With the continuous development of Internet technology and logistics industry, the form of drug crime is also changing,The emergence of dark web and virtual currency has provided new trading methods for drug crimes. According to the "World Drug Report 2021", the current annual drug transaction volume of several major darknet markets is at least 315 million US dollars, and the transaction volume of drug transactions on the darknet is showing an upward trend year by year.

When it comes to "dark net", "drugs" and "virtual currency" will make people think of "Silk Road". "Silk Road" is a darknet website named after the ancient commercial road connecting China and the West. It was founded by Ross William Ulbricht in early 2011. On October 2, 2013, Silk Road was banned by the FBI on the grounds of fighting crime.

Those who are familiar with virtual currency should have some understanding of this platform. Users of this platform can only access it through Tor (onion browser), and transactions on the platform can only be settled with Bitcoin.

This anonymous browsing access method and virtual currency anonymous payment method make transactions on the dark web very secretive, and it is this secrecy that allows lawbreakers to safely and boldly carry out various illegal activities on the "Silk Road". Transactions, including drug trafficking, buying and selling of guns and weapons, child pornography, etc., and drug transactions account for about 70% of these illegal transactions.

Virtual currency is a currency that does not rely on the issuance of legal tender institutions and is not controlled by the central bank. It is based on a set of open-source codes of computer calculations around the world, generated through a large number of calculations and processing by computer graphics cards and CPUs, and uses cryptography to ensure the security of all aspects of currency circulation.

This issuance mechanism and cryptography design make it global, convenient, secure and anonymous. That is to say, as long as there is a network device, no matter in which corner of the world, you can buy and sell virtual currency; as long as both parties have a private key, you can use the corresponding address to transfer money, and it cannot be directly linked to the corresponding address. people.

These characteristics of virtual currency are used by drug dealers to avoid the problem of drug money being traced.

real case

Next, let's look at a few real cases:

Case 1: In 2019, Cui Moumou got in touch with a cannabis leaf seller "Pi Moumou" (transliteration) through a foreign chat software. Because the software can delete the chat records in real time, in order to avoid being hit, Cui negotiated with Pi through the software on the quantity and amount of smuggled marijuana leaves, paid RMB on a virtual trading platform to purchase the corresponding amount of bitcoins, and then transferred Put the bitcoin into the address designated by "Pi XX" to complete the payment.

Then "Pi Moumou" hid the corresponding marijuana leaves in biscuits, chocolates and other snacks, concealed the name of the goods, and smuggled them into the country through logistics according to the delivery address and phone number provided by the defendant Cui Moumou.

Finally, Cui Moumou completed three smuggling of marijuana leaves totaling more than 1,000 grams for self-inhalation and sales from June 2019 to January 2020. Defendant Cui Moumou committed the crime of smuggling and selling drugs and was sentenced to four years in prison and fined RMB 40,000.

Case 2: The People's Procuratorate of Chengdu City, Sichuan Province accused the defendant, Jin Moumou, of buying 10 grams of marijuana from Canada via the dark net in October 2019 for his own consumption. Ways to import marijuana from Canada by post.

The court ruled that Jin Moumou was guilty of drug smuggling, sentenced to one year in prison, and fined RMB 5,000. The following is the defendant Jin Moumou's own confession:

"I bought it on the dark web. The recipient's name was written by the seller. The phone number and address are mine. It contained marijuana purchased from Canada. The name of the dark web is Silk Road. I used a computer to pass The onion browser is directly logged in. The onion browser is anonymous and traceless, and the URL of each login may be different. The marijuana bought at that time was 10 grams. The payment for the purchase of marijuana paid overseas by Bitcoin was zero. A few bitcoins, equivalent to over a thousand yuan. The bitcoin used to buy marijuana was purchased with "Paypal" two or three years ago, and now there is no balance in it. Bitcoin transactions on the dark web are peer-to-peer and anonymous, and no single transaction record can be found. "

Case 3: In May 2020, defendants Xie and Ye planned to lease land in Yunnan Province to grow marijuana. From September to October of the same year, after the two harvested marijuana, Xie contacted the drug order through the Telegram software (the Chinese name is "Telegram", a cross-platform instant messaging software), and collected drug money in the form of Bitcoin, which was used by Ye Using false names, the marijuana was mailed to drug buyers in Zhejiang and other places by courier.

The two sold marijuana about 10 times and made illegal profits of more than 40,000 yuan. Afterwards, the public security personnel arrested the two and seized 3332.96 grams of marijuana from Ye Mou. Xie was sentenced to three years and six months in prison and fined RMB 13,000; Ye Moumou was sentenced to three years and three months in prison and fined RMB 10,000.

It can be seen from the above three cases that the criminals all use the "Internet + virtual currency + express delivery"This way of drug trafficking is very secretive from the release and acquisition of information to contact, payment and mailing.

The whole process can be summarized into the following four characteristics:

1. Use the Tor browser to access the dark web. The browser enables users to anonymize, and through layers of encryption, the address of the server can change constantly, making it impossible to trace.

2. The transaction process adopts anonymous contact. Using Telegram, a chat software designed with anti-reconnaissance and encryption functions, cannot be found and evidence can be destroyed at any time.

3. Use virtual currency for payment. Utilize the characteristics of virtual currency to avoid supervision and form a strong protection barrier for transaction payment.

4. Disguise the mailing package of drugs. Most of the delivery of drugs is carried out by express delivery, and most of them are sent under pseudonyms to evade logistics detection.

From this we can see that the crime has formedmanufacture, sell, transportThe whole industrial chain, realize "Separation of people and goods, separation of money and goods"Contactless transactions have increased the difficulty of investigation and evidence collection. On the other hand, in order to avoid supervision, criminals have been trying to find more concealed trading media and money laundering methods.

Virtual Currency Tracking

", relying on Zhifan's blockchain big data analysis capabilities, through the analysis of virtual currency address accounts, virtual currency traceability, clue expansion and other aspects to assist the public security organs in combating fraud, money laundering, pyramid schemes, dark web transactions and other virtual currency-related crimes case.

In order to effectively solve the problem of untraceable asset flow brought about by the anonymity of virtual currency, the security team of Zhifan Technology has independently developed a virtual currency investigation service platform serving public security organs—“Chase Trace-Virtual Currency Tracking and Verification Platform", relying on Zhifan's blockchain big data analysis capabilities, through the analysis of virtual currency address accounts, virtual currency traceability, clue expansion and other aspects to assist the public security organs in combating fraud, money laundering, pyramid schemes, dark web transactions and other virtual currency-related crimes case.

We all know that all transaction processes of Bitcoin are completely transparent and are publicly recorded in the blockchain, so Bitcoin transfer transactions (transfer of a Bitcoin from one address to another) can be traced However, because the owner of this address has not disclosed his real name or other information related to the real world, there is no way to track who the owner of the address is.

However, criminals are after all in order to make profits, and they always need to realize the illegally obtained virtual currency. Once the account user is connected with the real world, he will jump out of the "anonymous world" and return to the real world, thus being tracked.

Later, someone designed an anonymous coin to ensure anonymity. What is an anonymous coin? Anonymity currency is a special blockchain token that hides the transaction amount, sender, and receiver during the transaction. Corresponding to it is the "display currency" headed by Bitcoin and Ethereum. Based on the principle and structure of the Monero blockchain, it is impossible to accurately obtain the transaction amount and the addresses of the two parties. The common anonymous currency has reached Dash (DASH), Monero (XMR) and Zcash (ZEC).

Recently, the Zhifan security team found that in the crimes related to dark web transactions, criminals began to use anonymous coins such as Monero to trade, which made tracking more difficult. It is foreseeable that the tracking of anonymous coins will become New challenges for virtual currency tracking technology.

Zhifan Safety Academy Small Classroom

Surface Web: The surface layer of the Internet that can be accessed and browsed through standard search engines.

Deep Web: Content that cannot be accessed and browsed through conventional search engines.

Dark web: Refers to websites that have not been indexed and can only be accessed through specialized web browsers. Traditional browsers cannot directly access them. They are generally considered to be a subset of the "deep web".

Tor (the onion router): The onion browser can block the user's IP address and allow anonymous browsing.

Telegram (Telegram): It is a cross-platform instant messaging software with functions such as "burn after reading", "delayed destruction", and "simultaneous deletion" of unilateral messages.