Advanced Course Practicals

UTXO Change Address Practical - Day 1

PRACTICAL 2

In February 2023, your agency initiated an investigation into a local firearm trafficker that was purchasing Glock switches on the dark web and reselling them on the streets of your community. The target used various cryptocurrency gambling websites to launder the proceeds of his illicit activity. 

A confidential informant provided a cryptocurrency wallet address that the informant used to previously purchase Glock switches. Through your investigation, you independently corroborated the informant’s information by seizing a Glock switch from the informant and verifying the informant’s purchase using cryptocurrency.

You set an alert on the target’s wallet address to monitor transactions and identified the target’s cryptocurrency wallet address as:

            329vavkb3SgTtqoytoBpA4kE7XgYEBNo9P

On February 4, 2023, you received an alert that the target address was moving cryptocurrency to different wallets. Based on this information, answer the following questions using an advanced blockchain analytical tool: 

(NOTE – CT PRO USE THE TRACER FEATURE ONLY AND SET A DATE FILTER OF FEBRUARY 4, 2023)

  1. Identify the name of two Dark Web Marketplaces the target conducted direct or indirect (routing) transactions with (NOTE – CT PRO – Use Bot Trace After Searching the Address - USE CONTROL F and search key words)

     
  2. Identify the name of at least four Gambling-related websites the target may have used to launder his illicit proceeds (NOTE – CT PRO – Use Bot Trace After Searching the Address)

 

  1. On 2023-02-04 01:14:57 the target engaged in a wallet hop and moved 0.851 BTC to a new wallet. Trace the movement of the BTC and attempt to identify a potential exchange used to cash out the cryptocurrency. (NOTE – BECAUSE THIS IS A PROACTIVE DARK WEB INVESTIGATION YOU MAY CONSIDER TRACING THE CHANGE ADDRESS WHEN THE CHANGE ADDRESS IS NOT THE SAME ON THE INPUT AND OUTPUT SIDE.  IF THE CHANGE ADDRESS IS NOT IDENTIFIED, CONSIDER TRACING BOTH OUTPUTS.  

Document the last four of the transaction hash, the target address, and the exchange deposit address that you would use to prepare a legal process to the exchange for account information.  Ensure that you can articulate exactly why you believe there is probable cause that the illicit proceeds were sent to the exchange that you identified.

 

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.