Exchanges block Twitter hacker address, but the Bitcoin keeps coming

Major US crypto exchange Coinbase has said that it stopped over 1,100 of its users from sending 30.4 Bitcoin (around $280,000) to the hacker responsible for last week’s Twitter scam, by blacklisting the scammer’s BTC address, Forbes reported.

"We noticed within about a minute of the Gemini and Binance tweets," Philip Martin, Coinbase chief information security officer, told the outlet.

Stolen Bitcoin from Twitter hack is already being laundered: report

How will the Twitter hackers cash out the Bitcoin they scammed from users following Wednesday’s epic breach? Put the coins through Bitcoin mixers to obfuscate their trail, and they’ve already started, according to crypto tracing firm Elliptic. The blockchain analytics company published a report earlier today that states it has uncovered evidence that the Twitter hackers have sent a portion of the Bitcoin they stole to an address it believes to be linked to a Wasabi wallet. Wasabi is a Bitcoin mi...

He added that just 14 Coinbase users managed to send around $3,000 worth of Bitcoin to the scammers’ address before Coinbase blacklisted it.

As Decrypt reported, the hackers hijacked the accounts of Joe Biden, Barack Obama and Elon Musk—among other well-known personalities—on July 16. The perpetrators then used the accounts to promote a common scam, in which victims send Bitcoin expecting to get twice as much back. In all, the scammer managed to net around $120,000 in BTC from unsuspecting victims.

BTC still dripping into scammers’ addresses

Although Coinbase and other exchanges moved quickly to block the scammer’s BTC address, it continues to receive small amounts of Bitcoin, worth between a few cents and just over $28, according to block explorers.

But who can still be sending money to such publicly covered—and already shut down—scam? While they could be unwary victims who are latecomers to the scam, cybersecurity firm Chainalysis reckons there’s another explanation: admirers looking to “tip” the hacker.

“We can only speculate as to why the donation addresses are continuing to receive small amounts of money,” the firm’s spokesperson told Decrypt. “One example explanation is that people often send ‘tips’ to addresses in high profile cases like this as a way of showing their approval for the stunt the actor pulled.”

These transactions also apparently have very small mining fees attached to them, thus all the latest “tips” are still unconfirmed—some even over a day after transactions were made.

However, it’s unlikely that the scammers will be able to use any of the funds sent to them—large or small—any time soon. Every crypto security firm in the world is likely watching the associated BTC addresses day and night, now.

6 times Twitter's security was breached

If the slightly wonky wording didn’t give it away, the sudden urge by some of the world’s richest people to give away free Bitcoin should have. On 15 July 2020, the Twitter accounts of high-profile individuals including Jeff Bezos, Elon Musk and Mike Bloomberg, plus corporations such as Apple and Uber, all tweeted messages with almost identical wording: “I am giving back to my community due to COVID-19. All Bitcoin sent to my address below will be sent back doubled.” It had all the hallmarks of...

“With many eyes on the stolen money, any counterparties to the perpetrators will face close scrutiny,” Chainalysis added.

That’s bad news for the hacker, since Bitcoin is, unlike some cryptocurrencies, eminently traceable. Perhaps surprisingly, the hacker even left messages alluding to this fact in the blockchain, asking “Why not Monero?” They may be wondering that themselves, now.