Leading cryptoasset risk management solutions Elliptic has issued a statement on their response to the July 15, 2020 hack.
- The very nature of blockchain technology on which cryptocurrency operates makes the real-time tracing of fund flows highly traceable, thereby enabling effective anti-money laundering (AML) controls to prevent the bad actors from laundering funds. In this well-coordinated and sophisticated attack on high profile Twitter accounts, the perpetrators used cryptocurrency to monetize software exploits. These very transactions are now being tracked by Elliptic crypto compliance monitoring software to the final destination of funds.
- Elliptic's blockchain monitoring software has detected the flow of fraudulent funds associated with the Twitter security breach in real-time, enabling customers to automatically detect and act on suspicious activity passing through their platforms.
- Elliptic has identified that the compromised Twitter accounts are requesting crypto payments to a number of addresses – primarily in Bitcoin, but also XRP. Only the bitcoin addresses have been used so far, receiving 366 Bitcoin payments. The total value of the bitcoin payments received is approximately USD 120,000.
- Approximately half of these payments originated from US-based exchanges, suggesting that around half of the victims of this scam are based in the US. The remainder of payments is fairly evenly split between Asia and Europe.
- Customers using Elliptic's crypto transaction monitoring and crypto wallet screening tools have been notified directly that the addresses associated with the fraudulent funds have been added to our crypto monitoring tools to help them detect flows to and from these addresses. This makes it difficult for the scammers to launder funds or cash out into fiat currencies.
- This is an ongoing situation as fund flows are followed through the blockchain and Elliptic continues to add any new addresses into its crypto monitoring tools as they become evident. Elliptic customers who have enabled the “Scam” risk rule will receive immediate alerts to action and prevent further flow of funds.
- The situation is changing rapidly, although it now appears unlikely that the perpetrators of the scam will receive significant additional payments. Their challenge now is to launder these funds – with the world watching them on the blockchain.
Elliptic is a leader in crypto-asset risk management solutions for crypto businesses and financial institutions worldwide. Recognized as a WEF 2020 Technology Pioneer and backed by investors including Wells Fargo Strategic Capital, SBI Group, and Santander Innoventures, Elliptic has assessed risk on transactions worth several trillion dollars, uncovering activities related to money laundering, terrorist fundraising, fraud, and other financial crimes. Elliptic is headquartered in London with offices in New York, Singapore, and Tokyo.
Also published on Medium.