red 
Featured image source: Elliptic Forensics
Continuing from yesterday Elliptic’s analysis of Bitcoin money laundering from the Twitter hackElliptic discovered that at 3:39 UTC this morning, 2.89 bitcoins, representing 22% of the funds obtained by the Twitter hack, were sent to an address we strongly believe is part of the Wasabi wallet.
A wasabi wallet is a type of bitcoin wallet that can be used to hide traces of transactions, making it difficult for law enforcement investigators or financial institutions to trace funds on the blockchain.
Elliptical was able to identify the likely use of this wallet, building a unique capability to identify Wasabi wallet addresses based on distinctive transaction patterns.
The use of this type of wallet by those who launder the proceeds of Twitter hacking is not surprising. One of the most common techniques used by law enforcement to identify the perpetrators of this type of attack is to follow the money trail to the point of payment. Most crypto exchanges identify their customers through KYC checks, and this identity information is used by law enforcement to identify fraudsters. Using a Wasabi wallet makes it much more difficult to track funds this way.
Hackers will now be focused on how to cash out their bitcoins – probably through one or more crypto exchanges. The challenge they face is when exchanges use blockchain monitoring tools such as Elliptic to scan the blockchain and determine the source of funds for any bitcoin transaction they receive. If our software tells them the funds come from a Twitter attack, they will likely freeze the funds and notify the police. Again, using the Wasabi Wallet makes this much more challenging to exchange, since the blockchain trail is no longer visible.
However, thanks to Elliptic’s unique ability to identify Wasabi wallet addresses, exchanges can verify incoming funds for links to these wallets. Now that they know Wasabi wallets were used to launder the proceeds of the Twitter attack, they can be on the lookout for any client deposits originating from this source.
Customers using Elliptic’s tracking crypto transactions and crypto wallet screening tools can set risk rules to receive instant alerts on crypto wallets and transactions associated with both the Twitter Hack and Wasabi Wallet, allowing them to take action and prevent further fund flows.
This is an ongoing situation as bitcoins from the Twitter hack continue to move through the blockchain. Elliptic will continue to update its blockchain tracking tools with addresses associated with this fraud to help our customers protect their business and meet regulatory obligations.
You can follow our live updates at Twitter and LinkedIn.
Related Articles:
- Insights from Elliptic: #Twitterhack and Bitcoin Money Laundering
- Tracking Twitter Hack Bitcoins – Update from Elliptic
- Over 50% of #TwitterHack bitcoins now sent via mixer – What does this mean for crypto AML?
Don’t already have an Elliptic backup of your crypto AML compliance operations?
