Despite the anonymity of Monero (XMR), the Finnish National Bureau of Investigation has apparently tracked XMR transactions to identify a ransomware hacker.
A local news states that Julius Aleksanteri Kivimäki is on trial for allegedly breaching the database of a mental health company in October 2022 and extorting a 40 Bitcoin (BTC) ransom. He specifically targeted patients when he wasn’t paid, accepting cryptocurrency payments converted to Monero.
According to the police, the hacker transferred money to a KYC-free exchange, switched to Monero, then to Binance, and finally returned to Bitcoin across many wallets. Authorities disclosed successful on-chain tracking while maintaining anonymity.
Because of privacy technologies like stealth addresses, ring signatures, and RingCT, Monero is thought to be untraceable. This case, however, shows that even with anonymity features, crypto forensics can track the money trail.
Prior to 2017, studies on Monero transactions also revealed traceability. This casts doubt on ideas of total anonymity and might lead to a review of privacy coins. The prosecution of Kivimäki demonstrates the ability of law enforcement to de-anonymize illegal activity on blockchains.