Topic: How hacked assets are made re-usable? (Read 234 times)

It's safe to assume such policy is included in KYC/AML policies of most CEXes. But I'd say, the tools and methods for monitoring transactions as well as the specifics on such policies could differ per exchange. After all, jurisdiction plays a huge role on the legal side of things. I could see most CEX relying on a blacklist since this is one of the basics.


This would totally depend on where your coin passes through. After all, the taint concept is not inherent on bitcoin so it depends if the party on the other end adhere such concept. For instance, you're probably fine if you sent it to your personal wallet or trade wherever they don't give a damn BUT the dynamic changes if you sent it to CEX since it's a thing there so there's always a chance the exchange could flag your transaction.

1. Like what others said, they use mixers for them to jumble its ownership and whoever tracks it will have hard time of tracing. Using one doesn't make it untraceable but make the path of tracing harder.

2. It is a thing when the exchanges are aware of the address where these tainted crypto came from like they have a list of blocked addresses. But I have read it from someone here before that it doesn't really matter at all. And going with that reasoning, if the exchanges or any organization don't have the list of where it is blocked then that ain't a thing.

3. I think US have but for this job, it is usually done by third party companies where they are paid to do so.

They can take action if they receive support request from other exchanges, victims, police or government. They also can take freeze action if their AML detection tool recognizes some suspicious things with on-chain analysis.

Usually serious actions will only come with support request from either victims or police. If the exchange do it by their AML detection and protection, it usually is different than emergent action with request from other entities for famous cases.

Blacklist, Taint, and Wallet Fingerprinting.

I knew that CEX have the power to suspend and seize any assets that are in their vault. But I didn't know if, they have a specific policy to seize tainted coins. Or if they regulate these address. Maybe they have a list of blacklisted addresses.

I haven't used any mixers yet. So I don't know much of it. But there was one question. Suppose I bought some BTC without knowing it was from a tainted address or source. What would happen then?

Even after that, hackers are using different exploit to hack funds from CEXs and DEXs. Two days ago I saw a news of some hackers,
who exploited the Camelot/Arbitrum's PAXG pool. Luckily there were able to recover those hacked funds.

SBF doomed him and those who trusted him. There was one guy whom I knew had a lot of his funds on FTX. Poor guy.

How do you cover your tracks without using a mixer/coinjoin, you are getting it wrong here; without using a mixer/coinjoin anyone who looks at the blockchain can link the input to the output and still keep track of you. Mind you that mixers/coinjoin isn't only used by hackers, if you want privacy when using Bitcoin you have to use mixers/coinjoins.
Do you worry about tainted fiat, or if the fiat currency in your pocket was used to buy drugs or was used as payment to a criminal, that is how ridiculous it is to say some Bitcoins are tainted and hence not fungible.

I mean, the way for the hacker to cover his tracks is actually through the mixers. You really can't just erase your wallet's history (because public blockchains) — just obfuscate it through mixing/coinjoins.


SBF actually hilariously failed in trying to hide their tracks. There's a reason why here's about to be in jail soon.

1. Hacking and stealing the bitcoin is the first step and the second step is when the hacker will cover all his track to make sure that he can't be traced. After they have seen that their is no trace, the bitcoin is sent to a mixer or an exchange to make it clean. Or sometimes it coins can be sent to some professional money laundering operators, that knows that it is a stolen coins and they will help the hacker out since they will also ask for their own percentage. I believe that SBF can play such dirty game.

2. Yeah there is tainted bitcoin and those are bitcoin gotten from illicit activities and even exchange that is not registered under the government that has bitcoin, the government can label it tainted bitcoin.

3. This depends of the country and it varies from country to country.

Hackers use mixers and coinjoins to hide their traces, they also do not use centralized exchanges and if they do, then it is either a hacked or a bought account on an exchange. Mind you that hackers do not usually spend funds they steal immediately, they spend a long time breaking all the links in order to ensure that it is never linked back to their true identity.
There is no tainted Bitcoin per se. Government only say that to make you believe some Bitcoins are not fungible, which isn't true. If you look way back, then you'll do well to find one paper money that isn't tainted, because it must definitely have a history of crime or other whatnots.

Hackers are also smart people, they know what they are doing and would have planned it all before starting, first of all they don't make use of an exchange be it centralized or decentralized, because the amount of money that would be involved is going to be much and they wouldn't want to risk being under government AML agencies whereby their fund get seized,they mostly use mixers.


Any cryptocurrency that is suspected to be involved in any illegal means or through the wallet address if traced will be under tainted crypto.


Anti Money Laundry agencies are saddled with this responsibility, they use KYC information extracted from exchages.

1. Hackers can make use of tumbler or mixer in order to make it difficult to trace the hack funds but this doesn't always end well as it may likely backfire. 2. Yes, tainted crypto exits. 3. Yes, there are several regulatory authorities that monitor crypto related illegal activity. For instance, In the United States we have the SEC and the Commodity Futures Trading Commission both regulate crypto assets and can take legal action on individual or exchange for any illegal activities. Internationally, we also have the Financial Action Task Force as an intergovernmental organization that sets standards for combating money laundering and terrorist financing. So there are a number of bodies that are working to regulate the crypto industry and prevent illegal activity.

Through mixers — there's a reason why governments tried to seize/shutdown platforms like Bitcoin's ChipMixer, and Ethereum's TornadoCash.


Yes. Some centralized exchanges close/lock accounts of people with deposits from "questionable"(probably from their vocabulary) transaction history.


It will differ from country to country or state to state.

1. How are hackers able to use this stolen Crypto is not really a thing anymore; anyone who is able to hack through an exchange will definitely have a means of cleaning up those funds. Hacking requires a lot of skills, not just ordinary skills but technical knowledge.
 
A lot of people are of the opinion that those cryptos stolen from exchanges or hackers obtained from any means are being mixed using mixer services. How do those mixer services exchange their own crypto? I don't think those hackers will even need mixer service in order to hide their tracks; they can launder those cryptos in ways that might not require them to use mixer.
 
2. Yes, there is something called tinted crypto; in fact,  most exchange categories deposit from mixer services as such, which makes it uncomfortable for common crypto users who are just trying to protect their anonymity from using an exchange address to receive directly from a mixer service. And there are also addresses that have been blacklisted by both the US government and, as of early 2022, the Canadian government, which has also blacklisted about 30 bitcoin addresses that were tied to a criminal case. Such a blacklisted address could also be said to be a tinted address, and there is a close watch on them; just receiving or sending a coin to that address makes you suspect.

3. There are bodies that are set up to monitor and trace such transactions. Many of these bodies are unknown, but the one that is known to give data to regulators is chain analysts.

In a few cases hacked funds are recovered especially if the transaction can be linked to a centralized exchange. There have been cases where people's fund were frozen because it was suspected to be proceeds from hacks. If it cannot be linked to a service that KYC was taken, it will be difficult to recover.


These are cryptocurrencies that are suspected to be proceeds from illegal or illicit activities.


Every nation has laws that regulate the operations of cryptocurrency in their jurisdiction. They also have law enforcement agencies that handle tracking, freezing, and recovery. But there is also an international collaboration between nations to foster the regulation and policing of the crypto space. There are no known international bodies that monitor the space.

Yes there is also tainted coins in cryptocurrency, some exchanges tag your coins coming from a mixer/tumbler as tainted. Just like the traditional currencies every fund stolen or transferred from an hack addresses or exchange is termed tainted coin but unlike the traditional currency it is hard to trace them except maybe the hacker made a mistake of leaving traces.


There is no universal police that works on policing the bitcoin, just each countries SEC that mostly concerns on regulations. If an hack happens I think it is the regular financial police that tried to track the stolen funds using explorers or monitors like chainalysis to analyze the movement of such funds and if traces are found then the police probably arrest the person.


Like you said mixers are primarily for one anonymity but hackers or thieves use this also to their aid. Aside using mixers you as a person can work on your anonymity by avoiding KYC exchanges, using different addresses for each transactions and then by not using wallets that could reveal one’s IP addresses.

Furthermore stolen bitcoins are hard to recover if the thief doesn’t send the funds to a CEX or any other mistake. If the hacker was smart to transfer the coins between different wallets or mixers which do not have direct link to the users identity then it will be hard to actually catch the culprit. That’s why Most of all these services promising stolen coin recoveries are considered fake

I can say for sure how reliable some mixers are with their reputation but for a certainty, no public mixer that is well known by many people accepts deposit from tainted address.
When there is a news of hack wallet addresses, chain analyst and other websites that analyse flow of btc put this wallet address on watch list so that when bitcoin is received or sent out of the address, it notify them in real time. Instances when mixers received this kind of money, they confiscate the funds and do further research, if it's a public stolen btc or from an exchange, they will not allow the sender have access to it. I believe the exchange in question that was compromised will do anything to contact the mixer through legal mean. If the mixer mix the stolen, then they expect hunt on that mixing company.

I have also seen scenario where stolen btc where sent to centralized exchanges like OKX and Kraken and instantly, the btc were seize and account suspended.

Now to your question:
1.When hack assets become a public watch, consider that coin as useless because no exchange will want to have anything to do with you, not even a decentralized exchange will allow you to pss through the btc in their protocol, if they see such btc, a vote can be pass to hold that btc if you use exchange like run thor swap where you can bridge between two chains.

For p2p sellers and buyers, they are going to run away from you because who want to buy asset that will cause them jail, Nobody will.

2. In Bitcoin protocol, there is nothing like taint btc, an output can be refused again and again and can be sent to another person. Taint btc is just an identified btc that were compromised as a result of exposed private keys from one person to another.

3. There is no such thing as a regulatory authority but if an asset is of course public funds as in the case of exchange hacks, people will watch how the funds are moved from one place to another and sometimes, even Binance spent time in helping victims of hacks tracked wallet. We also have independent crypto individuals and teams that help track wallet; one of them is Lookonchain

1. There are many examples that you can find they used mixing services to get rid of their traces, apart from that they could be used for transactions in the darknet, or in some cases they will be left unused forever.

2. Not really, in my opinion as long as you obtain the funds in any way that is legally acceptable then you are not responsible for the previous history related to it.

3. Almost every government intelligence does that and not just crypto, they have to monitor all kind of transaction all the time.

1. In most cases of hackers who get away, they use mixer services.
2. Depends on the context of the question. Nearly all regulated services reject these types of funds.
3. I don't know about government institutions, in this space there are several blockchain analytic sevirces that are always welcoming collaboration with governments and regulated services for investigation purposes.

Mixing isn't the only way to hide someone tracks, there are many thing need to be sure or they might leave their traces somewhere. Mixing isn't 100% anonymous, there's a chance it could be identifiable.

1. As long as you trade via P2P and not rely on third party, you're able to trade without any intervention.
2. Yes, base on centralized institutions' words. But, some people don't really care since money is money, similar like fiat where it's also used for money laundering.
3. Yes, the most popular is Chainalysis.

I had a list of questions, and I'm hoping you guys can answer them.

Literally every day, we see the news of an exchanges getting hacked. X hacker group hacked Y exchange and drained all of its assets. For example, let's say the Lazarus hacking group. These hacks are still happening. My question is: how are these hacked funds used, or how they are making these funds reusable? If one loses its funds, are they lost forever? It won't matter if it's hacked or not. Is this a thing?

In paper currency, there is a term called "tainted money", meaning those funds were obtained with illegal means. If one gets caught using this, he can get locked up for a long time. Is it also true for crypto? Is there a thing like tainted crypto?

For criminals, we have interpol. They have access to almost all countries, except some, as far as I know. They can be considered universal police. Is there also a universal police for crypto? Like higher regulatory authorities overseas, which monitor all crypto activity.

Another thing I forgot to mention is that there are many mixing services through which we can make our funds anonymous. Or, perhaps, hackers use these services to hide their tracks so that they can use those funds (illegally obtained) anonymously? Am I right in any way?


1. How are hacked crypto assets made re-usable?
2. Is tainted crypto also a thing?
3. Is there any higher regulatory authority that monitors crypto related illegal activity?

---

I don't know if it's the proper board for these questions. Let me know if it isn't and I'll move it.