Elliptic, the global leader in cryptoasset risk management solutions, today issued a statement on their response to the Twitter cybersecurity breach which occurred on 15th July, 2020.
- The very nature of blockchain technology on which cryptocurrency operates makes the real-time tracing of fund flows highly traceable, thereby enabling effective anti-money laundering (AML) controls to prevent the bad actors from laundering funds. In this well-coordinated and sophisticated attack on high profile Twitter accounts, the perpetrators used cryptocurrency to monetize software exploits. These very transactions are now being tracked by Elliptic crypto compliance monitoring software to the final destination of funds.
- Elliptic‘s blockchain monitoring software has detected the flow of fraudulent funds associated with the Twitter security breach in real-time, enabling customers to automatically detect and act on suspicious activity passing through their platforms.
- Elliptic has identified that the compromised Twitter accounts are requesting crypto payments to a number of addresses – primarily in Bitcoin, but also XRP. Only the bitcoin addresses have been used so far, receiving 366 Bitcoin payments. The total value of the bitcoin payments received is approximately USD 120,000.
- Approximately half of these payments originated from US-based exchanges, suggesting that around half of the victims of this scam are based in the US. The remainder of payments is fairly evenly split between Asia and Europe.
- Customers using Elliptic’s crypto transaction monitoring and crypto wallet screening tools have been notified directly that the addresses associated with the fraudulent funds have been added to our crypto monitoring tools to help them detect flows to and from these addresses. This makes it difficult for the scammers to launder funds or cash out into fiat currencies.
- This is an ongoing situation as fund flows are followed through the blockchain and Elliptic continues to add any new addresses into its crypto monitoring tools as they become evident. Elliptic customers who have enabled the “Scam” risk rule will receive immediate alerts to action and prevent further flow of funds.
- The situation is changing rapidly, although it now appears unlikely that the perpetrators of the scam will receive significant additional payments. Their challenge now is to launder these funds – with the world watching them on the blockchain.
Elliptic spokespeople are available now for media comment and broadcast interviews at [email protected].
Customers are invited to contact their Elliptic Account Manager or Customer Success representative.