Snowden Document Reveals NSA Program to Track Bitcoin Users

As if torn from the subplot of a Hollywood spy thriller, Edward Snowden papers prove that the NSA has been monitoring Bitcoin users around the world for years. What is more, they may have used information in illegal prosecutions.

Snowden Leak Exposes NSA Tapping Program

The Intercept is reporting that a classified document leaked by Edward Snowden dated March 2013 contains detailed descriptions of National Security Agency operations that were used to track down and identify cryptocurrency users. Excerpts of the report reveal that the top-secret program code-named Oakstar was primarily initiated to monitor the flow of money between terrorist organizations.

The NSA specifically targeted Bitcoin users through a subprogram of Oakstar called MONEYROCKET. Advertised in 2012 on the web as a “non-Western Internet anonymization service.” MONEYROCKET targeted users mostly in the Middle East, Asia and some parts of Eastern Europe.

The program worked as a dupe to lure users into using it, thinking they were gaining a deeper level of anonymity when actually it allowed the NSA to tap directly into user data and browsing history.

By gaining access to user’s systems they were able to collect passwords, user sessions and media access control addresses which gave them personal information such as IP addresses and billing details. The agency was set on making connections between their Bitcoin targets and the data they processed.

The NSA document reveals details of how MONEYROCKET worked in Europe by tapping into fiber-optic lines and siphoning information directly to their European Technical Center in Wiesbaden, Germany, and also how there were corporate partnerships in the US. Meetings in Northern Virginia between telecom partners and NSA affiliated agents are detailed in the document. Though Bitcoin wasn’t the only target of the program, it also sought out now-defunct Liberty Reserve, it was the main focus.

Program May Have Been Used to Gather Evidence Illegally

Intercept speculates that this program may have been fundamental to the FBI’s evidence against SilkRoad operator Ross Ulbricht. Part of Ulbricht’s defense during his trial for money laundering was that the FBI must have obtained some of the evidence against him illegally.

The leaked documents make no specific reference to Ulbricht but they do show that MONEYROCKET was targeting Bitcoin users about six months before he was arrested. This is a major concern among civil libertarians who claim that the government uses these types of programs to convict citizens in a process called “parallel construction”.

Though primarily MONEYROCKET was used for counter-terrorism purposes the program branched out to trace Bitcoin users involved in international crime and narcotics. Matthew Green, assistant professor at the Johns Hopkins University Information Security Institute, reacted to the report by calling the NSA’s actions “pernicious” and adding;

“[This is] bad news for privacy, because it means that in addition to the really hard problem of making the actual transactions private … you also have to make sure all the network connections [are secure],”