This article aims to analyze the crypto funds behind the incident and disclose this on-chain risk threat.
Creative Private Room Address Analysis
Crypto funds have a certain degree of anonymity, but there is no way out. Bitrace transforms transaction records and anonymous addresses on the blockchain into valid information through on-chain analysis, and conducts visual tracking, making the connections between points and lines clearly visible.
Through the Creative Private Forum and public intelligence, we obtained the following addresses for receiving payments for illegal image transactions:
TA2G85LLXqtbcMwwZUKn4gDdQ9EkoHRp8V (currently in use)
TJxBDgdAmD1NPy6ih4E6RBM4YQWZRACakZ
TPbRDKYYi5qT3Ayutw6NV31bvNX9zGivZx
TUQbf1PgWvxKethbrYLFY842UL6Z41RiKC
It is not difficult to see that the criminal gangs behind the creative workshops constantly evade investigation by changing the payment address and creating new posts, but there is still a continuous flow of anonymous customers and a large number of transaction redemptions.
The real-name information of users owned by the exchange can locate the illegal groups behind Creative Private House. In the process of on-chain analysis, once the funds flow into the centralized exchange, we can form on-chain address annotations through the model, share information with the exchange to mark the risk entities, and then make the on-chain tracking of the Web3 world have a realistic foothold.
By screening the transaction flow, we have identified 5 addresses that received more than 20,000 USDT from the Creative Private House address, with the highest amount reaching 67,700 USDT. These addresses are very likely to be the actual beneficiaries of the sale of child sexual exploitation images. After further tracking, it was found that these 5 suspected profit addresses were associated with centralized exchanges such as Binance, MaiCoin, and Bingbon, indicating that such institutions have unfortunately become the targets of illegal gangs.
Application Trends of Cryptocurrency in CSAM
It is true that privacy in the field of cryptocurrency is important. Once faced with black funds, it is very important to know who the entity behind the address is. Although many countries have begun to formulate relevant regulations to block the application of cryptocurrency in illegal fields such as CSAM, the relevant laws and regulations are far less mature than those in the traditional payment field.
*CSAM is the abbreviation of "Child Sexual Abuse Material", which means "child sexual abuse material". This term is usually used to refer to pictures, videos, audio or other media containing child sexual abuse content.
In the traditional payment field, CSAM transactions usually involve bank accounts or other financial institutions. These transactions are recorded in detail and can be easily tracked and monitored by law enforcement agencies. However, cryptocurrencies provide a certain degree of anonymity for CSAM transactions, especially by using privacy-enhancing technologies that make it difficult to track the entities behind the transactions. The application of cryptocurrencies in CSAM not only reduces certain risks for CSAM buyers (using crypto mixers and crypto ATMs to hide payments to CSAM suppliers), but also provides CSAM providers with a convenient way to launder and cash out illegal profits (using peer-to-peer cryptocurrency exchanges to convert crypto proceeds from CSAM sales into fiat currency). This has led CSAM criminals to increasingly turn to convertible cryptocurrencies to hide their illegal transactions to avoid being discovered by law enforcement agencies.
According to the UK's IWF (a non-profit organization dedicated to eliminating illegal content online), the number of websites offering cryptocurrency payments for child sexual abuse images is almost "doubling every year." Of the 250,000 websites containing child sexual abuse discovered by IWF in 2021, 1,014 websites provided criminals with the option of using virtual currency to access or purchase videos and images of children being sexually abused and raped.
Data source: Internet Watch Foundation
According to the U.S. Treasury Department's Financial Crimes Enforcement Network FinCEN report, between 2020 and 2021, financial institutions submitted thousands of suspicious activity reports involving Bitcoin, which were related to online child sexual exploitation and human trafficking crimes. Even more shocking is that 95% of these reports specifically pointed out transactions of child sexual exploitation materials (CSAM), and more than 1,800 unique Bitcoin wallet addresses were suspected of being related to CSAM and human trafficking crimes.
These data not only expose the prevalence of cryptocurrencies in child sexual exploitation crimes, but also highlight the challenges faced by regulators in combating such criminal activities.
Written in the end
Cryptocurrency, as a major innovation in financial technology, its anonymity and decentralization characteristics have brought convenience to the global economy while also creating convenience for illegal activities to a certain extent.
Bitrace believes that industry members actively using professional knowledge and technical tools to identify funds associated with such risky activities is an important weapon to resist this risk, including but not limited to: industry institutions should strengthen their awareness of fund risk control, perform their duties of monitoring and managing abnormal customer transactions (KYT), and promptly report illegal transactions and risks; actively establish cooperation with local law enforcement agencies and access threat intelligence services provided by security vendors; individuals should also take active actions to report related suspicious activities.
