees. Some people “think Chainalysis is the devil,” according to Josh Olszewicz, head of research at Valkyrie Investments, a Nashville-based crypto fund manager. Others “believe they are a necessary service.” He describes the company as a “net good.”
Ver clearly belongs to the first group. He says, George Orwell would be proud. I suppose the NSA”—National Security Agency—”could claim that by spying on everyone, they’re increasing trust in the internet.
Such criticism, according to Gronager, are “echoes of the communists from the early days.” He does, however, recognize the power of Chainalysis’ software and says the company is cautious about which governments it works with. It does not do business with sanctioned countries like Iran or Russia, and it does not work with China, despite having private-sector customers in Hong Kong. According to Gronager, it has an ethics committee that weighs in on more complicated cases and sometimes seeks the input of “US partners” in the public sector before deciding which cases to pursue.
People have a right to financial privacy, but technology shouldn’t be “warrant-proof,” according to FBI veteran Grigg of Chainalysis. Others in the crypto industry, however, give more weight to creating networks with undetectable transactions. In 2014, a group of programmers announced Monero, a cryptocurrency created specifically to protect users’ privacy. If Bitcoin and Ether are the cryptocurrency equivalent of posting your credit card bill online, then Monero aims to be digital money. It should come as no surprise that Monero is now often used for illicit activities like extortion and darknet markets. In 2020, the Internal Revenue Service awarded two companies contracts worth up to $625,000 each to create a tool for hacking the Lightning Network and Monero crypto payment systems. Chainalysis was one of the applicants.