More than 50% of bitcoins from Twitter hack have been sent through mixers, says Elliptic

Quick Take

  • More than 50% of bitcoins from Twitter hack have now been sent through two mixers, according to Elliptic.
  • The mixers ChipMixer and Wasabi Wallet have together received 17.18 BTC of the stolen 30.4 BTC, said Elliptic.

Blockchain analytics firm Elliptic released a new report Friday, reporting that more than 50% of bitcoins obtained during the Twitter account hack have now been sent through two mixers.

The bitcoin mixers — ChipMixer and Wasabi Wallet — have received 56.5% of the 30.4 stolen bitcoins, i.e. 17.18 bitcoins (currently worth about $192,000), according to Elliptic. The Twitter hack took place on July 15, and at the time, the bitcoins were worth about $121,000. The price of bitcoin has risen in recent days. 

Elliptic said it tracked the bitcoin through its transaction screening tool and found that the hackers have sought to launder the funds gradually. Bitcoin mixers mask the blockchain transaction trail, making it challenging to follow funds and to know where the funds are spent or cashed out.

A small percentage of the bitcoins has been spent or cashed out at exchanges, merchants and gambling services, said Elliptic.

"This took place over several transactions, and the amounts were perhaps low enough that they could be spent without providing identity information or triggering AML [anti-money laundering] checks," said Elliptic co-founder and chief scientist Tom Robinson. "Regardless, these transactions will be strong lines of enquiry for investigators."


'Phishing attack'

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

On July 30, Twitter shared an update, saying that the hack was the result of a "phone spear-phishing attack," which targeted "a small number" of employees.

"Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes," Twitter said. "This knowledge then enabled them to target additional employees who did have access to our account support tools."

Twitter said it has now "significantly" limited access to its internal tools and systems to ensure security.

Twitter went on to say that it would provide a more detailed technical report at a later date after the ongoing law enforcement investigation and its internal security updates are completed.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Yogita Khatri is a senior reporter at The Block, covering all things crypto. As one of the earliest team members, Yogita has played a pivotal role in breaking numerous stories, exclusives and scoops. With nearly 3,000 articles under her belt, Yogita holds the records as The Block's most-published and most-read author of all time. Prior to joining The Block, Yogita worked at crypto publication CoinDesk and The Economic Times, where she wrote on personal finance. To contact her, email: [email protected]. For her latest work, follow her on X @Yogita_Khatri5.