NSA Was Tracking Down Bitcoin Users, Reveals Snowden Documents

Updated on

The booming and controversial crypto currency bitcoin has long been the subject of fantasies on American spies striking the digital currency or subverting it and the internet paranoiacs have been at it for long.  Bitcoin gained immense popularity among the get-rich-quick speculators as a project that involved sharp minds to lend financial transactions mathematically verifiable and public while offering discretion. On the other hand, Governments with vested interest in exercising control over how money moved, would naturally try to thwart the new financial order that was just about germinating, or that is what some of the fierce advocates of bitcoin believed.

Fantasies becoming reality

It now turns that the fantasies transitioned into reality as evidenced by classified documents that Edward Snowden, the famous whistleblower has now provided. These documents show that the NSA did indeed work on targeting bitcoin users across the globe urgently and used a mysterious source for information in tracking down receivers and senders of bitcoins. This is the information revealed in a top-secret passage forming part of an internal report of the NSA dating back to 2013 March. Further, it appears that the source of the data leveraged the ability of the NSA to harvest/analyze raw internet traffic across the globe and concurrently exploited a software as yet unnamed that purported to also offer anonymity to the users, going by other documents. The internal report of the NSA dated 15th March, 2013 stated that though the agency was keen on surveiling certain competing cryptocurrencies, Bitcoin was the top priority.

Tracking down gets deeper

The documents further indicate that ‘tracking down’ users of bitcoin went way beyond close examination of public transaction ledge o bitcoin, also known as the blockchain which typically refers users via anonymous identifiers. The tracking potentially also involved collecting intimate details of the computers these users employed.  The NSA also collected some password information of bitcoin users, their internet activity, and a kind of unique number to identify the device, known as MAC address as suggested by a NSA memo dated 29th March, 2013.  Analysts further discussed tracking internet addresses, internet users’ timestamps and network ports to identify ‘Bitcoin targets’.

Naming bitcoin user made easy

Apparently, the agency was looking for even more data. The memo dated 29th March also raised questions on whether the source of the data validated the users and further suggested that bitcoin information was retained by the agency in a file called “Provider user full.csv” It further suggested powerful capabilities I searches against the bitcoin targets, potentially hinting that the agency could have been deploying the XKeyScore search system which cataloged bitcoin information as well as a wide array of other data of the NSA to enhance the information it had on bitcoin users.  A reference document of the NSA further indicated that data source revealed user data like IP address, billing information etc. It gets pretty easy to name a bitcoin user with this kind of information at hand.

The NSA’s spy operation on bitcoin appears to have been supported by its enormous ability to siphon off traffic from the cable connections that form the basis of internet and ferry such traffic around the globe. In 2013, the bitcoin tracking program of NSA was achieved with the help of program code-named as OAKSTAR, and a consortium of covert partnerships with the corporate world which enabled the NSA to monitor all communications including harvesting of internet data as it traversed the fiber optic cables.


More specifically, NSA used a sub-program called MONKEYROCKET to target bitcoin which helped in tapping network equipment and gather data from far off places like the Middle East, South America, Europe and Asia, going by the classified descriptions. In 2013, MONKEYROCKET was the singular source of SIGDEV for bitcoin targets.  The report dated 29th March, 2013 of the NSA states using SIGDEV as the term to refer signal intelligence development and indicated that the agency was left with no other means of surveillance on bitcoin users. “Full take” is the description given to the data obtained with the help of MONKEYROCKET and that description translates to surveillance meaning that all the data passing through a given network has been examined and that at least some whole data sessions have been stored for analysis later.

The NSA notes state further that part of a long term strategy for MONKEYROCKET included attracting targets involved in terrorism to use the ‘browsing product’ which could then be exploited by the NSA. Whatever the software, it functioned as a privacy switch and bait to lure bitcoin users to use a tool that they believed would give them anonymity online but was in fact funneling data straight to the NSA.

While the NSA declined to offer any comment on the article, the Bitcoin Foundation could not offer any comment immediately.

Article source: The Intercept

Leave a Comment

Signup to ValueWalk!

Get the latest posts on what's happening in the hedge fund and investing world sent straight to your inbox! 
This is information you won't get anywhere else!