The attacker may be technically good; It is caught only when the OPSEC chain is broken.
Blockchain tracking
- Chainalysis, TRM Labs tools.
- Wallet family detection.
- To point of origin with KYC.
Log correlation
- Attack IP + VPN provider.
- Behavior pattern (time, language).
- Domain used WHOIS.
OPSEC errors
- Don't forget VPN turned on.
- Same username in different places.
- Trace on personal device.
Frequently asked
Is it possible to track after Tornado Cash?
Even if it is mixed, the output is captured by KYC in the stock market.
VPN is encrypted; Will I be affected?
Provider log request MLAT; some work (not Mullvad).
How long is this process?
3-12 months; A professional forensic team is required.
Relevant legislation
- TCK art.243 — Entering the information system (1-3 years + criminal money).
- TCK Article 244 — Preventing/disrupting system operation (1-5 years).
- TCK art.245 — Bank/credit card fraud (3-6 years).
- TCK art.158/1-f — Qualified fraud when the information system/bank/credit institution is the tool (3-10 years).
- CMK article 134 — Computer search, copying, seizure.
Legal notice: This article is for general information purposes; A meeting with a lawyer is required for a concrete case.