Antinalysis, a blockchain analytics tool that helps cybercriminals avoid the risk of getting identified when they attempt to cash out their illicit money, on August 16, released a statement that their data sources have been seized.
The tool allegedly allowed Dark Web users to see if funds are likely to be flagged as funds involved in some crime by regulated crypto exchanges, according to a blog post from blockchain analytics firm Elliptic.
Cryptoassets are preferred by cybercriminals to perpetrate their attacks as they provide pseudonymity. However, laundering and cashing out these proceeds is a major challenge. Crypto exchanges use blockchain analytical tools to check if customer deposits for links to illicit activity, as highlighted in the post.
These tools can identify whether the funds originated from a wallet associated with ransomware or any other criminal activity by tracing a transaction back through blockchain.
What was Antinalysis and how it worked?
Antinalysis helped crypto launderers avoid identification, by giving them a preview of what a blockchain analytics tool will display about a bitcoin wallet, the funds it contains, and the crimes associated with it, according to Elliptic.
The site used to run on Tor, an anonymous version of the web commonly used to host Darknet markets and other illicit services.
An example of the reporting services it provided is below.
The site categorized the crypto by risk factor. Proceeds of Darknet markets, ransomware, and theft were considered to be “extreme risk”, while funds from regulated exchanges and freshly-mined coins were classified as “no risk”.
Elliptic’s evaluation of the results showed that it was poor at detecting links to major Darknet markets and other criminal entities.
It’s not surprising as providing accurate blockchain analytics requires significant investment in technology and data collection, over long periods.
The Elliptic post also has cited an article by well-known security researcher Brian Krebs that has claimed the results provided by
Antinalysis are identical to those provided by AMLBot. It is, therefore, likely that Antinalysis makes use of the AMLBot API. AMLBot is itself a reseller for Crystal Blockchain, an analytics provider.
Implications of Antinalysis
Despite that, the tool represents a significant new capability for crypto launderers. They can now test their laundering methods before taking the risk of depositing at an exchange or other service provider.
Also, it makes blockchain analytics available to the public for the first time. This type of analysis has been used and is available primarily by regulated financial service providers.
Suspension of service
BBC reporter Joe Tidy tweeted that Pharoah from Anitnalysis contacted him with a statement. They said that the site was taken down 8hrs after the BBC report was published about Antinalysis on August 13. The representative also claimed that it is not designed just for criminals.