The Federal Bureau of Investigation has become increasingly concerned over the usage of the mostly-anonymous payment network Bitcoin by hackers and cybercriminals, according to an unclassified report obtained by Wired this week.
The report, “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity,” (.PDF) was published on April 24, but surfaced on the internet Wednesday.
In it, the FBI details how individuals use the service, stressing that its decentralized, peer-to-peer structure makes it an appealing payment option for criminals. The FBI also expresses concern that law enforcement could have a difficult time tracking user activity on the platform.
“Since Bitcoin does not have a centralized authority, law enforcement faces difficulties detecting suspicious activity, identifying users, and obtaining transaction records – problems that might attract malicious actors to Bitcoin,” the report reads.
The report cites several examples of such ‘malicious actors’, including a cyber criminal the FBI found last year who was selling a Zeus botnet Trojan and accepting Bitcoin as a payment and another incident in which a Lulzsec member used Bitcoin to purchase a botnet.
The limitations of Bitcoin’s anonymity are covered as well, as a 2011 study by researchers from the University College of Dublin, Ireland is referenced that found that by examining transaction records and public-private keys, law enforcement could link some public information about actual Bitcoin users to their accounts.
This is the first time that the FBI has issued anything close to an assessment on the up and coming cash system that relies on users to exchange virtual ‘Bitcoins,’ along with digital signatures to conduct their transactions.
According to the website Exchangerates24.com, one Bitcoin currently trades for $5.06.
The theft of Bitcoins from other users’ Bitcoin accounts continues to be a problem as well. A compromise at Linode, a Linux-based cloud provider late last year opened the Bitcoin wallets of eight customers, yielding upwards to $14,000 to hackers.