Twitter hackers leave a trail as they move stolen bitcoins

[ad_2][ad_1]

(TNS) – Whoever is behind the security incident involving some of the top economic and political leaders on Twitter – a scam that raised around $ 120,000 worth of bitcoin – is shifting the loot to online accounts, creating the beginning of a digital paper trail that investigators look for clues.

The hackers gained access to the Twitter accounts of executives including Amazon.com Inc. CEO Jeff Bezos and Tesla Inc. founder Elon Musk, by asking users to target the cryptocurrency to one of three different accounts. said Tom Robinson, co-founder of Elliptic, which helps law enforcement keep track of bitcoin-related crimes.

Bitcoin offers users a degree of anonymity, making it a popular vehicle for criminal behavior. But investigators can gather valuable information in cases where cryptocurrency is moved to accounts, or wallets, that have transacted with certain US exchanges or services. This is because US exchanges typically take the trouble to verify the user’s identity.

“Sharing this information quickly with authorities around the world and ecosystem companies will help us stop stolen funds and find out more about attackers,” said Itsik Levy, co-founder of Whitestream, a Bitcoin researcher. .

The attackers received just over 400 payments, worth $ 121,000, according to Elliptic. The largest payment came from a Japan-based exchange and amounted to approximately $ 42,000.

Immediately after initially being collected in the three accounts, the funds began to circulate. About $ 65,000 of the $ 120,000 was quickly transferred to other Bitcoin addresses, one of which has been active in the past and transacted with a US exchange, Robinson said.

Of the amount moved, about $ 60,000 has been directed to an active Bitcoin address since May, Whitestream said. That address had interacted with Coinbase Inc., the largest cryptocurrency exchange in the United States, as well as with BitPay and CoinPayments payment processors, Whitestream said. Coinbase declined to comment. BitPay and CoinPayments did not immediately return requests for comment.

The money initially raised at three Bitcoin addresses has now been moved to 12 new addresses, according to Elliptic.

The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) on Thursday issued a notice saying cryptocurrency exchanges and other financial institutions should report any suspicious hacking-related activity as soon as possible. New York Governor Andrew Cuomo said the New York Department of Financial Services will investigate the incident and, according to Reuters, the Federal Bureau of Investigation is also on the case.

However, discovering the authors may take time and prove challenging.

“It depends on what they do next, it depends on how they try to cash out,” Robinson said. If they try to use a regulated exchange in the United States, finding them will be easy. But if they try to cash out through one of the hundreds of small unregulated exchanges, it could be more difficult, he said.

“They are obviously sophisticated as they have not sent these funds directly to an exchange to cash out,” Robinson said.

According to Elliptic, about a quarter of the funds the hackers acquired came from accounts linked to North America and more than 50% from accounts in Asia.

While bitcoin is supposed to be difficult to trace, a number of tracking companies have sprung up to help law enforcement. Exchange and other vendors have begun to gather more information about their customers. So law enforcement has been able to track down the stolen bitcoins many times in the past.

In addition to prominent political and business leaders, the attacks also hit many crypto companies such as the Gemini exchange. The hacked accounts promised to double the amount of money sent to their Bitcoin address.

Coinbase has started blocking its users’ payments sent to hacker accounts. “We are essentially blacklisting the addresses as we see them posted in the scam tweets,” said Elliott Suthers, a spokesperson for Coinbase.

Gemini also blocked the attacker’s accounts, according to a Gemini spokesperson.

Another reason bitcoin is an attractive target for scammers is that it can be used all over the world. Although the price of the cryptocurrency dropped at the start of the COVID-19 pandemic, it has since recovered and has risen by about 30% since the beginning of the year.

© 2020 Bloomberg News, distributed by Tribune Content Agency, LLC.

Are you looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

[ad_2]Source link