Finnish Bureau Of Investigation Claims Can Track Monero Transactions (XMR): Cryptocurrency Prioritizing Privacy

Monero's crypto asset, XMR, prioritizes user privacy and anonymity features. (Photo; Doc. Elalata)

JAKARTA - Monero (XMR) is one of the most famous cryptocurrencies for its privacy features. Monero can hide the identity of the sender, recipient, and the number of transactions on the blockchain, making it difficult to track by unauthorized parties.

Monero is a cryptocurrency launched in 2014 as a result of a fork from Bytecoin, the first cryptocurrency to use the CryptoNote protocol. Monero also uses a proof-of-work algorithm called RandomX, which is designed to prevent mining using dedicated hardware, such as ASIC.

It aims to maintain decentralization and equality levels in the Monero network. In addition, Monero is also doing hard forks regularly to improve its features and security, as well as avoid attacks and exploitation.

One of Monero's cases was the burglary of Vastamamo, a private psychotherapy service provider in Finland, which occurred in October 2020.

An unknown hacker managed to access the company's database containing personal data and medical records from about 40,000 patients. Hackers then demanded a ransom of 40 bitcoins (BTC), equivalent to around IDR 25.5 billion, not to publish the data. Hackers also sent extortion emails directly to some patients, demanding a 200 euro (IDR 3.5 million) payment in Monero form.

Finnish law enforcement authorities, the National Bureau of Investigation (NBI), immediately conducted an investigation to reveal the identity of the hacker and arrest him. In early February 2023, NBI announced that it had arrested a 21-year-old man suspected of being the perpetrator of the Vastamamo burglary. The man named Julius AleksANTeri Kivimmenki, a Finnish citizen who lives in France. He was arrested under an Interpol Arrest Order and later extradited to Finland.

NBI claims to have found a way to identify individuals who use Monero for money laundering. NBI also claims to have developed a forensic analysis method that can track Monero transactions using data from crypto exchanges and crypto mixing services (mixers). Furthermore, the investigation bureau said it had cooperated with international law enforcement authorities, such as Europol and the FBI, to resolve the case.

However, NBI's claims drew a lot of doubt and criticism from the crypto community, especially Monero supporters. They challenged NBI to prove its claims by presenting publicly verifiable evidence. They also accused NBI of excited and inaccurate conclusions, relying on weak and irrelevant evidence.

Some users on Reddit, an online discussion platform, propose an alternative scenario that makes more sense to explain how NBI captured Kivisi. One scenario is that NBI only tracks bitcoin transactions used by hackers to buy Monero on crypto exchanges. Then, NBI found that the number of Monero hackers bought was the same as the number of Monero being asked for ransom. From there, NBI concluded that the hacker was the owner of the Monero, without actually tracking the Monero transaction itself.

Another scenario is that NBI relies solely on information provided by Binance, one of the largest crypto exchanges in the world, known to cooperate with law enforcement. Binance may provide data on IP addresses, identities, or trading activity of users exchanging bitcoin with Monero, or who deposited Monero into the exchange. With this data, NBI may be able to link hackers with certain Binance accounts, and then trace back to the bitcoin source the hackers used.

These two scenarios show that NBI is not really capable of tracking Monero transactions, but only using traditional investigative methods that rely on hacker vulnerabilities or carelessness. If hackers are more careful and use additional precautions, such as VPN, Tor, or other crypto mixing services, then most likely NBI will not be able to find them.