
Patient dies after ransomware attack reroutes her to remote hospital - furcyd
https://arstechnica.com/information-technology/2020/09/patient-dies-after-ransomware-attack-reroutes-her-to-remote-hospital/
======
panpanna
The bitcoin addresses used by malware are monitored by different
organizations.

I wonder how hard it is to track the people behind this once you mention
homicide to exchanges they use.

~~~
vmception
if those people used any best practice, and also swapped to another blockchain
without using an exchange then it would be very difficult and fruitless to
track the people behind it, all of those different organizations and armchair
blockchain detectives would just be following bitcoin across addresses and
making maps with arrows like a crazy person, not even knowing that they are
unable to tell that the owner of that bitcoin changed hands 20 transactions
ago in every single path. all of those organizations just assume a person "on
the run" is transferring to different addresses they own "trying to hide", and
that they'll eventually hit a known exchange address and get nabbed. with that
poor logic, _someone_ might get nabbed.

a lot of people don't use a _single one_ of the default, best practices that
have been on every bitcoin Wiki for an entire decade, so investigators have
that going for them.

~~~
angrais
Do you have any recommended blog posts or literature to learn more about the
best practices of using crypto I'm such a way, i.e. to evade tracking?

~~~
vmception
Avoid address reuse.

Most wallets and most exchanges do not help with this, they completely neglect
it.

In UXTO blockchains like Bitcoin, a core feature is combining your “outputs”,
immediately correlating otherwise separate addresses in the same wallet. The
system supports transaction types that wallets may not show in the GUI. So you
can choose to only send from a specific address. You may have to recreate you
hierarchy of addresses in a more capable wallet, but you always can do that no
matter where you normally use your bitcoin.

Ultimately you want to unlink your transaction.

Monero, a few smart contracts and some layer2 systems do that. “Coinjoin”
systems do not do that, the advertisement of them is probably funded by
adversaries.

You have to get your transactions to the systems and currencies that let you
unlink.

So you have a series of bitcoin addresses that werent funded with an exchange
or tied to your identity. For illustrative purposes lets say you cashed out of
a gambling website to a virgin address and US institutions will freeze your
accounts if you try to cash out. Nothing illegal for you, as the federal law
is only against financial institutions. Just fire up Tor and hop over to
Monero using Morphtoken.com and send them btc and get monero. (You dont need
Tor for cashing out gambling withdrawals, but just get in the practice.)

Now you have Monero, which is more analogous to cash. If that claim isnt
comfortable enough for you, spend time researching that yourself.

You have options now. Monero can _just_ be a conduit for unlinking
transactions as you go back into transparent blockchains in a few hours or
days. Or it can be your desired currency and nest egg. Or you can sell it
directly into fiat currency as several exchanges support it, as well as all
OTC desks, as well as local in person markets. Monero is perfectly suited for
exchanging for goods and services and many people use it for that despite
merchants accepting bitcoin more prevalently, many bitcoin invoices are paid
with Monero which trigger another service like Morphtoken to pay a merchant in
bitcoin.

Back to the conduit example, you can just generate a new hierarchy of
addresses on whatever blockchain you like and convert the monero back into
that cryptocurrency.

You can also deposit that Monero on a crypto-only exchange and just trade it
for something else and withdraw. This option has the caveat of whether you
want to do this in Tor or not, whether the amounts trigger KYC or not, whether
you want to use someone else’s KYC, whether you are patient enough to stay in
the non-KYC’d withdrawal limits over many days and several accounts, etc. If
you just used Monero to a crypto-only exchange under your identity and they
got subpoena’d in the future, do you think you need a way to explain the
source of funds?

Anyway, thats not even necessary. In this gambling example there is no need to
reintegrate, you just need to pass a chainanalysis filter so a US financial
institution feels compliant. Unlinking solved, problem solved.

~~~
anon9001
vmception knows his stuff and this is correct.

Question: what do you think about the litecoin mimblewimble features that are
supposed to happen later this year?

Litecoin is already so widely integrated in the ecosystem that it should
become the largest "privacy coin" overnight, but I don't know enough to say if
it's any good.

~~~
vmception
MimbleWimble has limitations for privacy, better for scaling and comes with a
little bit of unlinkability but not enough.

[https://litecoin.com/en/news/the-litecoin-mimblewimble-
propo...](https://litecoin.com/en/news/the-litecoin-mimblewimble-proposal-is-
about-fungibility-not-privacy)

------
anotherman554
Shouldn't the hospital have been able to treat the patient without networked
computers?

~~~
violetgarden
Darknet Diaries just did an episode about how Wannacry disabled the NHS on
episode 73. The episode was way more descriptive of how the attack affected
functions of the hospital, but basically, there’s a lot of overhead. Suddenly,
you have to check everyone in by hand, you don’t know who their normal doctor
is, you can’t look up medication, ransomware might be affecting specialized
computers for the medical equipment. Some hospitals were able to pivot to pen
and paper and still treat patients, but the attack was basically like an
accident on the freeway. It just jams everything up.

