1. Home
  2. Elliptic

Elliptic

Moody’s, Elliptic join forces for enhanced VASP risk screening

The companies will combine their strengths to provide enhanced virtual asset service providers screening ability.

The Moody’s financial research and ratings firm has teamed up with blockchain analytics and compliance specialists Elliptic to provide more insightful screening of virtual asset service providers (VASPs). According to the companies, the collaboration will leverage offchain and onchain data in a single interface. 

The new service will take input such as digital asset transaction histories, financial records and regulatory databases to create a “comprehensive overview” of VASPs.

Elliptic has profiles of over 1,000 VASPs and uses real-time onchain data and proprietary technology to screen digital asset transactions for exposure to illicit activities. Moody’s offchain data includes over 21 million risk profiles, 489 million entities and 51,000 sanctioned entities, it claims. It uses the data to produce Anti-Money Laundering (AML) and Know Your Customer solutions for its clients.

Read more

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Wall Street Journal corrects article misciting Hamas’ crypto terrorism funding data

Elliptic, the firm which Wall Street Journal sourced the data from, said it was “pleased” to see the news outlet acknowledge its mistakes.

The Wall Street Journal (WSJ) has partially corrected an article whic mischaracterized the extent to which Hamas and other militant groups have been funding its terrorism activities with cryptocurrencies.

The Oct. 10 article — titled “Hamas Militants Behind Israel Attack Raised Millions in Crypto” — cited blockchain forensics firm Elliptic to say Palestinian Islamic Jihad (PIJ), a terrorist organization operating on the Gaza Strip, raised as much as $93 million between August 2021 and June 2023.

In the cited report, Elliptic said Israel’s counter-terrorism unit seized PIJ-linked wallets which received $93 million from over that timeframe. However, Elliptic made it clear that this in no way meant that PIJ raised these funds to finance its terrorism activities.

Research from blockchain forensics firm Chainalysis suggests only $450,000 of these funds were sent to a known terrorism-affiliated wallet.

In WSJ’s correction, it stated PIJ and Lebanese political party Hezbollah “may have exchanged” up to $12 million in cryptocurrency — far less than its initial $93 million figure.

“Palestinian Islamic Jihad and Hezbollah may have exchanged up to $12 million in crypto since 2021, according to crypto-research firm Elliptic. An earlier version of this article incorrectly said PIJ had sent more than $12 million in crypto to Hezbollah since 2021,” WSJ said.

WSJ said it updated other parts of the article to include “additional context” about Elliptic’s research.

Corrections made by the WSJ’s Oct. 10 article. Source: WSJ

WSJ’s retraction follows an Oct. 25 statement by Elliptic which called on WSJ to correct its misinterpretation of the data. Elliptic added that cryptocurrency funding by Hamas remains “tiny” relative to other funding sources.

On Oct. 27, Elliptic was “pleased” to see WSJ acknowledge its mistakes but said it would've liked to see WSJ be more specific about its corrections.

Related: Elizabeth Warren uses Hamas as her newest scapegoat in war on crypto

Coinbase's chief legal officer Paul Grewal also noted that WSJ's opening paragraph is still framed as though cryptocurrency was the primary funding source behind Hamas' Oct. 7 attack on Israel.

"This is barely a correction," he added.

Nic Carter, partner of Castle Island Ventures and others are now calling on United States Senator Elizabeth Warren to retract a related letter backed by over 100 U.S. lawmakers written to the White House on Oct. 17.

The letter cited WSJ’s misinterpreted data from Elliptic in an attempt to argue that cryptocurrency poses a “national security threat” to the U.S. and that Congress and the Biden administration should act swiftly before cryptocurrencies are used to finance another “tragedy.”

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Blockchain Analysis Firm Elliptic Says There Is ‘No Evidence’ Hamas Has Raised Significant Crypto Donations

Blockchain Analysis Firm Elliptic Says There Is ‘No Evidence’ Hamas Has Raised Significant Crypto Donations

A blockchain analysis firm that specializes in preventing crypto crimes is refuting claims that the Palestinian militant group Hamas raised millions worth of donations from digital asset fundraising campaigns. In a statement, Elliptic says there is no data to back up portrayals of crypto as a significant source of funding for Hamas and other terrorist […]

The post Blockchain Analysis Firm Elliptic Says There Is ‘No Evidence’ Hamas Has Raised Significant Crypto Donations appeared first on The Daily Hodl.

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

$7,000,000,000 in Illicit or High-Risk Funds Laundered Through Cross-Chain Protocols: Crypto Analytics Firm

,000,000,000 in Illicit or High-Risk Funds Laundered Through Cross-Chain Protocols: Crypto Analytics Firm

Blockchain research firm Elliptic says the amount of funds laundered through cross-chain and cross-asset services reached a ten-figure sum in July this year. In a new press release, Elliptic says that cross-chain crime is exceeding expectations after hitting the $7 billion level a couple of months ago, higher than the previously projected $6.5 billion figure […]

The post $7,000,000,000 in Illicit or High-Risk Funds Laundered Through Cross-Chain Protocols: Crypto Analytics Firm appeared first on The Daily Hodl.

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Criminals more reliant on cross-chain bridges than ever after mixer crackdowns

The sanction of cryptocurrency mixer Tornado Cash in August caused the first major shift, but that is now accelerating even faster than projected.

Cybercriminals have accelerated their shift away from crypto mixers for cross-chain bridges over the past year, according to blockchain forensics firm Elliptic.

In June and July, nearly all of the crypto stolen was laundered through cross-chain bridges, Elliptic’s data shows a complete reversal from the first half of 2022.

In a Sept. 18 blog post, Elliptic explained the cross-chain crime trend is due to the “crime displacement” effect — where criminals move to a new method to carry out the illicit activity when the existing method gets over-policed. However, the shift to cross-chain bridges is rising ahead of their projections. 

Proportion of funds laundered between cryptocurrency mixers and cross-chain bridges between January 2022 and July 2023. Source: Elliptic.

Between July and September 2022, the ratio of laundered funds passing through mixers vs. cross-chain bridges flipped, corresponding to the U.S. Office of Foreign Asset Control’s sanctioning of Tornado Cash in August 2022, said the firm.

Elliptic said many cybercriminals, like the North Korean-backed Lazarus Group, flocked to the Avalanche bridge after the sanctions.

This same bridge was reportedly used recently by the Lazarus Group to facilitate some of the stolen funds in Stake’s $41 million exploit on Sept. 4, according to blockchain security firm CertiK.

Crypto mixers saw a small comeback between November 2022 and January 2023, due to the shutdown of RenBridge — which closed in December after its financer, Alameda Research collapsed from FTX’s bankruptcy.

Elliptic estimates that RenBridge facilitated $500 million in laundered funds throughout its operation.

However, shortly after, criminals have moved back to cross-chain bridges again, even more than before.

Related: 3 steps crypto investors can take to avoid hacks by the Lazarus Group

Elliptic said that criminals may be preferring cross-chain bridges as it is difficult for blockchain forensic firms to track illicit activity across chains in a scalable manner.

“Criminals are aware that legacy blockchain analytics solutions do not have the means to trace illicit blockchain activity across blockchains or tokens in a programmatic or scalable manner.”

In addition, many of these stolen tokens are only exchangeable through cross-chain bridges, while most of these DeFi services do not require identity verification to use, Elliptic explained.

The firm estimates that $4 billion in illicit or high-risk cryptocurrencies have been laundered through cross-chain bridges since 2020.

Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Bitcoin no longer asset of choice for criminals – former Elliptic crypto advisor

Criminals have moved away from using Bitcoin for money laundering, with stablecoins emerging as an alternative due to accessibility.

Crime in Web3 is shifting away from Bitcoin (BTC) to stablecoins while ponzi schemes remain prevalent, according to Elliptic’s former head of technical crypto advisory.

Tara Annison shared the latest insights from the murky world of cryptocurrency-related crime during a presentation on the final day of EthCC in Paris, addressing a wide variety of ways in which digitals assets are either facilitating crime or being used to launder funds.

According to Annison, Bitcoin is no longer the cryptocurrency of choice to carry out illicit activities or launder money. As the cryptocurrency industry has matured, the establishment of decentralized finance (DeFi) protocols, mixing services and stablecoins present new avenues for criminals to explore.

Source: Tara Annison.

Criminals have shifted towards using dollar-denominated assets, like USD Coin (USDC), as their easy accessibility and ability to be laundered through decentralized exchanges (DEXs).

“The criminals use that as a target point. It's also super easy to launder through Dex's. There's deep liquidity, really good volume, so that's pretty worrying.”

Annison highlighted a potential silver lining from a law enforcement perspective, noting that centralized issuers like Circle could freeze specific USDC tokens before criminals are able to “off ramp out of the asset” into fiat through DEXs or centralized exchanges.

“What we're seeing now is an increased number of accounts with USDC and USDC being blacklisted, and these are frozen funds that the criminals now can't access.”

Ponzi and pyramid schemes remain a feature of the sector, with Annison noting that $7.8 billion were stolen from unwitting victims of these types of scams.

Related: How the IRS seized $10B worth of crypto using blockchain analytics

Criminals are finding more sophisticated ways to launder funds. Annison said chain swapping and asset swapping is prevalent as criminals try to hide illicit activity.

“We've seen that to the tune of about $4.1 billion. So they hop across using a dex. They use a coin swap service, they use a mixer, they use a bridge, all basically to try and throw blockchain analytics firms off the trail.”

Annison said that $1.2 billion stolen from DEXs eventually ends up on centralized exchanges. In comparison to previous years, scams in the sector are down 46%. The reason, according to Annison, is the ongoing bear market which has inevitably made the sector less appealing for cybercriminals.

“They're less hyped up, the prices are lower, so it's not as profitable for criminals. So at least next time we're in a bear market. Do bear in mind that the scams are at least down.”

Annison also touched in the increasing use of cryptocurrencies to evade sanctions and finance terrorist activities, highlighting TRON and USDT as popular assets for illicit use.

The advent of metaverse experiences has also seen the space attract nefarious actors. Various crimes are also emerging in virtual worlds, including phishing attacks, NFT theft, wallet tainting, and augmented reality hacks.

Annison’s presentation highlighted the reality of criminal activity in the sector, which will demand increased vigilance and security measures to protect users and combat illicit activities.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Atomic Wallet hackers turn to OFAC-sanctioned Garantex: Elliptic

Stolen loot crypto from Atomic wallets has started passing through sanctioned Russian-based exchange Garantex, according to Elliptic.

Illicit funds gained from the $35 million Atomic Wallet hack are on the move again, with sanctioned Russian-based crypto exchange Garantex reportedly becoming the latest to come in contact with the hacked crypto. 

On June 13, blockchain security and compliance firm Elliptic updated the situation regarding the stolen Atomic Wallet funds. It alleges that the North Korean hacking collective, the Lazarus Group — which is believes is behind the attack — has used sanctioned Russian-based crypto exchange Garantex to launder the loot.

In a Twitter post, the firm said there had been a significant and successful cross-community effort between Elliptic and many exchange partners to freeze the stolen crypto. However, Lazarus has now found other means to trade their assets for Bitcoin (BTC).

The U.S. Office of Foreign Assets Control (OFAC) sanctioned Garantex and the Russian Hydra dark web marketplace in April 2022.

Garantex was founded in late 2019 and originally registered in Estonia before moving the majority of its operations to Moscow, the Treasury Department noted at the time.

“Analysis of known Garantex transactions shows that over $100 million in transactions are associated with illicit actors and darknet markets,” it added.

Earlier this month, Cointelegraph reported that the ill-gotten gains were being channeled through the Sinbad.io mixer, a service frequently used by the Lazarus Group.

Elliptic added that the funds withdrawn from Garantex by the hackers continue to be obfuscated through the Sinbad.io mixer.

The Treasury Department also sanctioned Blender.io (the former iteration of Sinbad.io) in May 2022, warning that the service was being used by North Korea to “support its malicious cyber activities and money-laundering of stolen virtual currency.”

Related: OFAC sanctions OTC traders who converted crypto for North Korea’s Lazarus group

On June 3, a number of Atomic Wallet user accounts were compromised, resulting in losses of up to $35 million in digital assets.

Five days later, Atomic stated that it had engaged blockchain security and analyst company Chainalysis as the leading incident investigator. Cointelegraph reached out to Chainalysis for an update on the investigation but a spokesperson said they couldn’t comment on the Atomic Wallet case.

The notorious North Korean hacking collective has been linked to several major crypto exploits in the past year, including the Harmony Bridge hack and the Ronin Bridge hack.

Magazine: Huawei NFTs, Toyota’s hackathon, North Korea vs. Blockchain: Asia Express

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Japan leads world in losses from North Korean crypto hacking with 30% of total: Report

An Elliptic report commissioned by Nikkei says Asian countries account for over 60% of losses to North Korean hackers and ransomware users; lax security played a role.

Japan is the biggest loser of cryptocurrency to North Korean hackers, according to a study by blockchain analytics firm Elliptic. Asian countries make up three of the four top targets for the so-called Hermit Kingdom’s hackers, Elliptic found.

The study, commissioned and reported on by Japanese financial publication Nikkei, looked at losses of cryptocurrency from cyberattacks originating in North Korea from 2017 through 2022. The study took into account both hacking and ransomware attacks. It described the attacks as a “national strategy.”

Related: Binance to reenter Japan via acquired regulated exchange SEBC

Japan suffered losses of $721 million in those attacks, which was 30% of the world total of over $2.3 billion, Elliptic found, based on an estimate of $640 million of crypto lost in 2022. According to the United Nations, North Korean crypto theft reached a new high in 2022. Nikkei said:

“According to the Japan External Trade Organization, the $721 million stolen from Japan is 8.8 times greater than the value of North Korea’s exports in 2021.”

Vietnam was the second-most attacked country, according to the report, losing $540 million in that time span. The United States was third with $497 million in losses, and Hong Kong trailed in fourth place with losses of $281 million.

Elliptic pointed to lax security in Japanese and Vietnamese cryptocurrency markets as the rationale for the hackers’ targeting. Nikkei cites an unnamed source as saying at least three Japanese crypto exchanges have been broken into between 2018 and 2021.

North Korea’s Lazarus Group has been behind some of the biggest heists in crypto, such as the Ronin Bridge exploit and the Harmony Bridge hack. North Koreans have also been alleged to steal nonfungible tokens and to launder their stolen funds through decentralized finance services and crypto mixers.

Magazine: Why Animism Gives Japanese Characters a NiFTy Head Start on the Blockchain

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Ukraine Raises More Crypto Than Russia in Year of War, Analysis Unveils

Ukraine Raises More Crypto Than Russia in Year of War, Analysis UnveilsThe two sides in the bitter conflict in Ukraine have been relying on crypto assets and technology to support their military and humanitarian activities, Elliptic says in a report. According to the blockchain forensics company, the targeted nation has attracted more digital asset donations than the invading power. Ukraine Supporters Sent Over $212 Million in […]

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours

Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers

The North Korean-based hacker outfit Lazarus Group resorted to different privacy mixers attempting to anonymize the stolen funds, but it didn’t work.

Cryptocurrency exchanges Binance and Huobi have again frozen accounts linked to the $100 million Harmony Horizon bridge attack on Jun. 24, 2022. 

Around $1.4 million worth of crypto frozen by the trading platforms came from accounts linked to the notorious Lazarus Group operating out of North Korea.

The investigation was carried out by blockchain analytics firm Elliptic, according to a report shared by the firm on Feb. 14. However, the firm didn’t state what coins or tokens were frozen.

Elliptic explained it passed on the intelligence to Binance and Houbi who then acted promptly to freeze the Lazarus Group-linked accounts:

“The stolen funds remained dormant until recently, when our investigators began to see them funneled through complex chains of transactions, to exchanges. By promptly notifying these platforms about these illicit deposits, they were able to suspend these accounts and freeze funds.”

Since the Harmony exploit, it has been well documented that Lazarus Group resorted to the now United States OFAC-sanctioned privacy mixer Tornado Cash in an attempt to break the transaction trail back to the original theft.

While this supposedly makes it easier to cash out funds at an exchange, Elliptic investigators were able to trace the entirety of the stolen funds sent through the mixer in this case, the report stated.

Elliptic CEO Simone Maini suggested the events showed the industry was taking on the responsibility to prevent money laundering and stop crypto from becoming a “haven” for illicit activity:

“Today, money laundering was detected and stolen funds linked to North Korea were frozen, in real time. As an industry we have the power and responsibility to prevent digital assets becoming a haven for money launderers and sanctions evaders, and ensure that they are a force for good.”

The Harmony bridge attack was also attributed to the Lazarus Group by the United States Federal Bureau of Investigation (FBI) on Jan. 24.

This isn’t the first time Binance and Huobi have cooperated together on the matter.

The two platforms managed to freeze and recover 121 Bitcoin (BTC), worth $2.5 million at the time, linked to the Harmony attack on Jan. 16.

Related: Illicit cross-chain transfers expected to grow to $10B: Here’s how to prevent them

The recovery was, however, only a fraction of the $63.5 million laundered over that weekend, according to crypto sleuth ZachXBT, which he claims was funneled through Ethereum-based privacy protocol RAILGUN before being sent off to three different exchanges:

Recent efforts from Elliptic last week also found that Lazarus Group has laundered about $100 million in Bitcoin through “Sinbad,” which they claim to be a re-launch of the now OFAC-sanctioned privacy mixer Blender.

Lazarus Group is believed to have stolen well over $2 billion in crypto since it shifted its focus to the industry in 2017 according to estimates from Elliptic.

Lightchain AI Zooms Past Presale Stage 7, Raising $1.1M in 72 Hours