Skip main navigation

£199.99 £139.99 for one year of Unlimited learning. Offer ends on 28 February 2023 at 23:59 (UTC). T&Cs apply

Find out more

Bitcoin Tracking

This video explains how Bitcoin can be used to track a hacker.
In this video, we’re talking about Bitcoin tracking. Now Bitcoin is a pretty popular type of cryptocurrency. There’s Bitcoin, Monero, Litecoin, a whole slew of different cryptocurrency out there. Then also it tends to be favoured by, say, malicious hackers and other people that are doing bad stuff. Not to say that cryptocurrency has been in itself, there’s a lot of legitimate people and uses for it. However, unfortunately, it can be used by these other types of people as a form of extortion or ways to pay them.
So Bitcoin was invented in 2008. Bitcoin is a decentralized currency. Bitcoin can be traded, bought, or mined. Bitcoin is fairly anonymous currency. Currently the value of a Bitcoin is $11,649.40 for just one Bitcoin. Bitcoin and other type of cryptocurrency is commonly used by malicious hackers due to its decentralized nature. Now, this came a while back. This is a pretty old email, but this is an example of how bitcoins can be used by malicious people. So in this email, this attacker said that they accessed someone’s computer, that they gained access, they took video of all this embarrassing stuff, and they’re going to share with everyone, the person’s entire contact list unless they send them money in the form of Bitcoin.
And they gave a Bitcoin wallet address. And they have 26 hours to pay it. Now this is a pretty horrific thing whether they really did do something or not. It’s pretty scary for a lot of people. And it’s a little confusing that you have this Bitcoin address, so how do you actually try to get information to find out who they are? Well, Bitcoin is - can be difficult to track down, but there’s a few things that we can do to help find out more information about this. While cryptocurrency is anonymous, it’s still possible to pull some information on who these people are. So let’s take a look at a couple of methods.
So one is called Bitcoin Whos Who and this is a website that we’re going to use. Now, on this site we could put it in the Bitcoin address here in this lookup field here.
So if we go tp a Bitcoin address, we can - I’m going to paste that in there. We’re going to click the magnifying glass to search it. And this could be a little slow, so don’t worry about that. Once it comes up as real, potentially be able to get some information on who this is and, hopefully, some location stuff. So here we go. So here’s the Bitcoin address. This is - we can see the current balance of how much money they have in there. We can see number of website appearance. We could see last transaction. Total received. Number to transactions. Number of out transactions. Last transactions. First transactions. Known inputs.
Up here we could see this was a address that’s a scam, so pretty useful, especially if someone says, hey, this is your boss, can you send me some Bitcoin, I need to do something. We could plug that address in and we could say, hey, now, this was reported fraudulent. That looks suspicious. But also we can see these IP addresses. We could see last transaction IP addresses and potentially start tracking off these IP addresses. Again, we can see a number of transactions, which is useful, the first transaction, the last transaction. So a lot of good information just by running this website, Bitcoin Whos Who with the address.
Now, the other tool we’re going to take a look at is Maltego. And I’m using the community edition here, part of the Trace Labs VM. This is the free version. So with Maltego, if you install the plug-in for Bitcoin, you could just drag the Bitcoin address program here onto the field. And once it’s on here, we could just double-click that and paste in a Bitcoin address.
So I’m going to highlight all that, going to paste in a new address here, and then click OK. And then if we right-click this, we can either an individual transforms or everything. You could set your display format for the date. And once you start it, we could see a lot of different activities here. This one particularly blows up with a lot of stuff here. And we can see how all this information is tied out. So we could see transactions incoming, outgoing, and we could see that bit - that address ties to these other addresses and we could potentially click on those other addresses and view more details. So we click on this particular one. We could see total receives.
We can see transaction. We see hashing. So a lot a lot of useful information here. Again, it helps us track down what’s going on with this particular Bitcoin wallet. And this particular one has quite a bit of activities. So, again, just another tool that we could use to try to get more information on this.
So wrapping up, while Bitcoin and other cryptocurrency is decentralized, it can be harder to track the source. It is still possible. We could use tools such as Maltego, Bitcoin Whos Who to track transactions even IP addresses. We also may be able to integrate such things as Canary tokens to potentially gain information on our would-be attackers. So that email that we saw earlier, I can create a canary token and say, hey, I’m trying to send you this Bitcoin, I found this document here on how to buy Bitcoins, but it was a little confusing, is this even right?
Or I can even embed a photo in there and go, hey, here’s evidence that I was trying to send it by I got this error message embed in the - into a email. As soon as they opened the email, it triggers a Canary token and, hopefully, I have a real IP address from the attacker. So these are some ways to help people identify the user or at least get closer to finding out who they are.
Now, this was about Bitcoins. In the next video, we’re going to be talking about recovering from a network attack. Thank you for watching. I’ll see you in the next video.

This video explains how Bitcoin can be used to track a hacker.

This video illustrates how you can use a Bitcoin address to see information on the account’s activity and can see if the account has been linked to a scam. A hacker may threaten an individual unless they pay a Bitcoin ransom but seemingly harmless exchanges using Bitcoin could also be scams, so this is a useful tip for protecting yourself online.

Reflect and share: If you received an email demanding a Bitcoin ransom, what would you do in response? If you have experienced this in the past, what would you do differently now? Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education