According to the latest report from blockchain analytics firm Elliptic, 22% or 2.89 Bitcoin BTC stolen from the Twitter hack has been sent to a Wasabi wallet for laundering.
Elliptic's analysis identified a wallet address that the company firmly believes is "it's part" from a Wasabi wallet.
As previously reported, Twitter hackers stole approximately $ 100,000 in BTC and are now using anonymous services to shuffle transactions and prevent any tracking attempts by authorities and other third parties.
After their successful scam, the next step for hackers is to withdraw money through one or more exchanges. One of their challenges, as Elliptic noted, is bypassing the blockchain monitoring tools that Elliptic or the exchanges will implement to track the source of all Bitcoin transactions on their platforms.
"If our software tells them that the funds originated from the Twitter attack, they are likely to freeze the funds and notify the police."
Wasabi is a desktop wallet that uses a feature known as ConJoin on the Tor network that allows multiple addresses to combine their funds from multiple inputs into one large transaction and generate multiple anonymous outputs.
Hackers are moving fast, with Elliptic on their way
Elliptic further claimed that hackers are smart to use the Wasabi wallet as it makes it difficult for exchanges to track the source of the funds. When done correctly, the CoinJoin function makes the blockchain trail of transactions completely invisible.
However, by using two of Elliptic's top tracking tools, cryptocurrency transaction monitoring and cryptocurrency wallet review, exchanges will be able to filter funds linked to addresses identified by Elliptic.
"Now they know that the Wasabi wallets have been used to help launder the proceeds of the Twitter attack, they can be alert to any customer deposits originating from this source."
According to another upgrade From related research by Larry Cermak, The Block's Research Director, hackers began testing the waters by making small deposits on various exchanges.
“AS FAR AS I CAN SAY, THE TWITTER HACKER HAS ALREADY MADE SMALL DEPOSITS (<$ 20) IN FOUR EXCHANGES. (COINBASE, BINANCE, BITPAY AND COINPAYMENTS). IT IS LIKELY TO JUST TEST YOUR REACTION. THEY ALSO STARTED TO MOVE THE FUNDS AND STARTED TO MIX IN ONE INSTANCE. ”
Hackers are relentless
Elliptic has been following the case since July 16, a day after the security breach occurred. In its first update, Elliptic declared:
“More than $ 110K in bitcoin has now been received by addresses posted by compromised Twitter accounts. We are tracking these addresses and working with our clients to make sure these funds cannot be collected or laundered. ”
The next upgrade Elliptic's key stated that hackers had started distributing funds, ready to mix.
“The money is moving from the $ 120K in Bitcoin received by addresses posted by compromised Twitter accounts, $ 65K has now been transferred to other addresses. We are looking".
In addition to Wasabi Wallet, hackers also mixed some of their backgrounds using ChipMixer. Tom Robinson, the chief scientist and co-founder of Elliptic, came to suggest that there is only one hacker involved.
“The #TwitterHack bitcoins have just started to move again, some are sent to ChipMixer. The simultaneous movement of funds from two wallets that have received the hacker's bitcoins suggests that they are still under the control of one person. ”
In a detailed report published By Twitter today about exactly what happened, the social network recognizes that one of its employees was compromised and promised to rebuild trust with its users.
Twitter said: "We are ashamed, disappointed, and most of all, sorry," which solves, once and for all, any doubts that this was really a Twitter hack and not Bitcoin.