Very precisely $ 117,216.37. This is, in the minds of the general public, the booty recovered by the cybercriminal (s) behind the massive hacking of Twitter, Wednesday June 15. Enough to take it easy for a while, provided you escape the FBI, which launched an investigation on Thursday into this unprecedented attack.

But the reality is more complex. For now, this money remains virtual and highly toxic for those who embezzled it. There are currently only bitcoins in hundreds of dematerialized wallets.

Tracked loot

Originally, the victims of the scam sent bitcoins to the criminal (s) who had taken control of accounts of famous personalities on Twitter, such as Elon Musk, Joe Biden or Barack Obama. This cryptocurrency was transferred to a first virtual wallet which instantly became the main focus of the authorities.

Because, contrary to popular belief, bitcoin transactions are not opaque. "We are talking about a pseudo-anonymous system", underlines Nathalie Janson, economist and specialist in cryptocurrencies at the management school Neoma Business School, contacted by France 24. All movements of cryptocapital are indeed recorded and validated in the blockchain , which is a huge public and transparent register of activity around bitcoins.

In other words, it's easy to track the movements of this loot. To further complicate the task of investigators, the cybercriminal (s) quickly divided this gem into a multitude of bitcoin fractions divided into several hundred new dematerialized wallets. Binance and Coinbase, two of the main cryptocurrency exchange platforms, have ended up blocking this flow of transactions, but there are currently only $ 80 left in the original wallet.

However, this wallet forest is not an insurmountable obstacle for investigators. Most countries "have developed automated tools to track suspicious transactions on the blockchain," said Sébastien Gest, cybersecurity expert for Vade Secure, a French company specializing in securing Internet messaging, contacted by France 24.

The problem for the author (s) of this scam will arise when they try to transform bitcoins into hard cash. The easiest way to do this is to go through exchange platforms - such as Binance, Coinbase or Kraken - which, for the most part, "require a certified account, which means that you have to provide your passport, validate your address and specify in which country you pay your taxes, ”explains Sébastien Gest. Impossible then to escape the vigilance of the authorities who will only have to ask the persons responsible for the platforms for the identity of the users who hide behind the account associated with the wallets they monitor.

Go through more opaque cryptocurrencies?

"There are platforms that do not do these checks, but it is not certain that these sites can exchange bitcoins for euros or dollars", notes Nathalie Janson. In order to have access to foreign currency reserves, exchange platforms must indeed show their feet in complying with the various anti-money laundering measures that have been adopted over the years by the international community. And identity verification is one of those obligations.

"As long as the loot of these criminals is in bitcoin, they can not do much," confirms Sébastien Gest. But it's not the only cryptocurrency on the market, and some, like Monero and Zcash, promise a much higher level of opacity. Their blockchain does not, in theory, allow tracking transactions.

So the $ 117,000 in bitcoins should first be transformed into another less transparent cryptocurrency - via an exchange platform that has nothing to do with identity checks - and then this gem will be again divided into a large number of other virtual wallets so that everything disappears from the radars of the investigators.

And again, researchers from several prestigious American universities, such as Princeton and the Massachusetts Institute of Technology (MIT), have discovered that the promises of anonymity of these cryptocurrencies are, probably, oversold.

It takes a lot of effort and risk-taking to be able to take advantage of those famous 117,000 dollars. "Considering the meager loot compared to the scale of the hacking of Twitter and the difficulties that the criminals will have to recover the money, it is all the same a surprising attack", concludes Sébastien Gest. What adds water to the mill of those who think that the lure of gain was perhaps not the main ambition of this operation.

The France 24 week summary invites you to come back to the news that marked the week

I subscribe

Take international news everywhere with you! Download the France 24 app

google-play-badge_FR