Blockchain.info's SharedSend Considered Harmful

As a side detail to today's news that Secret Service agent Shaun Bridges's 2016 re-arrest was due to a post-plea theft of $720k in bitcoins & preparations to flee , v. Bridges, emergency motion exhibit B, pg21-23 reveals that Blockchain.info's notoriously broken 'mixer' SharedSend is also broken in practice:

The BTC-e user, brainstein.gustaf@outlook.com, utilized numerous TOR exit node IPs and a transaction history for incoming and outgoing transactions was provided by BTC-e. I analyzed the BTC-e account history associated with brainstein.gustaf@outlook.com and determined that between July 26, 2015 and September 29, 2015, the user of this account liquidated this account through a series of withdrawals to the following addresses:

...

Based on this information, I utilized additional clustering tools in order to determine whether these transactions were funneled through bitcoin services that would identify the user. I determined that the bitcoins withdrawn from the BTC-e account registered to brainstein.gustaf@outlook.com were deposited into a bitcoin tumbling service called SharedCoin. SharedCoin works through a series of transactions that mix coins with those of other individuals, as well as coins belonging to SharedCoin. This masks where the coins came from or were sent to. SharedCoin works through a series of transactions (5 to 20), mixing coins with a stream of transactions from other users, as well as internal coins that are held by SharedCoin. Based on the complexity of these transactions, I worked with an expert in the field of blockchain analysis and determined that at least 438.9714 bitcoins from the original coins that were taken from 5jj9 were eventually deposited into 1Gk8snMx7tiL391963HBpTohTvC7Dcdkhr on December 15, 2015. Note that this was after Bridges had entered his guilty plea and was still out of custody on release conditions. As late as January 11, 2016, these coins were still being actively laundered through SharedCoin.


Comments


[4 Points] None:

Damnit they are going through every last byte of that server. Will it ever end?


[2 Points] Hi_Im_New_Here___:

Gwern, you are a badass and I am far from being in a position to question your analysis, and even your writing ability.

Just a quick note that your date in the last sentence is off. It should be January 11, 2016 and not 2015.

Cheers mate! Thank you for your analysis and for posting this.


[1 Points] Ethereality_DNM:

Thank you for the work you do gwern. You truly are saving lives.


[1 Points] AutoModerator:

Please always verify e-mails via Grams InfoDesk and also always encrypt your info with the vendors PGP-key.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.