Investigating Cryptocurrencies

Content
45 modules

Difficulty
Intermediate

Rating

Instructor
Nick Furneaux

Released
11 Mar 2019

Price
£1,050.00

Description

What Will You Learn

 

Cryptocurrencies in their many forms, based on the blockchain concept, are here to stay and will increasingly pervade the way people trade and create contracts with each other.  This already provides a significant challenge for investigators from many different fields who are increasingly being faced with transactions that appear anonymous and incomprehensible.

This course, developed by respected investigator and researcher, Nick Furneaux, is designed to take an investigator from a basic understanding of blockchain technologies through to being an expert in the field, able to confidently investigate transactions and give evidence on their findings.

During the course, we build and then play with a simple new cryptocurrency (NickCoin!) to understand all the basic concepts, even mining for new ‘coins’.  We learn about the underlying encryption and hashing algorithms used and what it teaches us about a transaction before setting up Wallets and understanding how transactions actually work.

Next, we learn how to find and extract addresses from paper wallets, computer disks/memory and the web.  Then we look at how to extract raw data from all the primary blockchains using their API’s and discover numerous techniques to de-anonymize users within the blockchain and even how to extract attributable Bitcoin addresses from a wiretap or seized device.  Lastly, we consider how to seize and protect Coins used in criminal activity.

We are not aware of any course currently available that digs this deep into the subject. Although we cover Bitcoin and Ethereum specifically, the skills taught should enable the investigator to figure out the process of examining any cryptocurrency.

Objectives

 

Course Goals

 

  1. To learn and fully understand the blockchain concept
  2. To be able to set up and run cryptocurrency accounts
  3. To be able to locate addresses on various media including carving from memory
  4. To be able to build information about a specific address
  5. To be able to cluster addresses to aid indentification
  6. For the student to be able to track transactions
  7. To enable the student to apply techniques to identify real world users in a transaction
  8. To understand the methodology for seizure of Coins
  9. To be able to explain the technology and your actions taken during the investigation
  10.  

     

    Course Content

     

    Why do investigators need to understand Cryptocurrencies?
     

    What is a cryptocurrency?


    A look at many of the current lead currencies in the field
     

    A detailed description of hashing as it applies to Cryptocurrencies, including the use of:
     

                SHA256

                Base58
     

    A detailed understanding of blockchain cryptography including:
     

                Public/Private Key encryption

                RSA cryptography

                Elliptic Curve cryptography

     

    Build, run and trade a pseudo-cryptocurrency (NickCoin!) in the classroom which will teach the basics of the distributed ledger, transactions, hashing and mining

     

    Comprehensive understanding of the blockchain including:

     

                Block structure

                Block headers

                Hashing and the Merkle Tree

                Forks – Hard and Soft

     

    Transactions

                Pulling raw data via API’s

                Breaking down a raw transaction

                How Change works

                How fees work

                What is the Mempool

     

    Mining – how it works

     

                The Proof-Of-Work concept

                The math’s behind it all

                Pools

     

    Wallets

                Non-Deterministic

                Deterministic

                Hierarchical Deterministic Wallets (HD)

                Hardware

                Mobile Devices

                Paper

     

     

    Scripting - Understanding:

     

    Bitcoin scripts

    Ethereum Contracts

                Tokens

                ICO’s

     

    Setting up a wallet

     

                Full node

                

     

    Investigations

     

    Detecting the use of cryptocurrency

     

                Premises search, what to look for

                            Paper based material

                            Hardware wallets

                            QR and Mnemonic Codes

     

    Open Source Intelligence methods to locate addresses

     

    Extracting information about a located address

     

                Using web based resources

                Using an API to get to the raw data

                Time analysis

                Searching for an address online

     

    Extracting Private and Public keys (addresses) from seized computers

                

                Searching a computer for addresses

                            From an image

                            From RAM

                            Working on a live computer

                            Exporting Wallets

                Searching for wallets in backups

     

    Opening and analyzing a recovered wallet

     

                Extracting all private and public keys

                Discovering what keys have been used

                            Batch address look ups

                Importing a 3rdparty public key

                Cracking an encrypted Wallet

     

     

    Following a transaction through the blockchain using online tools

                Aggregating addresses

                Following forked blocks

    Mixers

     

    Learning and applying address clustering techniques

                Identifying change addresses

                Identifying addresses owned by the same entity

     

    Blockchain Visualization systems:

     

                Online tools – 

    Blockchain graph

    Etherscan graph

    Maltego

                Numisight

     

     

    Automatically Monitoring Addresses 

     

    IP address location and enumeration

     

                IPs logged in the blockchain

                Crawling for IP addresses in full nodes

                Are they using a VPN?

                Are they using Tor?

                            Mapping nodes against Tor IP’s

     

    Tracking to a Service Provider

     

                Currency exchanges

                Traders

                Thin client server admins

     

    Using Open Source Methods

                            Investigating on the open web

                            Getting on the dark web

     

     

    Extracting Address and Transaction data via an Intercept

     

                Via Wifi monitoring

                Via Wired Intercept

     

    Detecting and decoding hidden micromessages

     

    Methodology for seizing Coins using extracted Private Keys

     

     

    Examples of crime

     

    Money laundering

     

    Illegal purchases

     

    Phishing

     

                For private keys

                For donations

     

    Hacking

                Change addresses on web site

     

    ICO fraud

     

    Scripting and possible vulnerabilities

     

     

    In depth, hands-on practical’s throughout the week.

     

     

    Requirements
     

    The student should have a reasonable understanding of investigation of online crimes, be computer literate and be comfortable with online researching.  A basicunderstanding of cryptography, databases and fraud may be useful.

Certificate

By completing/passing this course, you will attain the certificate Crypto-Currencies Cert

1
Introduction
{{ vm.helper.t('reports.module') }}
2
How do Cryptocurrencies work?
{{ vm.helper.t('reports.module') }}
3
How do Cryptocurrencies work? - Quiz
{{ vm.helper.t('courses.exam') }}
4
Maths
{{ vm.helper.t('reports.module') }}
5
Maths - Quiz
{{ vm.helper.t('courses.exam') }}
6
Let's Play a Game
{{ vm.helper.t('reports.module') }}
7
What is the Blockchain?
{{ vm.helper.t('reports.module') }}
8
What is the Blockchain? - Quiz
{{ vm.helper.t('courses.exam') }}
9
Understanding Mining
{{ vm.helper.t('reports.module') }}
10
What are Transactions?
{{ vm.helper.t('reports.module') }}
11
What are Transactions? - Quiz
{{ vm.helper.t('courses.exam') }}
12
Understanding Wallets
{{ vm.helper.t('reports.module') }}
13
Understanding Wallets - Quiz
{{ vm.helper.t('courses.exam') }}
14
Contracts and Tokens
{{ vm.helper.t('reports.module') }}
15
Finding Addresses
{{ vm.helper.t('reports.module') }}
16
Finding Addresses - Quiz
{{ vm.helper.t('courses.exam') }}
17
Seized Computers
{{ vm.helper.t('reports.module') }}
18
Seized Computers - Quiz
{{ vm.helper.t('courses.exam') }}
19
Finding Data on a Public Address
{{ vm.helper.t('reports.module') }}
20
Finding Data on a public Address - Quiz
{{ vm.helper.t('courses.exam') }}
21
Ransomware Practical Solution
{{ vm.helper.t('reports.module') }}
22
Wallet Analysis
{{ vm.helper.t('reports.module') }}
23
Wallet Analysis - Quiz
{{ vm.helper.t('courses.exam') }}
24
Following the Money Part 1
{{ vm.helper.t('reports.module') }}
25
Following the Money Part 1 - Quiz
{{ vm.helper.t('courses.exam') }}
26
Following the Money Part 2
{{ vm.helper.t('reports.module') }}
27
Following the Money Part 3
{{ vm.helper.t('reports.module') }}
28
Following the Money Part 3 - Quiz
{{ vm.helper.t('courses.exam') }}
29
Following the Money Part 4
{{ vm.helper.t('reports.module') }}
30
Visualisation
{{ vm.helper.t('reports.module') }}
31
Visualisation - Quiz
{{ vm.helper.t('courses.exam') }}
32
Visualisation Practical Solution
{{ vm.helper.t('reports.module') }}
33
IP Address Location
{{ vm.helper.t('reports.module') }}
34
IP Address Location - Quiz
{{ vm.helper.t('courses.exam') }}
35
Tracking to a Service Provider
{{ vm.helper.t('reports.module') }}
36
Tracking to a service provider - Quiz
{{ vm.helper.t('courses.exam') }}
37
Tracking to a Service Provider Practical Solution
{{ vm.helper.t('reports.module') }}
38
Tracking to a Trader
{{ vm.helper.t('reports.module') }}
39
Tracking to a Trader Practical Solution
{{ vm.helper.t('reports.module') }}
40
Open Source Methods
{{ vm.helper.t('reports.module') }}
41
Alternative Cryptocurrencies
{{ vm.helper.t('reports.module') }}
42
Micromessages
{{ vm.helper.t('reports.module') }}
43
Seizure
{{ vm.helper.t('reports.module') }}
44
Putting it Together
{{ vm.helper.t('reports.module') }}
45
Final Exam
{{ vm.helper.t('courses.exam') }}
 
Added 1 day ago, by Robert
 
Added 1 day ago, by Kirsty
 
Added 1 day ago, by Philip
Course is well presented and makes good use of a range of open source tools. I knew nothing about crypro prior to this but feel much better equipped moving forward.
 
Added 2 days ago, by Bryn
 
Added 2 days ago, by Anonymous
Excellent Course! I've been looking at Crypto's for a couple of years now and this learning exercise has answered so many questions that I've not been able to find a satisfactory answers for elsewhere. The PDF is great it's only a shame you can retain a copy of the videos. My only concern going forward is retaining the knowledge learn. Many thanks
 
Added 5 days ago, by William
Great course, thank you - you are the Bob Ross of cryptocurrency!
 
Added 6 days ago, by Anonymous
A very enjoyable course. It made complex processes very easy to understand and follow.
 
Added 7 days ago, by Lawrence
Excellent course, allows plenty of opportunity to test skills being learnt along the way
 
Added 9 days ago, by Ricky
 
Added 10 days ago, by David
Very thorough course... I have learnt a lot that will help me in future investigations. I am however mentally exhausted!! :) Thank you..

Shopping Cart

Your cart is empty