Crime+
The Bitcoin Murders
Two new books investigate the original cryptocurrency crime scenes — one tracking Satoshi Nakamoto's ghost, the other counting the bodies left by ransomware operators who found out that hiding the money was harder than stealing it.
Ghost Coin
The identity of Satoshi Nakamoto — the pseudonym attached to the 2008 white paper that launched Bitcoin, and to the early correspondence with the handful of cryptographers and cypherpunks who first built the network — is the defining mystery of the digital age. Nakamoto published the white paper, participated in forums for about two years, handed off the code to other developers in 2010, and vanished. The wallet containing roughly one million early-mined bitcoins, worth approximately sixty billion dollars at recent valuations, has never moved. Whoever Satoshi is, they have either died, lost access, or chosen a silence that is itself a kind of communication.
This investigation follows the main candidates with forensic patience. The Australian computer scientist Craig Wright claimed for years to be Satoshi and spent considerable energy in litigation to prove it; a British court found in 2024 that he was not, and that he had forged evidence to support the claim. The American cryptographer Hal Finney, who received the first Bitcoin transaction, died in 2014; he always denied it, but he was a credible candidate and his denials were typically credible people's denials. Nick Szabo, whose concept of "bit gold" predated Bitcoin and whose writing style matches Nakamoto's in ways that several textual analysts have found significant, has also consistently denied it. The codebase itself turns out to be more revealing than any of them: an analysis of the commit history, the idiosyncratic British spellings in early comments, the timezone distribution of activity that suggests someone in the British Isles or perhaps the American east coast working unusual hours.
What makes this book more than a parlour game is the author's grasp of what Satoshi was actually trying to build, and why. The white paper appeared in October 2008, weeks after Lehman Brothers collapsed, and the first block in the Bitcoin blockchain contains an embedded headline from The Times about a second bank bailout. This was not accidental. The mystery of who Satoshi is becomes inseparable from the question of what they were saying, and the book is at its best when it treats these as a single question rather than two separate puzzles.
The answer to the identity question remains open — honestly open, without the false resolution that lesser investigations feel compelled to supply. This is intellectually honourable, and makes for a more satisfying read than the alternative would have done. The mystery of Nakamoto is probably not going to be solved by anyone who wants the answer badly enough to write a book. But the investigation illuminates the question in ways that reward the effort.
Ransom Protocol
The ransomware epidemic has a specific quality that distinguishes it from other organised crime: it is visible. When a hospital network is encrypted and ceases to function, patients notice. When a city council loses access to its records, residents notice. The perpetrators, for the most part, have preferred not to be noticed. This account of the ransomware economy traces the operations of several major criminal groups — primarily based in Russia and Eastern Europe, operating with what amounts to state tolerance — through the eyes of the investigators, victims, and occasional defectors who have been trying to understand them.
The economics are explained clearly enough that the reader does not need prior knowledge of either cryptocurrency or criminal enterprise to follow the argument. Ransomware groups operate what are effectively franchise businesses: core developers provide malware and infrastructure; affiliates deploy it against targets and receive a commission on the ransom. The money moves through cryptocurrency mixers and exchanges; law enforcement has become significantly better at following it, a development that has materially disrupted several major groups. The Colonial Pipeline attack of 2021, in which the US Department of Justice recovered more than half the ransom payment, demonstrated that the "irreversibility" of cryptocurrency transactions was less total than the criminals had assumed.
The human cost — measured not in dollars but in delayed surgery, corrupted records, lives disrupted or ended — provides the book's moral centre. The author resists the temptation to make the perpetrators interesting at the expense of the people they harmed, which is the characteristic failure of crime journalism that finds its subjects more compelling than its victims. The operational detail is impressive, sourced from FBI case files, Europol reports, and extended interviews with investigators on multiple continents.
Dense, occasionally overwhelming, but consistently important. This is a dispatch from a crime wave that is ongoing, and it reads like one.