Key Takeaways
- Hackers found a way to mark 986 BTC wallets allegedly connected to Russian state intelligence agencies
- The vigilante managed to control some of the private keys of these wallets and donated the funds to aid organizations in Ukraine.
- Three wallets out of 986 have been confirmed to be linked to the Russian Foreign Military Intelligence Agency (GRU) and Foreign Intelligence Service (SVR)
Share this article
Hackers reveal 986 unique BTC wallets allegedly used by Russian state intelligence groups, in the midst of complex relationships between crypto and the Russian government.
A recently deleted Chainalysis report from April 26 Revelation that by using the blockchain feature OP_RETURN, which allows senders to include messages in transactions, Bitcoiners can track the more “aggressive use of BTC” by Russian State intelligence groups. Almost 1000 wallets are linked to Russia’s Foreign Military Intelligence Agency (GRU), Federal Security Service (FSB), and Foreign Intelligence Service (SVR).
The OP_RETURN part, ACCORDING to Bitcoin Wiki, allows a user to cancel a transaction and “sometimes used to express additional information needed to send transactions,” which means that burned transactions can also broadcast and continue further messages on the blockchain indefinitely. The so-called “OP_RETURN vigilante” burned over $300,000 in BTC to send messages through BTC that transactions to these addresses between February 14, 2022 and March 14, 2022—puts the start of Russia’s invasion of Ukraine right in the middle of the informant hunt.
The transactions include the following four texts in Russian:
- “GRU to SVR. Used for hacking!”
- “GRU to GRU. Used for hacking!”
- “GRU of the FSB. Used for hacking!”
- “Help Ukraine with money from GRU Khakir”
In addition, the vigilante is suspected of gaining access to the private keys of these wallets marked above in the four messages because the vigilante returned in April 2022 to send money from these wallets to aid addresses in Ukraine.
“The possibility that the sender of OP_RETURN obtained private keys for Russian-controlled addresses also suggests that the Putin regime’s crypto operations are not secure,” Chainalysis reported.
At least three of the wallet addresses were confirmed to be owned by Russian agencies, according to the report. The wallets …ytPm and …2uPf are owned by SVR, cybersecurity firm HYAS confirmed in an archived post. The wallet …4hDH is owned by the GRU, as confirmed by the wallet’s connection to DCLeaks.com which spread disinformation about US politicians leading up to the 2016 US presidential election.
While Russian government agencies have yet to address the validity of the above claims, block sleuths and hackers have found a way to figure out how Russia is using crypto to its advantage in its war against in Ukraine.
“Those OP_RETURN messages will be there forever – no government or corporation can delete them,” the Chainalysis report reads, highlighting how government officials have trouble grasping the basic principles of blockchain technology. .
Crypto’s relationship with Ukraine and Russia
Ukraine has fully embrace the use of crypto since the beginning of the war as an easy way for people to donate to the war effort in Ukraine. The Ukrainian government managed to collect $600,000 in donations in a few days and more than $70 million within a few weeks of the war, with famous names like Vitalk Buterin, the Canadian-Russian head of Ethereum, tweeting in support of Ukraine.
Note: Ethereum is neutral, but I am not.
— vitalik.eth (@VitalikButerin) February 24, 2022
Beyond the border, the Russian government is uncertain about crypto adoption. In July 2022, the President of Russia Vladimir Putin signed into law a crypto ban on paying for goods and services. Meanwhile, the Russian Duma expressed interest in development of a digital ruble CBDC for 2023 to be used only for specific goods and services.
