Chainalysis Profile picture
Feb 25 12 tweets 4 min read
Yesterday, the U.S. Treasury Department announced extensive sanctions against Russian businesses and elites following the country’s invasion of Ukraine. This has prompted many to ask Chainalysis how Russia may attempt to use cryptocurrency to evade sanctions.
As is true in traditional finance, some may use crypto for sanctions evasion. But the inherent transparency of blockchains combined with Chainalysis data & tools gives governments and crypto businesses the ability to identify transactions by sanctioned entities and take action.
It’s unlikely that individuals designated in yesterday’s sanctions would move large quantities of crypto now. Russian elites and financial authorities have likely been preparing for sanctions, and would have carried out those transactions slowly over the past few months.
Chainalysis is monitoring for on-chain indicators of crypto-based sanctions evasion by Russian actors. We will alert our partners in government of any relevant activity and provide public updates where possible. So far, on-chain tx vols across the region are stable.
However, exchange order book data reveals one interesting trend. Over the last few days, there’s been a large uptick in transaction volumes for trading pairs involving the Russian ruble and Ukrainian hryvnia (credit @KaikoData).
Between 2/19 and 2/24, ruble trade pairs’ daily tx volumes have grown 8.6x to $124M USD, while hryvnia volumes have grown 8.2x to $42M. Note: This dataset includes five large exchanges for which @KaikoData offers ruble and hryvnia trade pair data.
While it’s possible the tx volume represents illicit actors converting funds into cryptocurrency, it could also be driven by individuals in both countries reacting to the recent devaluation of the ruble and hryvnia and attempting to preserve their savings.
Cryptocurrency adoption and literacy are high in both Ukraine and Russia, as they rank 4th and 18th respectively on Chainalysis’ Global Crypto Adoption Index. We therefore might expect to see citizens turn to crypto in the face of currency devaluation. bit.ly/2XEUHO3
We’ll also be monitoring the cryptocurrency activity of Russian cybercriminal groups. Already, the prolific ransomware gang #Conti has voiced its intent to support Russia in its war efforts and carry out cyberattacks on enemy states.
This wouldn’t be a surprising development. In addition to accounting for the majority of ransomware activity, cybercriminal groups allied with the Russian government launched attacks against the Ukrainian government in the weeks leading up to the invasion. bit.ly/3hjK61C
Overall though, we’re optimistic that the cryptocurrency industry can counter attempts by Russian actors to evade sanctions with crypto. Compliance pros have already proven effective in this regard, as we see from the effects of sanctions on Russian crypto businesses like Suex.
Follow us for more updates on cryptocurrency activity related to Russia’s invasion of Ukraine. You can also download our 2022 Crypto Crime Report for more research on Russian cybercrime, including trends in ransomware and money laundering. bit.ly/3JxuW52

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chainalysis

Chainalysis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @chainalysis

Feb 25
Which criminals hold the most #crypto?

We can investigate 🔎 this by analyzing the balances of criminal whales. 🐋

Let’s break down how we define criminal whales, how we analyze them, and why tracking their activity is so important.

<<🧵THREAD>>
What is a criminal whale? 🐋

We define a criminal whale as any private wallet holding $1M or more worth of #crypto that has received 10% or more of its funds from illicit addresses.

ow.ly/VbEq50HYFe4
In 2021 we identified 4,068 criminal whales holding over $25B worth of #crypto.

Criminal whales represent 3.7% of all crypto whales — that is, private wallets holding over $1M worth of crypto.
ow.ly/VbEq50HYFe4 Image
Read 11 tweets
Feb 24
Follow along as we report live from #Links22 London. If you haven’t already, sign up for the livestream 🎥ow.ly/h6jA50HZaIH

🧵<<THREAD>>
Thanks for your patience! We're getting started in 10 minutes. #Links22
Read 16 tweets
Oct 29, 2021
Over the last several days, we’ve seen media outlets publish faulty blockchain analysis related to the movement of funds by #DarkSide, the #ransomware group behind the Colonial Pipeline hack.
Blockchain analysis firms erroneously identified DarkSide’s movement of funds as a simple peel chain, without identifying the mixer involved. They incorrectly traced the funds to exchanges & other services based on that conclusion. bit.ly/3pSSDxU
A peel chain is a transaction pattern commonly seen in blockchain analysis, in which funds appear to move through several intermediate addresses. Peel chains occur naturally and aren’t inherently obfuscatory or evidence of money laundering. bit.ly/3pSSDxU
Read 9 tweets
Aug 3, 2021
THREAD: Based on our blockchain analysis, we can confirm reports speculating that DarkSide #ransomware group has rebranded to BlackMatter. This is part of a trend in which ransomware groups shut down & reemerge with new names, often after law enforcement actions or media scrutiny
Chainalysis was able to confirm the financial connection between DarkSide and BlackMatter in late July '21 a few days before security researchers speculated there was a connection based on similarities w/ their encryption algorithms, decryptors, and more: bleepingcomputer.com/news/security/…
Sometimes following the money can provide an early indicator about a ransomware group’s revitalized operations. In this case, financial connections were made on the blockchain before any attacks were made public on BlackMatter’s blog
therecord.media/an-interview-w…
Read 5 tweets
Jan 14, 2021
THREAD: Here's a quick summary of our blog on on the Bitcoin donation made in December to alt-right groups and figures involved in last week's violence at the Capitol.
Alt-right personality Nick Fuentes, who was pictured outside the Capitol but denies entering, was by far the biggest beneficiary of the donation, receiving roughly $250K. bit.ly/38J9quj
Other far right figures who received Bitcoin in the donation include Patrick Casey, Vincent Reynouard, and Ethan Ralph, as well as platforms and websites like the Daily Stormer, VDARE, and Gab. bit.ly/38J9quj
Read 6 tweets
Dec 22, 2020
THREAD: We published a response to Treasury's proposed rule re: unhosted wallets, analyzing data behind their use, what the industry would have to do to comply & offering thoughts on how the rule could better achieve its purpose to curtail illicit activity bit.ly/3mHLYS2
First, three clear trends from our blockchain data suggest unhosted wallets are primarily used by individuals and organizations to either store their cryptocurrency for investment purposes, or move it between regulated trading venues.
Our first chart shows the vast majority of bitcoin sent between unhosted wallets is sourced from Virtual Asset Service Providers (VASPs), primarily exchanges:
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(