Twitter hackers leave a trail after shifting money between Bitcoin wallets

The culprits behind the recent scam involving some renowned business and political figures on Twitter is moving the stolen funds around online accounts.  A report revealed this news on July 17, noting that the scammers who made away with £98,680 worth of BTC created a digital paper trail. Reportedly, investigators are gleaning this trail, hoping to find clues that could lead them to the perpetrators.

According to Tom Robinson, the co-founder of Elliptic, a firm that helps authorities track BTC-related crime, the hackers gained access to the Twitter accounts of executives such as Amazon’s CEO, Jeff Bezos, and Tesla’s founder, Elon Musk. Apart from hacking the accounts of prominent figures in the crypto space, the hackers also attacked several crypto firms including Gemini. They then asked the users to direct the BTC to one of the three different accounts.

While BTC offers its users a degree of anonymity, investigators can obtain valuable information when its users move the cryptocurrency to accounts or wallets. This is because US-based exchanges have to verify the identity of each user to remain compliant. As such, the stolen funds are easily traceable.

Per Itsik Levy, the CEO of Whitestream, a Bitcoin research firm,

“Sharing this information fast with the authorities worldwide and with companies from the ecosystem, will help us stop the stolen funds and find more info about the attackers.”

Tracing the stolen BTC

The hackers reportedly received more than 400 payments. The largest payment came from Japan and was worth £33,480. Soon after the hackers collected the funds in three accounts, they started moving the funds around. Per Elliptic, the hackers moved these funds to 12 addresses. Out of the £98,680, they moved £51,800 to other BTC addresses.

Per Whitestream, the hackers directed about £48,820 to a BTC address that has been active since May. The address interacted with Coinbase inc., the largest crypto exchange in the US. It also transacted with BitPay and CoinPayments.

BitPay reportedly confirmed that it had received a transaction from one of the hacker addresses. A BitPay spokesperson said that the exchange was in the process of sharing the available details with the appropriate parties and law enforcement. Coinbase and CoinPayments, however, declined to comment.

The FBI is involved in the investigation

Per the publication, the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued an advisory warning on July 16, noting that crypto exchanges should report any suspicious activity regarding the hack to the relevant authorities. New York’s governor, Andrew Cuomo said that the New York Department of Financial Services will investigate the incident. Reportedly, the FBI has also launched an investigation on the case.

According to Robinson, discovering the perpetrators could prove to be challenging. He added that their discovery depends on what they do next.

He said,

“…it depends on how they try to cash out. If they try to use a regulated exchange in the U.S., finding them will be easy. But if they try to cash out through one of the hundreds of small, unregulated exchanges, that could be harder.”