Share this page!

Chainalysis Profile picture
Twitter logo
Feb 25 11 tweets 5 min read
Which criminals hold the most #crypto?

We can investigate 🔎 this by analyzing the balances of criminal whales. 🐋

Let’s break down how we define criminal whales, how we analyze them, and why tracking their activity is so important.

<<🧵THREAD>>
What is a criminal whale? 🐋

We define a criminal whale as any private wallet holding $1M or more worth of #crypto that has received 10% or more of its funds from illicit addresses.

ow.ly/VbEq50HYFe4
In 2021 we identified 4,068 criminal whales holding over $25B worth of #crypto.

Criminal whales represent 3.7% of all crypto whales — that is, private wallets holding over $1M worth of crypto.
ow.ly/VbEq50HYFe4 Image
An interesting pattern emerges when we break down all criminal whales:

Most criminal whales received a small or substantial share of their total balance from illicit addresses. Here’s a breakout of that 👇 ow.ly/VbEq50HYFe4 Image
Illicit funds from criminal whales come from a variety of sources—with scams, hacks, and darknet markets dominating. ow.ly/VbEq50HYFe4 Image
Using time zones analysis to approx. locations of criminal whales, we found that UTC time zones 2, 3, & 4—which include much of Russia, including major population centers like Moscow & St. Petersburg—contain the most criminal whales. ow.ly/VbEq50HYFe4 Image
This is especially interesting in the context of Russia’s outsized role in #crypto-based crime. ow.ly/VbEq50HYFe4
The ability to efficiently track criminal whales and quantify their holdings from one public data set is a major difference between crypto-based crime & fiat-based crime. ow.ly/VbEq50HYFe4
The highest net worth criminals have murky networks of foreign banks and shell corporations to obfuscate their holdings in fiat. But in crypto, transactions are saved on the #blockchain for all to see. 👀ow.ly/VbEq50HYFe4
Investigation of criminal whales represents a significant opportunity for gov agencies worldwide to continue their string of successful seizures & bring to justice the biggest beneficiaries of crypto-based crime.
ow.ly/VbEq50HYFe4
Interested in learning more about criminal whales🐋 and other crypto-based crime? Download the 2022 Crime Report to learn more. ow.ly/4CnV50HYKAj

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chainalysis

Chainalysis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @chainalysis

Chainalysis Profile picture
Feb 25
Yesterday, the U.S. Treasury Department announced extensive sanctions against Russian businesses and elites following the country’s invasion of Ukraine. This has prompted many to ask Chainalysis how Russia may attempt to use cryptocurrency to evade sanctions.
As is true in traditional finance, some may use crypto for sanctions evasion. But the inherent transparency of blockchains combined with Chainalysis data & tools gives governments and crypto businesses the ability to identify transactions by sanctioned entities and take action.
It’s unlikely that individuals designated in yesterday’s sanctions would move large quantities of crypto now. Russian elites and financial authorities have likely been preparing for sanctions, and would have carried out those transactions slowly over the past few months.
Read 12 tweets
Chainalysis Profile picture
Feb 24
Kicking things off at #Links22 London shortly! We have an amazing lineup of speakers: @Gemini @PaulWeissLLP @BNYMellon @GoldmanSachs @FISGlobal @HMRCgovuk @PoliceChiefs @asset_reality @GrantThornton @IRSnews @ConsenSys @NCA_UK @Ledger @TheFCA

ow.ly/h6jA50HZaIH
Follow along as we report live from #Links22 London. If you haven’t already, sign up for the livestream 🎥ow.ly/h6jA50HZaIH

🧵<<THREAD>>
Thanks for your patience! We're getting started in 10 minutes. #Links22
Read 16 tweets
Chainalysis Profile picture
Oct 29, 2021
Over the last several days, we’ve seen media outlets publish faulty blockchain analysis related to the movement of funds by #DarkSide, the #ransomware group behind the Colonial Pipeline hack.
Blockchain analysis firms erroneously identified DarkSide’s movement of funds as a simple peel chain, without identifying the mixer involved. They incorrectly traced the funds to exchanges & other services based on that conclusion. bit.ly/3pSSDxU
A peel chain is a transaction pattern commonly seen in blockchain analysis, in which funds appear to move through several intermediate addresses. Peel chains occur naturally and aren’t inherently obfuscatory or evidence of money laundering. bit.ly/3pSSDxU
Read 9 tweets
Chainalysis Profile picture
Aug 3, 2021
THREAD: Based on our blockchain analysis, we can confirm reports speculating that DarkSide #ransomware group has rebranded to BlackMatter. This is part of a trend in which ransomware groups shut down & reemerge with new names, often after law enforcement actions or media scrutiny
Chainalysis was able to confirm the financial connection between DarkSide and BlackMatter in late July '21 a few days before security researchers speculated there was a connection based on similarities w/ their encryption algorithms, decryptors, and more: bleepingcomputer.com/news/security/…
Sometimes following the money can provide an early indicator about a ransomware group’s revitalized operations. In this case, financial connections were made on the blockchain before any attacks were made public on BlackMatter’s blog
therecord.media/an-interview-w…
Read 5 tweets
Chainalysis Profile picture
Jan 14, 2021
THREAD: Here's a quick summary of our blog on on the Bitcoin donation made in December to alt-right groups and figures involved in last week's violence at the Capitol.
Alt-right personality Nick Fuentes, who was pictured outside the Capitol but denies entering, was by far the biggest beneficiary of the donation, receiving roughly $250K. bit.ly/38J9quj
Other far right figures who received Bitcoin in the donation include Patrick Casey, Vincent Reynouard, and Ethan Ralph, as well as platforms and websites like the Daily Stormer, VDARE, and Gab. bit.ly/38J9quj
Read 6 tweets
Chainalysis Profile picture
Dec 22, 2020
THREAD: We published a response to Treasury's proposed rule re: unhosted wallets, analyzing data behind their use, what the industry would have to do to comply & offering thoughts on how the rule could better achieve its purpose to curtail illicit activity bit.ly/3mHLYS2
First, three clear trends from our blockchain data suggest unhosted wallets are primarily used by individuals and organizations to either store their cryptocurrency for investment purposes, or move it between regulated trading venues.
Our first chart shows the vast majority of bitcoin sent between unhosted wallets is sourced from Virtual Asset Service Providers (VASPs), primarily exchanges:
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @chainalysis has new unrolls!

Check out other threads from @chainalysis!

Read all threads by @chainalysis

:(