Hacker Redirects Russian Bitcoin To Ukrainian Aid Efforts

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Russian-linked Bitcoin wallets are having their funds stolen and redirected to Ukrainian aid efforts by a “modern Robin Hood” who previously destroyed about #$300,000 worth of Russian Bitcoin to spread their message.

Ukraine has managed to raise tens of millions of dollars through cryptocurrency donations. According to a report by CoinDesk, some of the funds were sent through Russian-tied accounts that had previously been exposed.

Two of the three exposed accounts were involved in the SolarWinds attack in 2021, which resulted in a massive breach of various US companies and institutions. The third account was allegedly involved in the 2016 presidential misinformation campaign.

In the past, the individual had outed and sized Bitcoin from these Russian addresses and destroyed over $300,000 worth of cryptocurrency, rather than profiting from the theft. After being inactive for a while, the individual is back and sending Russian cryptocurrency to Ukraine, while being dubbed a modern “Robin Hood” of sorts.

“The unknown individual used a feature in how the Bitcoin blockchain documents transactions to identify 986 wallets controlled by the Foreign Military Intelligence Agency (GRU), Foreign Intelligence Service (SVR), and Federal Security Service (FSB), Chainalysis, which works closely with the U.S. government,” CoinDesk said.

While CoinDesk released the report, it can’t verify this information, since none of the agencies responded to their inquiries.

“The fact that the OP_RETURN sender was both willing and able to burn hundreds of thousands of dollars’ worth of bitcoin in order to spread their message makes it more likely in our opinion that their information is accurate,” said researchers at Chainalysis. “The individual effectively destroyed over $300,000 worth of bitcoin while describing their allegations to the blockchain”

According to CoinDesk, the chance that this individual has acquired private Russian wallet keys and is able to manipulate funds implies that Russian hacker groups aren’t as secure as they pretend to be.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."