The blockchain as a powerful compliance ally
You wouldn't know it from reading mainstream press, but crypto hacks are down significantly in 2023. By some estimates, the total value stolen is 70% down compared to the same period last year.
The majority of the $300 million in stolen funds on Ethereum was from the Euler Labs hack in March, which saw $196 million taken from the lending protocol. BUT... around a month later, Euler announced it was able to recover around 90% of the lost funds after negotiations with the hacker.
Factoring in those recovered funds puts the 2023 figure closer to 90% down on last year. That's somewhere around $100 - $150 million stolen on Ethereum this year vs $1.3 billion for the FIRST QUARTER of 2022 alone.
There are three main reasons for this:
- DeFi-focused security measures are becoming more robust
- The closure of several high-profile mixing services including Ethereum-based Tornado Cash following its sanctioning by the US Office of Foreign Assets Control in August 2022.
- The growing realisation that there is nowhere to hide on-chain.
You can run but you can't hide
Once a hack has been uncovered, details are often communicated immediately by the targeted service, as with Euler. This includes timestamps, event information, and often the cryptocurrency address of the hacker.
Once the address is public, its a near-guarantee that the stolen funds are being watched: by exchanges, online sleuths, law enforcement, blockchain analytics firms, and anyone curious enough to plug the wallet address into a block explorer like Blockchain.com or Etherscan.
That's why the Euler hackers ended up handing the funds back - they had nowhere to go and no way to exit with the funds. And they knew that everyone was watching.
Its the same conclusion that Ilya Lichtenstein and his wife Heather Rhiannon Morgan came to when seeking to cash in on the 94,643 Bitcoin they had procured from the 2016 hack of Bitfinex.
The funds - now worth $2.5 billion - were being watched across the ecosystem once Bitfinex disclosed the hack. If Lichtenstein and Morgan had attempted to cash in the funds by depositing them to an exchange, they would have been caught. Exchanges would have handed over KYC information to law enforcement and the assets would have been frozen.
Instead, the funds ended up sitting on a thumb drive in a cupboard for years. Accumulating value but entirely untouched. Until they were caught and arrested following a tip-off in 2022.
The funds taken by Lichtenstein and Morgan, for those who want to take a look, are sitting in this address:
bc1qazcm763858nkj2dj986etajv6wquslv8uxwczt
A powerful compliance ally
What we see here is the blockchain being used as a compliance tool. And a powerful one too. As an immutable transaction ledger, it contains the history of everything ever done. Take Bitcoin for example: its blockchain records every transfer of value between every address, along with amounts, valued and timestamps.
Layering algorithms on top of this data - as Hoptrail does - to identify the services behind those addresses enables us to create a detailed picture of an address’ trading history such as their sources of funds and any potential financial crime risks.
So with enough data, its possible to piece together not just the fund flows, but the probity of someone’s activity. This allows for robust due diligence: AML checks, source of wealth analytics, and asset tracing. All the tools you’d need to police activity on-chain is provided by the blockchain.
For compliance and legal officers with operational headaches about how to tackle crypto risks, look no further than the blockchain.
For those interested, the Euler Labs hackers addresses were:
- 0xebc29199c817dc47ba12e3f86102564d640cbf99
- 0xb2698c2d99ad2c302a95a8db26b08d17a77cedd4
- 0xb66cd966670d962c227b3eaba30a872dbfb995db
Simple searches will also show you fund movements to Euler’s Treasury address on 3 April 2023, confirming Euler’s statement that it had clawed back some of the stolen assets.
Want to find out more?
If you’d like to find out more about how we collect and curate our data, get in touch with the team at info@hoptrail.io or reach out to us here.
AMLcryptocomplianceblockchainhack
Crypto Asset Recovery: Tracing Wealth and Blockchain Analytics
Hoptrail Raises on Echo.xyz!
Crypto onboarding: A multi-billion dollar opportunity for banks to tackle
Subscribe to the Hoptrail newsletter
Sign up with your email address to get the latest insights from our crypto experts.