This paper presents a case study of a cryptocurrency scam that utilized coordinated and inauthentic behavior on Twitter. In 2020, 143 accounts sold by an underground merchant were used to orchestrate a fake giveaway. Tweets pointing to a fake blog post lured victims into sending Uniswap tokens (UNI) to designated addresses on the Ethereum blockchain, with the false promise of receiving more tokens in return. Using one of the scammer's addresses and leveraging the transparency and immutability of the Ethereum blockchain, we traced the flow of stolen funds through various addresses, revealing the tactics adopted to obfuscate traceability. The final destination of the funds consisted in two deposit addresses belonging to a popular cryptocurrency exchange, where they were presumably cashed out. Our evaluation of the total volume of deposits to such addresses is concerning, amounting to over $270 million worth of cryptocurrency. These findings highlight the need for more robust measures to verify the source of funds and prevent illicit activities.

From Tweet to Theft: Tracing the Flow of Stolen Cryptocurrency

G Cola;M Mazza;M Tesconi
2023

Abstract

This paper presents a case study of a cryptocurrency scam that utilized coordinated and inauthentic behavior on Twitter. In 2020, 143 accounts sold by an underground merchant were used to orchestrate a fake giveaway. Tweets pointing to a fake blog post lured victims into sending Uniswap tokens (UNI) to designated addresses on the Ethereum blockchain, with the false promise of receiving more tokens in return. Using one of the scammer's addresses and leveraging the transparency and immutability of the Ethereum blockchain, we traced the flow of stolen funds through various addresses, revealing the tactics adopted to obfuscate traceability. The final destination of the funds consisted in two deposit addresses belonging to a popular cryptocurrency exchange, where they were presumably cashed out. Our evaluation of the total volume of deposits to such addresses is concerning, amounting to over $270 million worth of cryptocurrency. These findings highlight the need for more robust measures to verify the source of funds and prevent illicit activities.
2023
Istituto di informatica e telematica - IIT
Blockchain investigation
cryptocurrency scam
Ethereum
fake giveaway
social media
Uniswap
File in questo prodotto:
File Dimensione Formato  
prod_489740-doc_203958.pdf

accesso aperto

Descrizione: From Tweet to Theft: Tracing the Flow of Stolen Cryptocurrency
Tipologia: Versione Editoriale (PDF)
Licenza: Creative commons
Dimensione 1.89 MB
Formato Adobe PDF
1.89 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/451616
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact