• Antinalysis, a dark web tool, has resurfaced and is now freely available on the internet

  • Antinalysis’ earlier version, which was built on the AMLBot API, was taken down, but it reappeared in less than a week, not just on the darknet but also on the clearnet.

    Antinalysis, a dark web program that was taken down last week after a public outage, has resurfaced. The service has resurrected, this time not just on the darknet but also on the clearnet — the part of the internet that is freely and publically accessible — like a hydra whose heads multiply when chopped down. The application was previously exclusively available through Tor, an anonymous web browser for accessing the dark web.

    Antinalysis is a blockchain analysis tool that helps users figure out where their Bitcoins came from and assesses the danger of holding the tokens if links to illegal activity are discovered. The notion is that by using comparable methods to track dirty crypto tokens, crypto launderers and criminals can avoid their tokens being detected to authorities by regulated exchanges.

    The program is provided by the Incognito team, which is also behind the Incognito Market darknet illegal drugs bazaar. The service is created not just for criminals, but for anyone wanting for blockchain anonymity, according to a team administrator who spoke with Joe Tidy, a reporter, last week.

    The AMLBot application programming interface was used in the previous version of Antinalysis. Within eight hours of Antinalysis’ public exposure and after Nick Bax, an independent blockchain tracking specialist, pointed out the similarities between the two applications, AMLBot pulled back its service and shut down the Antinalysis account.

    A quick, yet brief, demise

    Antinalysis’ account was first suspended for eight hours by AMLBot after it was warned that its API was likely being utilized by the program, according to a written statement to ULTCOIN365. AMLBot is a service that allows users to verify if the Bitcoins they are about to receive are tied to illegal activity, allowing businesses to avoid unknowingly participating in crypto laundering.

    AMLBot also notified UK law enforcement agencies about all addresses that had used Antinalysis and were maintained in the Crystal blockchain database. Some of the addresses that used the Antinalysis program were previously unrelated to the darknet or any illegal operations, according to AMLBot.

    “It is likely that criminals exploited these addresses for unlawful activities… These addresses were added to the tracking database and transmitted to the most prominent players in the market to [sic] a more effective fight against money laundering,” it continued.

    AMLBot performed an internal investigation after discovering the Antinalysis account, which “revealed the cause of the issue,” which has subsequently been resolved. The company eventually closed the Antinalysis account and began a more precise monitoring of all of its customers, as well as re-checking all existing consumers.

    User requests were also evaluated for behavioral models comparable to Antinalysis, according to the statement. The company’s algorithm for constant monitoring of client behavior and demands has also been upgraded. In addition, the firm hired another anti-money laundering expert to keep a close eye on all user behavior and demands.

    Antinalysis resurfaced despite the rigorous safeguards put in place to halt it. “We are finally back and no longer rely on any third party for address labeling,” it says on its website. Antinalysis is unlikely to be concerned about being shut down on the clearnet because the service is not unlawful.

    Is it a vengeful twin or a sickly twin?

    It is unclear where the data for the new Antinalysis site comes from, as it previously used AMLBot’s database. The tool pulls data from other websites and databases, according to its website. According to the Antinalysis website, “the data is standardized and fed into our own large query-like implementation with models trained to spot particular patterns in the transaction flow.”

    Antinalysis is available to anybody who pays in Monero, a cryptocurrency that combines privacy-enhancing technology to obfuscate transactions and offer users with anonymity while keeping tokens fungible. With these privacy qualities, it’s no surprise that Monero has become a popular cryptocurrency among drug cartels and cybercriminals. Although the creators of Antinalysis claim that the program isn’t designed to help only criminals, the fact that it only accepts Monero suggests otherwise.

    Antinalysis is a “tool developed for thieves, by criminals,” according to Tom Robinson, co-founder of blockchain investigative business Elliptic. He analyzed the data produced by the previous version of Antinalysis and found them to be of poor quality. The tool’s results may be of worse quality now that it can no longer draw data from AMLBot.

    According to the Antinalysis website, the program can only track up to 1,000 transactions and can only reach five nodes deep. To hunt down tokens connected with shady transactions, commercial-level transaction tracing tools, like as those provided by Elliptic or used by regulated exchanges, do more in-depth investigation. Antinalysis had not responded to calls for comment as of press time.

    Finally, the debut of Antinalysis confirms what Benjamin Sauter, a crypto lawyer, informed us earlier. He predicted that services similar to Antinalysis would emerge in droves, not just on the darknet but also on the clearnet.

    What's your reaction?