An unnamed bitcoin user has reportedly hacked hundreds of wallets allegedly managed by a Russian security service, stealing coins and transferring them to addresses belonging to Ukrainian volunteers engaged in the war. Sent.
According to now deleted information report On-chain data analytics firm Chainalysis said that between February 12, 2022 and March 14, 2022, an unknown user accessed nearly 1,000 Bitcoin (BTC) addresses claiming to belong to a Russian security service. I am reporting.
According to Chainalysis, the hackers used a feature of the Bitcoin network called OP_RETURN. In addition to flagging on-chain transactions as incorrect, this is a feature that can also be used to persist text, allowing users to broadcast messages and record them permanently and immutably.
The OP_RETURN function marks the transaction as void and burns the BTC contained in the transaction. Chainalysis reports that an unidentified user destroyed approximately $300,000 worth of her BTC by leveraging his OP_RETURN function to void previously executed transactions.
Initially, the hackers intended only to burn coins stolen from Russian security services. However, after Russia invaded Ukraine, he apparently changed his tactics and started channeling funds to pro-Ukrainian groups engaged in the war.
Three hacked wallets linked to Russia
Users also allegedly sent messages in Russian to coin owners, accusing them of using the same address to make payments to hackers.
Security experts strongly believe that Russian intelligence agencies regularly use hackers to carry out various missions. However, these rumors have not been confirmed.
Chainalysis also pointed out that at least three wallets have already established connections with Russia.Reportedly, the Russian disinformation Manipulation during the 2016 US presidential election. while his other two solar winds attack.
The data analytics firm claimed that the attackers hacked the wallet and did not necessarily take control of it. Instead, the “attack” could have been an inside job. Therefore, the person who hijacked the coin could have been a former or current employee of a Russian intelligence agency.
Additionally, the possibility that hackers obtained private keys belonging to Russian-controlled addresses raises concerns about the health of the country’s cryptographic operations.
Chainalysis suggested that the hackers’ actions not only prevented Russian intelligence from accessing those coins, but also made it more difficult to reuse the same addresses in future operations.