Geolocation of Blockchain Transactions using Timestamp

November 16, 2021 - Is it possible to infer the geographical location using timestamp from the transactions? The short answer is yes, however, it does require your data set to be reasonable large to have the needed accuracy.

The data set shown below is pulled from one of our investigations where the scammers supposedly provide swapping service to Tether from either Bitcoin or Ether. The victims in this scam have received either no Tether, or simply were ignored after having sent their cryptocurrencies to be swapped.

Pulling a play from IntoTheBlock's East vs. West indicator, which provides an approximation of the demographic distribution of activity for a particular crypto-asset, we aggregated a large set of transaction data (>1000 TXs) from the various victims. Conversely, we also examined a large set of transaction data of transfer from the various scammer addresses for the same.

From the victims' transactions, we postulated that the victims are more likely from Western region of the globe such as UK, Germany, and similar. We knew this to be factual as we have verified contacts from some from these countries.

The scammers' outbound transactions also indicated that they are likely to operate from the Western region of the globe. Furthermore, as there are two observed peaks, we postulated that the scammers possibly operate from multiple locations within the Western Region.

In the hands of an experience investigator, cryptocurrency addresses can be attributed back to individuals and public corporations with some knowledge of public information. So if you want a bit more anonymity, use Monero or Dash for now (well, maybe).