CEO DailyCFO DailyBroadsheetData SheetTerm Sheet

The Twitter hackers’ Bitcoin shell game

July 22, 2020, 2:35 PM UTC

This is the web version of The Ledger, Fortune’s weekly newsletter covering financial technology and cryptocurrency. Sign up here to get it free in your inbox.

There’s a scene that recurs in heist films: invariably, a gang of bank robbers demands a large sum in “small, unmarked bills.”

It’s a smart stipulation (whether or not it’s common in real bank robberies). “Unmarked” means the serial numbers have not been recorded by the police. The bills’ numbers should also be random, rather than consecutive, making it harder to determine whether they are “dirty.” The point is to prevent law enforcement from later identifying—and blacklisting—the ill-gotten loot.

This brings us to last week’s Twitter breach: the Bitcoin nabbed by the hackers is very much “marked.”

In case you missed it, last week a group of hackers compromised prominent Twitter accounts and used them to trick onlookers into sending them Bitcoin. By stealing access to an internal Twitter “admin” tool, the hackers were able to take control of—and issue scam-tweets from—prized accounts, including those of cryptocurrency companies, like Coinbase and Binance, and celebs, such as Kim Kardashian, Joe Biden, and Jeff Bezos.

The hackers’ ploy nabbed 13.14 Bitcoins, or roughly $120,000, per an analysis by Chainalysis, a cryptocurrency-tracing firm. A couple of those Bitcoins, around $20,000 worth, is suspected to have come from the hackers themselves in an attempt to make the scam appear more legitimate early on, while an additional 7.88 Bitcoin—about $66,000—from still-unknown sources were later commingled with the funds, for total holdings of around 21 Bitcoins, the company said.

But there’s a problem: Bitcoin is, as mentioned, inherently marked money. Every single Bitcoin is logged on a global blockchain ledger, open to inspection by all. Whenever a Bitcoin moves, everyone can follow it.

In the immediate aftermath of the attack, I noted that it would be downright crazy for the fraudsters to attempt to cash out. Law enforcement’s gaze is fixed on all Bitcoin wallets involved. Then again, the hackers were crazy enough to commit the crime in the first place, so maybe they will, indeed, make a run for the finish line.

In fact, since the big hack, the ill-gotten Bitcoin has already moved a number of times out of three original scammer wallets. A portion of the funds, around 9 Bitcoins, now sit in 23 wallets, Chainalysis said. (Smaller sums are being split across an even greater number of Bitcoin addresses.) About 8 Bitcoins have been transferred to “mixers,” including Wasabi and ChipMixer, online services for obscuring and concealing cryptocurrency movements. 4 Bitcoins have been sent to other as yet unspecified entities, the company said.

Dave Jevens, CEO of CipherTrace, another cryptocurrency-tracking firm, says that the hackers are attempting “to obfuscate the flow of funds” through a process known as “peeling.” This involves sending fractions of the loot, little by little, into mixers and exchanges that multiply the complexity of the transaction chains and make them harder to follow. (Jevens says he suspects the hackers may be trying, in some cases, merely “to troll” investigators.)

The movement of Bitcoin following last week’s Twitter hack
Ciphertrace

Such antics might be difficult for a human to track, but they’re no match for computers. Maddie Kennedy, a Chainalysis spokesperson, notes that the money launderers’ “main tactic”—using mixers—“is often possible to trace.” She adds, “With many eyes on the stolen money, any counterparties to the perpetrators will face close scrutiny.”

Tom Robinson, the chief scientist and cofounder of Elliptic, another Bitcoin-tracing firm, says the hackers will have to use unregulated, foreign exchanges that collect minimal data on users to maintain anonymity. From there, they could convert the Bitcoin, using so-called “coin swap” services, into harder-to-trace cryptocurrencies, like privacy-preserving Zcash or Monero.

“It’s very difficult to mask all your activity when you’re using a system that’s as transparent as Bitcoin,” Robinson said. “It’s likely the hackers will be able to cash out in some way, [but] the question is whether they will be able to do so in a way that cannot be traced back to them.”

What’s bound to ensue is a hi-tech version of an ancient artifice: the shell game. Under the noses of the Feds, the money launderers will test their ability to claim the spoils, shuffling the Bitcoin through mixers and swappers in a complicated dance of digital cups. Time will tell whether the hackers’ legerdemain is skillful enough to elude justice.

But most of us already know how these movies tend to end.

Robert Hackett

@rhhackett

Robert.hackett@fortune.com

DECENTRALIZED NEWS

Credits

EU leaders reach agreement on coronavirus relief fund ... China's public blockchain system will interoperate with six existing public blockchains ... EARN IT and other anti-encryption bills aren't a threat to cryptocurrency ... Is cryptocurrency fintech? It depends on who you ask ... Indian insurtech Policybazaar aims for $3.5 billion valuation in IPO ... OpenAI's language tool may be the biggest thing since Bitcoin ... Ant Group's huge IPO could be good for blockchain ... Value in 'decentralized finance' blockchain systems reaches $3 billion.

Debits

Fugitive Wirecard executive Jan Marselek bought significant sums of bitcoin after fleeing Germany ... Crypto exchanges plan to share customer AML info ... Global banks scrutinize Hong Kong clients for pro-democracy ties ... YouTube creators hate not controlling their platform ... Coinbase stopped 1,000 customers from sending funds to Twitter hackers, but small 'tips' keep coming ... RBS asks staff to work from home until 2021 ... With Bitcoin volatility low, crypto traders turn to options.

FOMO NO MO'

Accepting the realities of inflation, owning foreign currencies was legalised in 1993 ... The economy started to dollarise. By some estimates, half of economic transactions were made in US dollars, similarly to current-day Venezuela. The CUC was also first issued in 1993, supposedly backed by an equal amount of US dollars in the Cuban Central Bank.

Just a glimpse of the factors that shaped Cuba's unusual dual-currency economy, from an impressively deep dive by writer Boaz Sobrado.That system includes a Cuban peso proper, and a dollar-pegged currency, the CUC, also commonly and confusingly referred to as a 'peso.' Sobrado provides both historical background for the development of the system as a tool for Cuba's economic survival, and several enlightening glimpses of how it functions in daily life for Cubans (or, largely, doesn't). Consequences include a stark divide between state-subsidized goods and better-quality imports, complex and bizarre exchange rates, and an apparently dire lack of small change in Cuban pesos.

Most dramatically, Sobrado writes that the confusion of exchange rates has served to obscure the financial weakness of some Cuban state-owned enterprises. Skepticism about the government's dollar reserves has recently put pressure on the CUC's peg, which could make the situation even worse.

 

 

THE LEDGER'S LATEST

Bitcoin Cash and Litecoin to trade on public stock market for the first time - Jeff John Roberts

Elon Musk, Kanye West and others caught in Twitter's giant Bitcoin hack - David Z. Morris

How did the Twitter hackers do it? - Robert Hackett

Why is there a coin shortage in the U.S.? - Danielle Abril

Goldman's consumer strategy is paying dividends during the pandemic - Rey Mashayekhi

Job cuts hit English crown jewel guards, for the first time in 500 years - Jeremy Kahn

Will there be more coronavirus relief aid? - Lance Lambert

Feds bust Texan for spending $1 million PPP loan on cryptocurrency - Jeff John Roberts

TIAA CEO on racism: 'I've been mistaken for a waiter' - Alan Murray and David Meyer

Can Dr. Seuss decals help digital collectibles catch on? - Jeff John Roberts

America's billionaires have a hoarding problem - Alan Davis

Challenger bank Revolut launches cryptocurrency offering through Paxos - Jeff John Roberts

Can Tokyo steal Hong Kong's crown as Asia's finance hub? - Clay Chandler and Grady McGregor

Banks that carry out Trump sanctions could violate Hong Kong security law - Eamon Barrett and Grady McGregor

Bond raises $32 million to help any company offer banking - Jeff John Roberts

MEMES AND MUMBLES

Yes, it's worth watching. But you already knew that.

This edition of The Ledger was curated by David Z. Morris. Contact him at david.morris@fortune.com.