Last week, U.S. Marshals sold off another 50,000 Bitcoins that used to belong to Silk Road founder Ross Ulbricht -- a.k.a. "Dream Pirate Roberts." Ulbricht was found guilty on all accounts last month, and faces up to life in prison.
The Silk Road was an online marketplace notorious for using Bitcoin to facilitate the trading of drugs, stolen credit card numbers, fake IDs, counterfeit money, hacking tools and other illegal goods.
But, as the criminals learned to their disadvantage, Bitcoin's security only goes so far -- and they're now starting to look at other, more anonymous payment systems.
"Bitcoin and the other cryptocurrencies create a ledger, a mechanism for recording every transaction that happens across this distributed network," said Carol Van Cleef, partner at the Albany-based lawfirm Manatt, Phelps & Phillips, LLP, co-chair of the firm's global payments group, and an expert in virtual currencies.
Every transaction is recorded and can be tracked. All law enforcement has to do is find a loose end, tug on it, and the entire chain comes unraveled.
In taking down Silk Road, for example, those loose ends were the physical locations that illegal goods were delivered to, and face-to-face meetings between participants. Law enforcement agents posed as customers, as drug buyers and sellers, and, in one instance, even staged torture and murder.
"There's a recognition that every transaction that hits the blockchain could ultimately be traced," said Van Cleef.
The process was helped along because authorities were able to grab Silk Road servers and Ulbricht's personal computer -- they waited until he had logged in before coming in and arresting him, so they were able to get easy access to his data.
It turns out, even criminal masterminds make plenty of mistakes.
Criminals using Bitcoin to collect ransoms -- such as the folks behind the latest cryptoransomware -- will also get caught, said Van Cleef.
"I think it's one of those situations where it's just a matter of time," she said. "If investigators stay with it long enough, they will discover the identity or the location of the people behind it."
However, she admitted that the process does take time, and the perpetrators might be gone by then.
And, in fact, when CrytoLocker was shut down last summer, its mastermind, Evgeniy Bogachev, had already retired and was able to evade capture. He is still on the FBI's Cyber's Most Wanted list. But his successor Sasha Panin, developer of the SpyEye malware tool kit, was arrested last spring.
To plug the digital security holes, cryptocurrency developers have been working on two main fronts. On the one hand, they've been trying to add layers of security to Bitcoin itself. The second, they've been developing alternative cryptocurrencies that are structured in such a way that transactions are more completely anonymous.
Sign up for Computerworld eNewsletters.