Data mining for detecting Bitcoin Ponzi schemes

Soon after its introduction in 2009, Bitcoin has been adopted by cyber-criminals, which rely on its pseudonymity to implement virtually untraceable scams. One of the typical scams that operate on Bitcoin are the so-called Ponzi schemes. These are fraudulent investments which repay users with the funds invested by new users that join the scheme, and implode when it is no longer possible to find new investments. Despite being illegal in many countries, Ponzi schemes are now proliferating on Bitcoin, and they keep alluring new victims, who are plundered of millions of dollars. We apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes. Our starting point is a dataset of features of real-world Ponzi schemes, that we construct by analysing, on the Bitcoin blockchain, the transactions used to perform the scams. We use this dataset to experiment with various machine learning algorithms, and we assess their effectiveness through standard validation protocols and performance metrics. The best of the classifiers we have experimented can identify most of the Ponzi schemes in the dataset, with a low number of false positives

AI-powered Fraud Detection in Decentralized Finance: A Project Life Cycle Perspective

In recent years, blockchain technology has introduced decentralized finance (DeFi) as an alternative to traditional financial systems. DeFi aims to create a transparent and efficient financial ecosystem using smart contracts and emerging decentralized applications. However, the growing popularity of DeFi has made it a target for fraudulent activities, resulting in losses of billions of dollars due to various types of frauds. To address these issues, researchers have explored the potential of artificial intelligence (AI) approaches to detect such fraudulent activities. Yet, there is a lack of a systematic survey to organize and summarize those existing works and to identify the future research opportunities. In this survey, we provide a systematic taxonomy of various frauds in the DeFi ecosystem, categorized by the different stages of a DeFi project's life cycle: project development, introduction, growth, maturity, and decline. This taxonomy is based on our finding: many frauds have strong correlations in the stage of the DeFi project. According to the taxonomy, we review existing AI-powered detection methods, including statistical modeling, natural language processing and other machine learning techniques, etc. We find that fraud detection in different stages employs distinct types of methods and observe the commendable performance of tree-based and graph-related models in tackling fraud detection tasks. By analyzing the challenges and trends, we present the findings to provide proactive suggestion and guide future research in DeFi fraud detection. We believe that this survey is able to support researchers, practitioners, and regulators in establishing a secure and trustworthy DeFi ecosystem.Comment: 38 pages, update reference

Cryptocurrencies and future financial crime.

Background: Cryptocurrency fraud has become a growing global concern, with various governments reporting an increase in the frequency of and losses from cryptocurrency scams. Despite increasing fraudulent activity involving cryptocurrencies, research on the potential of cryptocurrencies for fraud has not been examined in a systematic study. This review examines the current state of knowledge about what kinds of cryptocurrency fraud currently exist, or are expected to exist in the future, and provides comprehensive definitions of the frauds identified. Methods: The study involved a scoping review of academic research and grey literature on cryptocurrency fraud and a 1.5-day expert consensus exercise. The review followed the PRISMA-ScR protocol, with eligibility criteria based on language, publication type, relevance to cryptocurrency fraud, and evidence provided. Researchers screened 391 academic records, 106 of which went on to the eligibility phase, and 63 of which were ultimately analysed. We screened 394 grey literature sources, 128 of which passed on to the eligibility phase, and 53 of which were included in our review. The expert consensus exercise was attended by high-profile participants from the private sector, government, and academia. It involved problem planning and analysis activities and discussion about the future of cryptocurrency crime. Results: The academic literature identified 29 different types of cryptocurrency fraud; the grey literature discussed 32 types, 14 of which were not identified in the academic literature (i.e., 47 unique types in total). Ponzi schemes and (synonymous) high yield investment programmes were most discussed across all literature. Participants in the expert consensus exercise ranked pump-and-dump schemes and ransomware as the most profitable and feasible threats, though pump-and-dumps were, notably, perceived as the least harmful type of fraud. Conclusions: The findings of this scoping review suggest cryptocurrency fraud research is rapidly developing in volume and breadth, though we remain at an early stage of thinking about future problems and scenarios involving cryptocurrencies. The findings of this work emphasise the need for better collaboration across sectors and consensus on definitions surrounding cryptocurrency fraud to address the problems identified

Cryptocurrency scams: analysis and perspectives

Since the inception of Bitcoin in 2009, the market of cryptocurrencies has grown beyond the initial expectations, as witnessed by the thousands of tokenised assets available on the market, whose daily trades amount to dozens of USD billions. The pseudonymity features of these cryptocurrencies have attracted the attention of cybercriminals, who exploit them to carry out potentially untraceable scams. The wide range of cryptocurrency-based scams observed over the last ten years has fostered the research on the analysis of their effects, and the development of techniques to counter them. However, doing research in this field requires addressing several challenges: for instance, although a few data sources about cryptocurrency scams are publicly available, they often contain incomplete or misclassified data. Further, there is no standard taxonomy of scams, which leads to ambiguous and incoherent interpretations of their nature. Indeed, the unavailability of reliable datasets makes it difficult to train effective automatic classifiers that can detect and analyse cryptocurrency scams. In this paper, we perform an extensive review of the scientific literature on cryptocurrency scams, which we systematise according to a novel taxonomy. By collecting and homogenising data from different public sources, we build a uniform dataset of thousands of cryptocurrency scams.We devise an automatic tool that recognises scams and classifies them according to our taxonomy.We assess the effectiveness of our tool through standard performance metrics.We also give an in-depth analysis of the classification results, offering several insights into threat types, from their features to their connection with other types. Finally, we provide a set of guidelines that policymakers could follow to improve user protection against cryptocurrency scams

The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and carry more value, they become more of an interesting target for attackers. In the past few years, several smart contracts have been exploited by attackers. However, a new trend towards a more proactive approach seems to be on the rise, where attackers do not search for vulnerable contracts anymore. Instead, they try to lure their victims into traps by deploying seemingly vulnerable contracts that contain hidden traps. This new type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic analysis of honeypot smart contracts, by investigating their prevalence, behaviour and impact on the Ethereum blockchain. We develop a taxonomy of honeypot techniques and use this to build HoneyBadger - a tool that employs symbolic execution and well defined heuristics to expose honeypots. We perform a large-scale analysis on more than 2 million smart contracts and show that our tool not only achieves high precision, but is also highly efficient. We identify 690 honeypot smart contracts as well as 240 victims in the wild, with an accumulated profit of more than $90,000 for the honeypot creators. Our manual validation shows that 87% of the reported contracts are indeed honeypots

Cryptocurrencies as a subject of financial fraud

CEL: Celem głównym niniejszego opracowania jest identyfikacja aktualnego zakresu badań dotyczących kryptowalut jako przedmiotu nadużyć finansowych. Szczegółowe pytania badawcze odnosiły się do prezentacji najważniejszych kierunków tematycznych prowadzonych badań oraz zdefiniowania potencjalnych możliwości dalszej analizy tego tematu. Jedno z pytań wiązało się również z identyfikacją najbardziej popularnych oszustw przeprowadzanych z użyciem kryptowalut. METODYKA: Artykuł opiera się na systematycznym przeglądzie literatury (SLR) przeprowadzonym dla 57 publikacji dostępnych w bazie Scopus. Dokonano bibliometrycznej oraz opisowej analizy wybranych pozycji literatury przedmiotu. Następnie wydzielono główne klastry tematyczne i dokonano pogłębionej analizy ich treści. WYNIKI: Szczegółowa analiza bibliometryczna i opisowa pokazała, że tematyka kryptowalut jako przedmiotu nadużyć finansowych jest generalnie nowym obszarem badań naukowych, choć rozwija się dość intensywnie. Relatywnie mała liczba publikacji w porównaniu z innymi podobnymi obszarami pokazuje również, że ten temat nie jest jeszcze tak mocno eksplorowany przez naukowców i można w nim rozwijać wiele różnych trendów badawczych. Ostatecznie zidentyfikowano następujące kluczowe obszary badawcze: rodzaje oszustw kryptowalutowych, metody wykrywania nadużyć, ryzyka związane z technologią blockchain, pranie brudnych pieniędzy oraz regulacje prawne dotyczące kryptowalut. Udało się również ustalić, że obecnie najczęściej występującym przestępstwem jest pranie pieniędzy. Zwrócono jednak uwagę, że drugim dość częstym oszustwem są piramidy finansowe oparte na schemacie Ponziego. IMPLIKACJE: W artykule wyraźnie przedstawiono główne trendy badawcze dotyczące wykorzystania kryptowalut w działalności przestępczej. Jednocześnie podkreślono, że w porównaniu do innych obszarów badawczych niniejsza tematyka jest stosunkowo nowa. Powstaje zatem szeroka możliwość eksploracji nie tylko istniejących, ale również nie odkrytych do tej pory nurtów badawczych. Ponadto zidentyfikowano kluczowe rodzaje oszustw w praktyce gospodarczej, co jest szczególnie istotne dla uczestników rynków finansowych. Wyraźnie wskazano bowiem, które transakcje są obarczone największym ryzykiem. Warto również zwrócić uwagę na istotną aktualność tematu, gdyż skala przestępczości z udziałem kryptowalut ostatnio gwałtownie rośnie. Opracowanie potwierdza niedostateczny zakres regulacji prawnych, które nie są w stanie odpowiednio wzmocnić bezpieczeństwa obrotu gospodarczego. Może być zatem jasnym wskazaniem dla rządów poszczególnych państw, czy też instytucji międzynarodowych do dalszych sprawnych zmian przepisów prawa. ORYGINALNOŚĆ I WARTOŚĆ: Naukowy wkład niniejszego opracowania jest potrójny. Po pierwsze, jest to jeden z pierwszych artykułów badawczych prezentujący wyniki systematycznego przeglądu literatury (SLR) połączonego z analizą bibliograficzną oraz pogłębioną analizą treści publikacji. Podczas pracy zastosowano również oprogramowanie VOSviewer, które umożliwiło obiektywną identyfikację głównych klastrów tematycznych opartą na occurrences and link strength of keywords ujętych w publikacjach. Po drugie, zidentyfikowano kluczowe rodzaje oszustw, które jednocześnie powodują największe straty finansowe. Wyznaczono również kierunki dalszych badań, które mają głębokie praktyczne implikacje dla uczestników rynku. Niektóre z nich dotyczą bowiem konieczności opracowywania i wdrażania nowoczesnych aplikacji komputerowych, pozwalających na wykrywanie szerszego zakresu pojawiających się nadużyć.PURPOSE: The main purpose of this paper was to identify the current scope of research on cryptocurrencies as a subject of fraud. Detailed research questions related to the determination of contemporary trends of the conducted research and the definition of potential opportunities for further investigation of this topic. One of the questions also concerned identifying the most common crimes committed using cryptocurrencies. METHODOLOGY: The study is based on a systematic literature review (SLR) of 57 publications available on the Scopus database. A bibliometric and descriptive analysis of selected literature items was carried out. Then, vital thematic clusters were separated, and an in-depth content analysis was performed. FINDINGS: The detailed bibliometric and descriptive analysis showed that cryptocurrencies as a subject of financial fraud are generally a new area of scientific research, although it is developing quite intensively. The relatively small number of publications, compared to other similar areas, also indicates that this topic has not yet been explored widely by scientists, and many different research trends can be created in it. Ultimately, the following key research areas were identified: types of cryptocurrency fraud, crime detection methods, risks related to blockchain technology, money laundering, and legal regulations regarding cryptocurrencies. It was also possible to identify that money laundering is currently the most common fraud. However, it has been pointed out that the second most frequent fraud is financial pyramids based on the Ponzi scheme. IMPLICATIONS: The paper clearly presents the main research trends on using cryptocurrencies in criminal activities. At the same time, it was emphasized that, compared to other research areas, this topic is relatively new. Therefore, there is a wide possibility of exploring not only existing but also undiscovered research trends. In addition, key types of fraud in economic practice have been identified, which is particularly important for financial market participants. It was clearly indicated which transactions bear the highest risk. It is also worth paying attention to the critical timeliness of the topic, as the scale of crimes involving cryptocurrencies has recently been growing rapidly. The study confirms the insufficient scope of legal regulations, which are not able to strengthen the security of economic transactions adequately. Therefore, it can be a clear indication for the governments of individual countries or international institutions for further efficient changes to the law. ORIGINALITY AND VALUE: The contribution of this study is threefold. It is one of the first research papers showing the results of a systematic literature review (SLR) combined with a bibliographic and in-depth analysis of the content of publications in this field. During the work, the VOSviewer software was also used, which enabled objective identification of the main thematic clusters based on the occurrences and link strength of keywords included in the publications. Secondly, the key types of fraud have been identified that, at the same time, cause the most significant financial loss. This allowed for the establishing of directions for further research, which have profound practical implications for market participants. Some of them relate to the need to develop and implement modern computer applications, allowing for the detection of a wider range of emerging abuses

Old Frauds With a New Sauce: Digital Assets and Space Transition

Purpose The purpose of this study is to describe the evolution of fraud schemes with historically conducted with fiat money in physical space to the crypto-assets in digital space as follows: ransomware, price manipulation, pump and dump schemes, misrepresentation, spoofing and Ponzi Schemes. To explain how fraud schemes have evolved alongside digital asset markets, this study applies the space transition theory. Design/methodology/approach The methodology used is a review of the media regarding six digital asset fraud schemes that have evolved from physical space to virtual space that are currently operational, as well as a review of the literature regarding the space transition theory. Findings This paper finds that the digital space and digital assets may facilitate pseudonymous criminal behavior in the present regulatory environment. Research limitations/implications The field is rapidly evolving, however this study finds that the conversion from physical to virtual space obfuscates the criminal activity, facilitating anonymity of the perpetrators, and creating new challenges for the legal and regulatory environment. Practical implications This paper finds that the digital space and digital assets may facilitate pseudonymous criminal behavior in the present regulatory environment. An understanding of the six crypto-asset fraud schemes described in the paper is useful for anti-financial crime professionals and regulators focusing on deterrence. Social implications The space transition theory offers an explanation for why digital space leads criminals to be better positioned to conduct financial crime in virtual space relative to physical space. This offers insights into behavior of digital asset fraudster behavior that could help limit the social damage caused by crypto-asset fraud. Originality/value To the authors’ knowledge, this paper is the first to detail the evolution of fraud schemes with fiat money in physical space to their corresponding schemes with digital assets in physical space. This study is also the first to integrate the space transition theory into an analysis of digital asset fraud schemes