Index

  • 51% attack, 41
  • A
  • addresses
    • change addresses, 177–181
      • Ethereum, 190–191
    • clusters, 181–182, 184
    • ether value, 155
    • Ethereum, change addresses, 190–191
    • filtering multiple, 151
    • Googling, 188
    • graphing, 183
    • history, 82–83
      • exporting, 149–150
    • multi-signature transactions, 157
    • output, 177
    • owners, 178–181
    • private keys, 70
    • public keys and, 70
    • recovered, transaction history, 147–148
    • searches, automated, 135–136
    • temporal patterns, 156–160
    • transactions and, 69
    • unpeeling, 233
    • UTXOs, 74
    • vanity addresses, 83–85, 155
    • wallet addresses, 185
  • Adleman, Leonard, 23
  • AES-256-CBC encryption, 167–168
  • Agent Ransack, 127–130, 134, 137
  • algorithms
    • elliptic curve, 28–29
    • Extended Euclidean Algorithm, 25
    • hashing, MD5, 16–17
  • anonymity, Monero and, 214
  • anonymous data transmission, cover wallets and, 106
  • API (application programming interface), 63
  • ASICs (application specific integrated circuits), 5
    • mining, 88
  • asset seizure, 137–138, 256
    • online wallets, 265
    • private key import, 261–262
    • security, 263–265
    • storage, 263–265
    • without cashing out, 258–259
  • asymmetric cryptography, 23
  • attacks, 51%, 41
  • AXIOM, 131
  • C
  • calculated tables, wallets, encrypted, 167
  • cashing out, 256. See asset seizure
    • converting coins to fiat currency, 257
    • insurance, 257
    • process, 258
    • secure storage, 257
    • seizing without cashing out, 258–259
    • valuation fluctuations, 257
  • Chainalysis, 117, 214
    • clusters, 232–233
  • chainz.cryptoid.info, 187
  • change addresses, 177–181
    • Ethereum, 190–191
  • Chaum, David, 7
  • civil forfeiture. See asset seizure
  • click blindness, 182
  • click happy, 182
  • clustering
  • Cocks, Clifford, 23
  • Cohen, Chris, 135
  • coin transactions, 189–190
  • Coinbase, 97
  • coinlib.io/exchanges, 234
  • Coinpayments, 97
  • coins
    • seizing, 255
    • spending, 71–73
  • cointmarketcap.com, 9
  • cold wallets, 98–99
  • commercial visualization systems, 214
  • commission scam, mining, 92
  • computer forensics, 16
  • contracts, 109
    • bonded, 110
    • creating, 110
    • escrow transactions, 110
    • Ethereum, 110–112, 189–190
    • multi-signature, 110
    • nLockTime and, 110
    • third-party arbitration, 110
  • covert wallets, 105–107
  • crypto prefix, 6–7
  • cryptocurrency
    • building
      • ledger, 32–33
      • mining, 34–35
    • Dash, 8
    • definition, 3–4, 6
    • Ethereum, 8
    • exchanges, 227
    • Litecoin, 8
    • Monero, 8
    • origination questions, 5
    • physical manifestation, 6
    • Ripple, 8, 68
    • theft, 269
    • trading, 6
    • Zcash, 8
  • cryptocurrency crimes
    • cryptocurrency theft, 269
    • extortion, 270
    • illegal goods purchase, 268
    • illegal goods sales, 268–269
    • kidnap, 270
    • money laundering, 269–270
  • cryptography
    • asymmetric, 23
    • ECC (Elliptic Curve Cryptography), 28–31
    • Elliptic Curve cryptography, 7
    • RSA, 23–28
  • cryptoviruses, WannaCry, 192
  • currency
    • bank note analogy, 68
    • Rai coins, 4–6
    • stones of Yap islands, 3–6
    • token analogy, 6–7
  • D
  • Dapp, 244
  • dark web searches, 237–341
  • Dash, 8
  • data analysis
    • API, 150–151
    • Ethereum, extracting raw, 154–155
    • exporting data, 149–150
    • filtering, 149–151
    • investigations and, 148
    • literal data, 148
  • data packets, intercept and, 246
  • decryption, 22–23
    • lifecycle, 23
  • deterministic wallets, 103
  • dictionary attack, wallets, encrypted, 167
  • difficulty target, 46–47
  • Diffie, Whitfield, 22
  • Digicase, 7
  • digital forensics, 16
  • E
  • ECC (Elliptic Curve Cryptography), 28–31
  • e-currency, 7
  • E-Gold, 7–8
  • Electrum software wallet
    • asset seizure and, 259–261
    • private key import, 261–262
    • seeds, 124
  • Elliptic, 117, 214
    • clusters, 232–233
  • elliptic curve algorithm, 28–29
  • Elliptic Curve cryptography, 7
  • Ellis, James, 23
  • EnCase, 130, 131
  • encryption
    • AES-256-CBC, 167–168
    • decryption, 22–23
    • Diffie, Whitfield, 22
    • Enigma machines, 22
    • Hellman, Martin, 22
    • lifecycle, 23
    • private key, 21–22
    • public key, 21–22
    • Roman Caesar cyphers, 22
    • wallets
      • brute force, 167
      • BTCRecover, 167, 168–169
      • calculated tables, 167
      • dictionary attack, 167
      • master key attack, 167, 168
      • password recovery, 168
      • seed recovery, 169
  • endianess, hexadecimal
    • Big Endian, 49
    • Internal Byte Order, 50–52
    • Little Endian, 50, 52
  • endpoints, intercept and, 246
  • Enigma, the Battle for the Code (Sebag-Montfiore), 22
  • Enigma machines, 22
  • enumerating transactions, 55–57
  • ERC-20 tokens, 112
  • escrow transactions, contracts and, 110
  • Ethereum, 7, 8, 61
    • address monitoring, 196–197
    • addresses
      • change addresses, 190–191
      • ether value, 155
    • Ethos token, 191–192
    • fork, 59
    • mixhash, 62
    • nonce, 62
    • number, 62
    • ommersHash, 62
    • parenthash, 62
    • timestamps, 62, 160–161
    • tokens, 112–116
    • transactions
      • contract as agreement, 191
      • contract that transacts token, 191
      • contract that triggers another, 190–191
      • differences and, 189–192
      • following, 189–192
      • gas, 85–86
      • value, 190
  • etherscan.io, 86, 154–155, 189, 201–202
    • Maltego
      • address details, 209
      • To Addresses [*Received from], 210
      • To Addresses [*Sent from], 210
      • Bitcoin Address, 208
      • Bitcoin Transaction, 208
      • clustered input addresses, 211
      • commercial version, 206
      • Community version, 206
      • CSV file export, 212
      • Detail View pane, 209
      • downloading, 206
      • entities, 206
      • graphs, 207–208
      • importing data, 211
      • To INPUT Addresses, 208
      • To IP Address of First Relay, 208
      • To OUTPUT Addresses, 208, 209
      • Taint Analysis, 209
      • transaction ID value, 208
      • To Transactions [where address was an input], 210
      • To Transactions [where address was an output], 210
      • Transform Hub, 209
      • Transform Servers, 207
      • transforms, 206–209
      • To Website, 207
    • Numisight
      • Addresses tab, 204
      • Canvas tab, 204
      • Coins tab, 204
      • Data tab, 204
      • Expand Inputs, 205
      • Expand Outputs, 205
      • graph, 203, 204
      • payments, 205
      • Public Alpha release, 202
      • transactions, 203, 205
      • Transactions tab, 204
    • token search and, 113–114
  • Ethos token, 191–192
  • Excel, timestamps and, 158–159
  • exchange fraud, mining, 92
  • exchanges, 227
    • unpeeling, 233
  • Extended Euclidean Algorithm, 25
  • extortion, 270
  • F
  • filtering data, 149–151
    • IP addresses, 220
  • FIs (Financial Investigators), 255
  • forks, 58–59
    • Bitcoin Cash fork, 42
    • hard forks
      • Bitcoin Cash, 59
      • Ethereum, 59
    • orphan forks, 41, 58–59
    • soft forks, 60
      • SegWit, 70
  • freezing assets. See asset seizure
  • FTK (Forensic Toolkit), 130, 131
  • Full Node wallet, 96
  • G
  • genesis block, 58
  • GPUs (Graphical Processing Units), 20
  • graphing address information, 183
  • H
  • hard forks
    • Bitcoin Cash, 59
    • Ethereum, 59
  • hardware
    • mining and, 88
    • wallets, 100
      • Keepkey, 97
      • Ledger Nano S, 97
      • Trezor Wallet, 97
  • hashing, 16
    • bits, 17
    • bytes, 17
    • detecting files, 17
    • kilobytes, 17
    • nibbles, 17
    • one-way hash, 17
    • password storage and, 18–19
    • passwords, SHA256 and, 19
    • SHA256 algorithm, 19–21
  • hashing algorithms
    • MD5, 16–17
    • RIPEMD, 17
    • SHA, 17
    • SHA256, 17
  • Hellman, Martin, 22
  • hex converters, 53–54
  • hex editors, Bitcoin version 2, 51
  • hex readers, 47–48
  • hexadecimal values, 18
    • deconstructing, 47–48
      • JSON, 81–82
    • endianess
      • Big Endian, 49
      • Internal Byte Order, 50–52
      • Little Endian, 50, 52
    • raw, transactions and, 79–81
  • hierarchical wallets, 103
  • Hoelzer, Dave, 17
  • Httrack, 127–130
  • hunch.ly, 239
  • HxD reader, 47–48
  • I
  • ICOs (initial coin offerings), 39, 112–116
    • fraud, 115–116
  • illegal goods purchase and sales, 268–269
  • imaging RAM, 136–137
  • input address, blockchain.info, 200–201
  • intercept, 246
    • Bitcoin nodes, 247–248
    • data packets and, 246
    • legislation, 246
    • thin clients, 246–247
    • WiFi-based traffic, 249
    • wiretaps, 246
  • Internal Byte Order, 50–52
    • Merkle root, 52
  • investigations
    • data analysis, 148
    • live computers
      • asset seizure, 137–138
      • documentation, 138
      • export from bitcoin daemon, 140–143
      • Notepad++, 138–139
      • wallet data extraction, 144–145
      • wallet file, 138–140
    • online searches, 125–130
    • open-source intelligence gathering, 235–236
    • premises search, 120–121
      • paper print out, 122
      • printed e-mail, 122
      • questioning, 124–125
      • sticky notes, 122
      • targets, 121–124
      • wallet cards, 122
      • white boards, 122
  • investopedia.com, 8
  • IP addresses
    • tracing, 217–218
      • exchanges, 227
      • filtering, 220
      • JSON, 220–221
      • online stores, 227
      • online wallets, 228
      • proxies, 229–231
      • to service provider, 231–235
      • storage, 226–228
      • thin clients, 228
      • Tor network, 226, 228–229
      • VPNs (Virtual Private Networks), 229–231
    • transactions, 218–219
  • ipqualityscore.com, 230
  • J
  • Jaxx, 97
  • JSON (JavaScript Object Notation), 63
    • address balance, raw, 150–151
    • data extraction, 81–82
    • IP addresses, 220–221
  • K
  • Kaminsky, Dan, 219
  • Keepkey, 97
  • kidnapping, 270
  • kilobytes, 17
  • L
  • Latchman, Haniph, 16
  • Laundry, 238
  • ledger, 40
    • building currency and, 32–33
  • Ledger Nano S, 97
  • LEGO analogy of blockchains, 41–42
  • Litecoin, 8
  • literal data, 148, 172
  • Little Endian, 50, 52
  • localbitcoins.com, 231–232
  • locking transactions, 110
  • M
  • master key attack, wallets, encrypted, 167, 168
  • MD5 algorithm, 16–17
    • Chinese researchers, 17
  • megabytes, 18
  • memory dumps, 136–137
  • mempool, 40, 69, 76–77
  • Merkle root, 44–45, 51
  • messages
    • embedding, 242
    • micromessages, 241–244
  • metadata, addresses, 148
  • micromessages, 241–244
  • millisecond converters, 224
  • mining, 5
    • building, 34–35
    • Chinese companies, 88
    • Ethereum, 40
    • fraud
      • commission scam, 92
      • exchange fraud, 92
      • misleading promises, 93
      • private key phishing, 92
      • software miners, 92
      • stealing power, 93
    • hardware, 88
    • open-air crates, 88
    • pools, 90–91
    • proof-of-stake, 90
    • proof-of-work, 89–90
    • rigs, 88
    • timing, 89
    • transactions and, 40
    • validators, 90
  • misleading promises, mining, 93
  • Mixer, 238
  • Monero, 8, 88
    • anonymity, 214
  • money laundering, 269–270
  • monitoring addresses
  • multi-signature contracts, 110
  • multi-signature transactions, 71, 110
    • addresses, 157
  • Musk, Elon, PayPal, 7
  • MyEtherWallet, 97
  • N
  • Nakamoto, Satoshi, 57, 110
  • nibbles, 17
  • NickCoin, 32–34, 36, 87
  • nLockTime, 110
  • nonces, block header, 46–47
  • nondeterministic wallets, 102–103
  • notetaking, 176
  • P
  • P2PKH (Pay-to-Public-Key-Health) transactions, 71
  • P2SH (Pay-to-Script-Hash) transactions, 71
  • paper wallets, 100–101
  • passwords
    • brute-forcing, 20
    • BTCRecover and, 168–170
    • hashing, 19–20
    • password lists search, 170
    • storage, 18–19
    • typo map, 171
  • pattern-based online searches, 127–130
  • PayPal, 7
  • peer-to-peer network, 219
  • Poloniex, 233–234
  • premises search, 120–121
    • questioning, 124–125
    • targets, 121
      • private keys, 122–124
      • public addresses, 122
  • private keys, 21–22
    • addresses, 70
    • asset seizure and, 261–262
    • extracting
    • formats, 123
    • investigation and, 122
    • offline storage, 98
    • phishing, mining, 92
    • public key generation, 24–25
    • seeds, 124
    • wallet analysis, 166–167
  • proceeds of crime appropriation. See asset seizure
  • proof-of-stake, 90
  • proof-of-work, 89–90
  • proxy networks, IP addresses, 229–231
  • public addresses, investigation and, 122
  • public keys, 21–22
    • addresses and, 70
    • Bitcoin addresses, 24
    • extracting
    • generating by private key, 24–25
    • number of keys, 71
  • public/private key address pairs, 98
  • Python
    • hex conversion, 54
    • Requests, 152–153
    • unspent_n script, 153
  • Q
  • questioning, investigations and, 124–125
  • R
  • Rai coins, 4–6
  • RAM (random access memory), imaging for recoverable data, 136–137
  • raw transactions, 79–81
  • regular expressions in searches, 127–130
  • Requests (Python), 152–153
  • RIPEMD algorithm, 17
  • Ripple, 8, 68
  • Rivest, Ron, 23
  • Roman Caesar cyphers, 22
  • Roose, Kevin, 115
  • RSA cryptography, 23–28
  • S
  • Satoshi, 155
  • ScriptPubKey, 77–79
  • scripts
    • address monitoring, 194–196
    • pay-to-hash transactions, 110
  • ScriptSig, 77–79
  • searches, automated, 135–136
  • SEC (Securities and Exchange Commission), ICO fraud, 115
  • seeds, 124
    • DNS Seeds, 224–225
    • recovery support, 169
  • SegWit (Segregated Witness) fork, 70
  • seized computers, key extraction
    • address search automation, 135–136
    • commercial tools, 130–131
    • memory dumps, 136–137
    • wallet file, 131–134
  • seizing assets, 256. See also asset seizure
  • seizing coins, 255
  • service providers, tracing IP addresses to, 231–235
  • SHA algorithm, 17
  • SHA256 algorithm, 17, 87
    • Bitcoin, 18
    • hashing and, 19–21
  • SHA256 hashing, Bitcoin and, 7
  • Shamir, Adi, 23
  • site modifier, 127
  • sniffers
    • Bitcoin P2P Network Sniffer, 247–248
    • WiFi-based traffic, 249
    • wired data, 248–254
  • soft forks, 60
    • Segregated Witness, 70
  • software miners, 92
  • software wallets, 100
    • Coinbase, 97
    • Coinpayments, 97
    • Full Node, 96
    • Jaxx, 97
    • MyEtherWallet, 97
    • Online Node, 96
    • Thin Node, 96
  • stacks, 78
  • stealing power, mining, 93
  • T
  • targets of investigation, premises search, 121
    • private keys, 122–124
    • public addresses, 122
  • temporal patterns in addresses, clustering and, 156
  • thin clients
    • intercept and, 246–247
    • IP addresses, 228
  • Thin Node wallet, 96
  • third-party arbitration contracts, 110
  • time zones, 156
  • timestamps, 45–46, 156–157
    • Ethereum, 160–161
    • Excel and, 158–159
  • token analogy, 6–7
  • tokens
  • Tor Browser, 238
  • Tor network, 226, 228–229
    • dark web and, 237–341
  • torstatus.blutmagie.de, 229
  • tracing IP addresses, 217–218
    • exchanges, 227
    • filtering, 220
    • JSON, 220–221
    • online stores, 227
    • online wallets, 228
    • proxies, 229–231
    • to service provider, 231–235
    • storage, 226–228
    • thin clients, 228
    • Tor network, 226, 228–229
    • VPNs (Virtual Private Networks), 229–231
  • trades. See transactions
  • trading cryptocurrency, 6
  • transactions, 67–68
    • addresses, 69
      • change addresses, 177–181
      • clusters, 181–182
      • clusters, 184
      • graphing, 183
      • inputs, 178–181
      • owners, 178–181
      • view all transactions, 152
      • wallet addresses, 185
    • blocks, 40
    • coin, 189–190
    • contract, 189–190
    • enumerating, 55–57
    • Ethereum
      • coin, 189–190
      • contract, 189–190
      • differences in, 189–192
      • following, 189–192
      • gas, 85–86
      • types, 190–191
    • graph, 40–41
    • history, 147–148
      • exporting, 149–150
      • filtering, 149–151
    • inputs, 74
    • IP addresses, 218–219
    • locking, 110
    • mempool, 40, 69, 76–77
    • messages, embedding, 242
    • multi-signature, 71, 110
      • addresses, 157
    • outputs, 74
    • P2PKH (Pay-to-Public-Key-Health), 71
    • P2SH (Pay-to-Script-Hash), 71
    • raw addresses, 153
    • raw hex, 79–81
    • scripts, 73
      • ScriptPubKey, 77–79
      • ScriptSig, 77–79
    • spent state, 73
    • states, 73
    • timestamps, 156–157
      • Excel and, 158–159
    • unspent state, 73
  • Trezor Wallet, 97
  • TXIDs (transaction IDs), 44
  • U
  • UNIX, timestamp, 45–46
  • unpeeling, 233
  • UTXOs, 74
  • X
  • X-Ways, 130
  • Y
  • Yap island stone currency, 4–6
  • Yeow, Addy, 219
  • Z
  • ZCash, 8, 88
    • encryption, 246
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.138.35.193