Funds collected by the scam that breached Twitter this week appear to be on the move, cryptocurrency tracing firm Elliptic said.
According to transaction data associated with crypto wallets used in the security breach, a total of about $123,000 was collected by the attackers. Of that about 22%, 2.89 BTC, was transferred late last night to an address Elliptic said it “strongly believe[s]” is a Wasabi wallet.
- Wasabi wallets allow users to circumvent the transparency guaranteed by bitcoin’s public blockchain by mixing up the transaction trail, thus making it harder for law enforcement to follow the money.
- According to Elliptic, the firm is able to identify Wasabi wallets based on distinctive transaction patterns. While exchanges can usually identify their clients using KYC checks, which makes it possible to flag fraudsters for law enforcement, the use of a Wasabi wallet makes it harder to pin down where a client’s money came from.
- In a recent statement, Twitter said Wednesday’s security breach had targeted over 130 users, allowing attackers to gain control of user accounts and post identical messages demanding bitcoin. The firm also said it was investigating whether the attackers had accessed any non-public data on the platform.
- Responding to claims about the hacker’s use of a Wasabi wallet to mix the loot, zkSNACKs, the firm that makes the wallet said in an emailed statement, “Although it is sad that there are dishonest people using our product, the truth is that for every 1 person utilizing our CoinJoin service for malevolent purposes, there's another 100 people utilizing it for the right reasons.”
UPDATE (July 20, 17:24 UTC): This article has been updated to include comment from the developers of Wasabi wallet.