As American intelligence and law enforcement agencies attempt to crack down on Russian so-called troll farms suspected of attempted electoral interference, farm operators are responding by moving towards the use of a broader variety of cryptoassets and “chain-hopping” techniques.
On September 10, the American Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on four Russia-linked individuals it accused of attempting to destabilize United States elections.
A recent report from blockchain analytics firm Elliptic said that criminals are using crypto to finance the production of fake news stories intended to influence voters – and hide their digital footprints.
Moreover, criminals are rapidly expanding their use of crypto in a way that makes it significantly more difficult for law enforcement to target their global networks, per a recent paper released by the UK defense and security think tank the Royal United Services Institute (RUSI).
Crypto exchanges “are open to abuse because they can convert traceable cryptocurrency such as bitcoin into privacy coins that are at the moment exceedingly difficult to trace (a process known as chain-hopping),” the paper’s authors wrote.
Tom Robinson, Chief Scientist and Co-Founder at Elliptic, said that the American agency has “listed 23 crypto addresses linked to [suspected troll farm managers surnamed] Andreyev and Lifshits.
That list can be found here.
Robinson added,
“Close to USD 1 million in cryptoassets passed through these addresses between May 2017 and January 2019 – with transactions ending soon after the midterm elections of November 2018”.
Of the USD 1 million, the lion’s share of the funds was transferred in bitcoin (BTC), which represented 64% of the funds, followed by ethereum (ETH), with a 27% stake, and zcash (ZEC) with 8%. The remaining 1% was split between dash (DASH), bitcoin SV (BSV) and litecoin (LTC), according to Elliptic data. However, the list does not include monero (XMR), the most popular privacy coin.
The firm wrote,
“Of the 23 addresses used by the sanctioned individuals, at least eleven belong to cryptocurrency exchanges – as identified through Elliptic’s blockchain monitoring tools. In fact, one or more accounts at a single, well-known exchange received over 96% of the USD 1 million in crypto involved.”
“Rather than create their own (unhosted) wallets, Lifshits and Andreyev chose to transact through accounts at exchanges. They may have chosen to operate in this way because of the low standards of know-your-customer and anti-money laundering controls in force at these exchanges – presenting a low risk of being identified through use of these services,” the firm said.