Key points to remember
- Hackers found a way to tag 986 BTC wallets allegedly connected to Russian state intelligence agencies
- The vigilante took control of some of the private keys to these wallets and donated these funds to Ukrainian aid organizations
- Three 986 wallets are confirmed to be linked to the Russian Foreign Military Intelligence Agency (GRU) and the Foreign Intelligence Service (SVR)
Share this article
Hackers revealed that 986 unique BTC wallets were allegedly used by Russian state intelligence groups, in the midst of complicated relationship between crypto and the Russian government.
A recently deleted Chainalysis report from April 26 revealed that by using blockchain functionality OP_RETURN, which allows senders to attach messages about transactions, Bitcoiners could trace “more aggressive use of BTC” by Russian state intelligence groups. Nearly 1,000 wallets were linked to the Russian Foreign Military Intelligence Agency (GRU), the Federal Security Service (FSB) and the Foreign Intelligence Service (SVR).
The OP_RETURN feature, according at the Bitcoin Wiki, allows a user to cancel the transaction and “has sometimes been used to convey additional information needed to send transactionswhich means that burnt transactions can also broadcast and keep added messages on the blockchain indefinitely. The so-called “OP_RETURN vigilante” burned over $300,000 in BTC to send messages via BTC transactions to these addresses between February 14, 2022 and March 14, 2022, setting the start of the Russian invasion of Ukraine in the middle of the informant quest.
The transactions included the following four texts in Russian:
- “GRU to SVR. Used for hacking!
- “GRU to GRU. Used for hacking!
- “From the GRU to the FSB. Used for hacking!
- “Help Ukraine with money from GRU Khakir”
In addition, the vigilante is suspected of having had access to the private keys of these wallets marked with the four messages above, because the vigilante returned in April 2022 to send money from these wallets to Ukrainian help addresses .
“The possibility that sender OP_RETURN has acquired private keys for Russian-controlled addresses also suggests that the Putin regime’s encryption operations are insecure,” Chainalysis reported.
At least three of those wallet addresses are confirmed to belong to Russian agencies, according to the report. The …ytPm and …2uPf wallets are owned by SVR, cybersecurity firm HYAS confirmed in a now-archived post. The wallet…4hDH is owned by the GRU, which was confirmed by the wallet’s connection to DCLeaks.com which had been spreading misinformation about US politicians ahead of the 2016 US presidential election.
While Russian government agencies have yet to respond to the validity of the above claims, blockchain sleuths and hackers have found a way to hypothesize how Russia has used crypto to its advantage in its war against Ukraine.
“These OP_RETURN messages will be there forever – no government or company can delete them,” the Chainalysis report reads, highlighting how government officials can struggle to grasp the basics of blockchain technology.
Crypto’s relationship with Ukraine and Russia
Ukraine has fully embraced the use of crypto since the start of the war as an easy way for people to donate to Ukrainian war efforts. The Ukrainian government managed to raise $600,000 in donations within days and over $70 million a few weeks after the war, with notable names such as Vitalk Buterin, the Canadian-Russian Ethereum chief, tweeting in favor of Ukraine.
Reminder: Ethereum is neutral, but I am not.
— vitalik.eth (@VitalikButerin) February 24, 2022
Across the border, the Russian government has been uncertain about adopting crypto. In July 2022, Russian President Vladimir Putin signed into law a crypto ban on payment for goods and services. Meanwhile, the Russian Duma has expressed interest in develop a digital ruble CBDC for 2023 to be used only for specified goods and services.
