THE NSA WORKED TO

“TRACK DOWN” BITCOIN

USERS, SNOWDEN
DOCUMENTS REVEAL
Sam Biddle

March 20 2018, 8:22 a.m.

LEIA EM PORTUGUÊS

INTERNET PARANOIACS DRAWN to bitcoin have long

indulged fantasies of American spies subverting the booming,
controversial digital currency. Increasingly popular among get-rich-
quick speculators, bitcoin started out as a high-minded project to
make financial transactions public and mathematically verifiable
— while also offering discretion. Governments, with a vested interest
in controlling how money moves, would, some of bitcoin’s fierce
advocates believed, naturally try and thwart the coming techno-
libertarian financial order.
It turns out the conspiracy theorists were onto something. Classified
documents provided by whistleblower Edward Snowden show that
the National Security Agency indeed worked urgently to target
bitcoin users around the world — and wielded at least one mysterious
source of information to “help track down senders and receivers of
Bitcoins,” according to a top-secret passage in an internal NSA report
dating to March 2013. The data source appears to have leveraged the
NSA’s ability to harvest and analyze raw, global internet traffic while
also exploiting an unnamed software program that purported to offer
anonymity to users, according to other documents.
Although the agency was interested in surveilling some competing
cryptocurrencies, “Bitcoin is #1 priority,” a March 15, 2013 internal
NSA report stated.

The documents indicate that “tracking down” bitcoin users went well
beyond closely examining bitcoin’s public transaction ledger, known
as the Blockchain, where users are typically referred to through
anonymous identifiers; the tracking may also have involved gathering
intimate details of these users’ computers. The NSA collected some
bitcoin users’ password information, internet activity, and a type of
unique device identification number known as a MAC address, a
March 29, 2013 NSA memo suggested. In the same document,
analysts also discussed tracking internet users’ internet addresses,
network ports, and timestamps to identify “BITCOIN Targets.”
The agency appears to have wanted even more data: The March 29
memo raised the question of whether the data source validated its
users, and suggested that the agency retained bitcoin information in a
file named “Provider user full.csv.” It also suggested powerful search
capabilities against bitcoin targets, hinting that the NSA may have
been using its XKeyScore searching system, where the
bitcoin information and wide range of other NSA data was cataloged,
to enhance its information on bitcoin users. An NSA
reference document indicated that the data source provided “user
data such as billing information and Internet Protocol addresses.”
With this sort of information in hand, putting a name to a given
bitcoin user would be easy.
Pages From OAKSTAR Weekly 2013 03 295 pages

The NSA’s budding bitcoin spy operation looks to have been enabled
by its unparalleled ability to siphon traffic from the physical cable
connections that form the internet and ferry its traffic around the
planet. As of 2013, the NSA’s bitcoin tracking was achieved through
program code-named OAKSTAR, a collection of covert corporate
partnerships enabling the agency to monitor communications,
including by harvesting internet data as it traveled along fiber optic
cables that undergird the internet.
Specifically, the NSA targeted bitcoin through MONKEYROCKET,
a sub-program of OAKSTAR, which tapped network equipment to
gather data from the Middle East, Europe, South America, and Asia,
according to classified descriptions. As of spring 2013,
MONKEYROCKET was “the sole source of SIGDEV for the BITCOIN
Targets,” the March 29, 2013 NSA reportstated, using the term for
signals intelligence development, “SIGDEV,” to indicate the agency
had no other way to surveil bitcoin users. The data obtained through
MONKEYROCKET is described in the documents as “full take”
surveillance, meaning the entirety of data passing through a network
was examined and at least some entire data sessions were stored for
later analysis.
At the same time, MONKEYROCKET is also described in the
documents as a “non-Western Internet anonymization service” with a
“significant user base” in Iran and China, with the program brought
online in summer 2012. It is unclear what exactly this product was,
but it would appear that it was promoted on the internet under false
pretenses: The NSA notes that part of its “long-term strategy” for
MONKEYROCKET was to “attract targets engaged in terrorism,
[including] Al Qaida” toward using this “browsing product,” which
“the NSA can then exploit.” The scope of the targeting would
then expand beyond terrorists. Whatever this piece of software was, it
functioned a privacy bait and switch, tricking bitcoin users into using
a tool they thought would provide anonymity online but was actually
funneling data directly to the NSA.
The hypothesis that the NSA would “launch an entire operation
overseas under false pretenses” just to track targets is “pernicious,”
said Matthew Green, assistant professor at the Johns Hopkins
University Information Security Institute. Such a practice could
spread distrust of privacy software in general, particularly in areas
like Iran where such tools are desperately needed by dissidents. This
“feeds a narrative that the U.S. is untrustworthy,” said Green. “That
worries me.”
The NSA declined to comment for this article. The Bitcoin
Foundation, a nonprofit advocacy organization, could not
immediately comment.

This “feeds a narrative that the

U.S. is untrustworthy.”
ALTHOUGH IT OFFERS many practical benefits and advantages
over traditional currency, a crucial part of bitcoin’s promise is its
decentralization. There is no Bank of Bitcoin, no single entity that
keeps track of the currency or its spenders. Bitcoin is often
misunderstood as being completely anonymous; in fact, each
transaction is tied to publicly accessible ID codes included in the
Blockchain, and bitcoin “exchange” companies typically require
banking or credit card information to convert Bitcoin to dollars or
euros. But bitcoin does offer far greater privacy than traditional
payment methods, which require personal information up to and
including a Social Security number, or must be linked to a payment
method that does require such information.
Furthermore, it is possible to conduct private bitcoin transactions
that do not require exchange brokers or personal information.
As explained in the 2009 white paper launching bitcoin, “the public
can see that someone is sending an amount to someone else, but
without information linking the transaction to anyone.” For bitcoin
adherents around the world, this ability to transact secretly is part of
what makes the currency so special, and such a threat to the global
financial status quo. But the relative privacy of bitcoin transactions
has naturally frustrated governments around the world and law
enforcement in particular — it’s hard to “follow the money” to
criminals when the money is designed to be more difficult to
follow. In a November 2013 letter to Congress, one Homeland
Security official wrote that “with the advent of virtual currencies and
the ease with which financial transactions can be exploited by
criminal organizations, DHS has recognized the need for
an aggressive posture toward this evolving trend.”
Green told The Intercept he believes the “browsing product”
component of MONKEYROCKET sounds a lot like a virtual private
network, or VPN. VPNs encrypt and reroute your internet traffic to
mask what you’re doing on the internet. But there’s a catch: You have
to trust the company that provides you a VPN, because they provide
both software and an ongoing networking service that potentially
allows them to see where you’re going online and even intercept some
of your traffic. An unscrupulous VPN would have complete access to
everything you do online.
Emin Gun Sirer, associate professor and co-director of the Initiative
for Cryptocurrencies and Contracts at Cornell University, told The
Intercept that financial privacy “is something that matters incredibly”
to the bitcoin community, and expects that “people who are privacy
conscious will switch to privacy-oriented coins” after learning of the
NSA’s work here. Despite bitcoin’s reputation for privacy, Sirer
added, “when the adversary model involves the NSA, the
pseudonymity disappears. … You should really lower your
expectations of privacy on this network.”

“People who are privacy conscious

will switch to privacy-oriented
coins.”
Green, who co-founded and currently advises a privacy-focused
bitcoin competitor named Zcash, echoed those sentiments, saying
that the NSA’s techniques make privacy features in any digital
currencies like Ethereum or Ripple “totally worthless” for those
targeted.

The NSA’s interest in cryptocurrency is “bad news for privacy,

because it means that in addition to the really hard problem of
making the actual transactions private … you also have to make sure
all the network connections [are secure],” Green added. Green said
he is “pretty skeptical” that using Tor, the popular anonymizing
browser, could thwart the NSA in the long term. In other words, even
if you trust bitcoin’s underlying tech (or that of another coin), you’ll
still need to be able to trust your connection to the internet — and if
you’re being targeted by the NSA, that’s going to be a problem.

NSA documents note that although MONKEYROCKET works by

tapping an unspecified “foreign” fiber cable site, and that data is
then forwarded to the agency’s European Technical Center in
Wiesbaden, Germany, meetings with the corporate partner that made
MONKEYROCKET possible sometimes took place in Virginia.
Northern Virginia has for decades been a boomtown for both the
expansive national security state and American internet behemoths
— telecoms, internet companies, and spy agenciescall the area’s
suburbs and office parks home.
Liberty Reserve website name seizure notice.

Screenshot: Liberty Reserve

BITCOIN MAY HAVE been the NSA’s top cryptocurrency target,

but it wasn’t the only one. The March 15, 2013 NSA report detailed
progress on MONKEYROCKET’s bitcoin surveillance and noted that
American spies were also working to crack Liberty Reserve, a far
seedier predecessor. Unlike bitcoin, for which facilitating drug deals
and money laundering was incidental to bigger goals, Liberty Reserve
was more or less designed with criminality in mind. Despite being
headquartered in Costa Rica, the site was charged with running a $6
billion “laundering scheme” and triple-teamed by the U.S.
Department of Justice, Homeland Security, and the IRS, resulting in
a 20-year conviction for its Ukrainian founder. As of March 2013 —
just two months before the Liberty Reserve takedown and indictment
— the NSA considered the currency exchange its No. 2 target, second
only to bitcoin. The indictment and prosecution of Liberty Reserve
and its staff made no mention of help from the NSA.
“The government should not be
hiding the true sources for its
evidence.”
Just five months after Liberty Reserve was shuttered, the feds turned
their attention to Ross Ulbricht, who would go on to be convicted as
the mastermind behind notorious darkweb narcotics market Silk
Road, where transactions were conducted in bitcoin, with a cut going
to the site’s owner. Ulbricht reportedly held bitcoins worth $28.5
million at the time of his arrest. Part of his unsuccessful defense was
the insistence that the FBI’s story of how it found him did not add up,
and that the government may havediscovered and penetrated the Silk
Road’s servers with the help of the NSA — possibly illegally. The
prosecution dismissed this theory in no uncertain terms:
Having failed in his prior motion to dismiss all of the Government’s
charges, Ulbricht now moves this Court to suppress virtually all of the
Government’s evidence, on the ground that it was supposedly
obtained in violation of the Fourth Amendment. Ulbricht offers no
evidence of any governmental misconduct to support this sweeping
claim. Instead, Ulbricht conjures up a bogeyman – the National
Security Agency (“NSA”) – which Ulbricht suspects, without any
proof whatsoever, was responsible for locating the Silk Road server,
in a manner that he simply assumes somehow violated the Fourth
Amendment.
Though the documents leaked by Snowden do not address whether
the NSA aided the FBI’s Silk Road investigation, they show the
agency working to unmask bitcoin users about six months before
Ulbricht was arrested, and that it had worked to monitor Liberty
Reserve around the same time. The source of the bitcoin and Liberty
Reserve monitoring, MONKEYROCKET, is governed by an overseas
surveillance authorityknown as Executive Order 12333, the language
of which is believed to giveU.S. law enforcement agencies wide
latitude to use the intelligence when investigating U.S. citizens.
Civil libertarians and security researchers have long been concerned
that otherwise inadmissible intelligence from the agency is used to
build cases against Americans though a process known as “parallel
construction”: building a criminal case using admissible evidence
obtained by first consulting other evidence, which is kept secret, out
of courtrooms and the public eye. An earlier investigation by The
Intercept, drawing on court records and documents from Snowden,
found evidence the NSA’s most controversial forms of surveillance,
which involve warrantless bulk monitoring of emails and fiber optic
cables, may have been used in court via parallel construction.
Patrick Toomey, an attorney with the ACLU’s National Security
Project, said the NSA bitcoin documents, although circumstantial,
underscore a serious and ongoing question in American law
enforcement:
If the government’s criminal investigations secretly relied on NSA
spying, that would be a serious concern. Individuals facing criminal
prosecution have a right to know how the government came by its
evidence, so that they can challenge whether the government’s
methods were lawful. That is a basic principle of due process. The
government should not be hiding the true sources for its evidence in
court by inventing a different trail.
Although an NSA document about MONKEYROCKET stated the
program’s “initial” concern was counterterrorism, it also said that
“other targeted users will include those sought by NSA offices such as
Int’l Crime & Narcotics, Follow-The-Money and Iran.” A March 8,
2013 NSA memo said agency staff were “hoping to use
[MONKEYROCKET] for their mission of looking at organized crime
and cyber targets that utilize online e-currency services to move and
launder money.” There’s no elaboration on who is considered a
“cyber target.”