Three darknet services that were covertly reselling Bitcoin taint analysis technology from AMLBot have been taken offline, according to a recent report by KrebsOnSecurity. The services were found to be drawing data directly from AMLBot’s API, which can be purchased on a per-check or subscription basis.
While purchases from AMLBot – a Telegram bot – range from $0.50 for a single check to $1500 for an unlimited VIP period with API access, the darknet services could charge higher prices to customers who did not want to make purchases directly from the company itself. They accomplished this by simply passing on customer requests to their subscription with AMLBot and returning the output.
AMLBot managed to catch the darknet service operators by performing a thorough audit on sources utilizing their API, a practice they extend to every customer using their service. The service is meant to provide customers with a way of detecting KYC/AML risk associated with the history of the BTC in their address balances, checking its history against a “global database of sanctioned addresses” while “constantly monitor(ing) public and private sources, black lists of coins and wallets.”
Antianalysis – a site suspected in the report by KrebsOnSecurity of reverse engineering AMLBot’s technology – is sponsored by Incognito Market, a darknet market that launched in late 2020 that has experienced a relatively great deal of success. Antianalysis currently uses a closed-source, proprietary blend of analytical techniques borrowed from AMLBot and its own, which according to its owner requires “massive computational resources” to function. It presents additional benefits over AMLBot or other taint analysis services by being able to draw directly from the perspective of a darknet market operator.
Per the Antianalysis website, their goals include helping cryptocurrency users maintain a degree of privacy not offered by other, similar services.
“Our team believes, that in the current democratic world, every one last human being has the right to do whatever they want and possess complete overview of their privacy while not violating individual rights of others, not to mention the digital footprint on the public blockchain.” – Antianalysis, About section
The Antianalysis site itself, which also maintains a presence on Tor, has suffered minimal downtime, most recently recovering from its last incident on Sept. 3 of this year. The service switched from a pay-per-use model to free in February after changing its operation to rely entirely on their own data set, with algorithm updates taking place later that month. It was first announced on the Dread forum on Aug. 14, 2021 and has since become a go-to BTC taint analysis tool for not only darknet market users but blockchain privacy activists around the world.