Anonymity Services’ Usage of Cryptocurrency and Role in Cybercrime
Anonymity services refers to a loose category of products and services that allow users to maintain an internet business or presence with greater privacy. These include:
- Virtual private networks (VPNs)
- Virtual SIM cards
- Encrypted communication
- Anonymous postage
- Bullet-proof hosting
Perhaps unsurprisingly, many of these services allow customers to pay for them using cryptocurrency, adding another layer of privacy. While all the examples of anonymity services we list above are perfectly legal and have plenty of legitimate use cases, the extra privacy they afford makes them attractive tools for cybercriminals. Therefore, it’s important that compliance and law enforcement professionals understand how to find these providers and analyze their transactions on the blockchain.
Below, we’ll examine each type of anonymity service listed above more closely and show you an example of a provider accepting cryptocurrency payments.
VPNs allow users to navigate the public internet as if they were connected to a private network, often with encryption for heightened security. Many companies use VPNs to let employees access corporate tools and data while outside of the office. However, many services now offer VPN services to the masses, allowing them to mask their true IP address with one provided by the service and thereby browse the internet as though they were in a different location of their choosing. It’s worth noting that many of these services don’t meet the technical definition of a true VPN despite marketing themselves this way.
VPNs have several positive applications, especially for people in countries with restrictive internet policies. For instance, many internet users in China rely on VPNs to circumvent the country’s firewall and visit censored websites. However, cybercriminals also use VPNs as an extra layer of security. In cases where such cybercriminals use cryptocurrency to purchase VPN access, law enforcement could have an opportunity to track the transactions and uncover more of the suspect’s cryptocurrency transactions, or even subpoena the VPN provider for more information.
SecureVPN.to is an example of a VPN service that accepted cryptocurrency payments.
While active between September 2014 and December 2016, SecureVPN.to received 131.9 BTC, mostly in small transactions of around 0.02 BTC that appear to be payments from customers. Its largest counterparties by volume are safe, compliant exchanges such as Kraken and Coinbase. However, we also see SecureVPN.to received funds from mixers like SharedCoin, which while not illegal should be considered high-risk. We also see SecureVPN.to received funds from darknet markets like Abraxas Market, which strongly suggests a darknet market administrator or vendor purchased services from the VPN provider.
Virtual SIM cards
Virtual SIM card providers allow users to get a working phone number for any region whenever they need them. There are several legitimate use cases for virtual SIM cards, such as avoiding roaming charges while travelling, conducting business overseas with a local phone number, and using other devices such as tablets for phone calls.
However, virtual SIM cards have illicit use cases as well. Cybercriminals often use them to communicate more anonymously or to sign up for various online services that require a phone number, such as social media sites or even fintech platforms, with a fake number that can’t be traced back to their real life identity.