Bitcoins move from the seized SilkRoad wallet to the ShadowBrokers

A security expert noticed strange transactions from the Bitcoin wallet of the SilkRoad (now in the hands of Feds) to the ShadowBrokers ‘ wallet.

I was surfing the Internet searching for interesting data about the ShadowBrokers group that leaked exploits and hacking tools belonging to the NSA Equation Group.

I have found a very intriguing analysis of the popular security researcher krypt3ia that has analyzed the Bitcoin transactions linked to the #ShadowBrokers account. It seems that the account is receiving small amounts of money (at about $990.00 a couple of days ago), but the real surprise is that some of the payments are coming from the seized Silk Road bitcoins and account.

Hey, wait a moment, the Silk Road Bitcoin are under the control of the FBI after the seizure of the popular black market.

krypt3ia decided to investigate the overall transactions and discovered that also the US Marshall service was involved in the transfers.

“So, is this to say that these coins are still in the coffers of the feds and they are being sent to ShadowBrokers to chum the water here? Maybe get a conversation going? Maybe to get the bitcoins flying so others can trace some taint? Of course once you start to look at that address and the coins in and out there you get some other interesting hits. Suddenly you are seeing US Marshall service as well being in that loop. Which makes sense after the whole thing went down with the theft of coins and such by rogue agents of the USSS and DEA.” wrote krypt3ia in a blog post.

Analyzing the transactions the expert noticed transactions of 0,001337 BTC for the for ShadowBrokers.

We are aware that Silk Road coins are in the hands of the US GOV, but someone is sending ShadowBrokers fractions of them.

“What if, and you can see this once you start to dig around with Maltego, the coins being paid to the account so far also come from other accounts that are, shall we call them cutout accounts for the government?” added the experts.

At this point, the researcher invited readers to analyze transactions involving all the accounts that passed money to Bitcoin Wallets used by the Government and that were used to transfer money to the ShadowBrokers.

At the time I’m writing the ShadowBroker wallet was involved in 41 transactions for a total of 1.738 BTC, and the highest bidder is of 1.5 bitcoin, or around $850.

Stay tuned.

Update 14.19 GMT from ZDNET.com : Bitcoin experts have raised questions over the validity of krypt3ia’s claims.

According to Jonathan Levin, CRO and co-founder of Bitcoin investigation company Chain Analysis, the issue is not clear-cut — and may not exist at all. Levin told ZDNet that the payments being made through the scrutinized wallet are also going the other way.

The executive says the payment chain is likely due to spam, which means the US government may have nothing to do with the auction and this is simply the work of other individuals. Levin commented:

“In Bitcoin, people like to send small payments to addresses, sometimes with embedded messages, sometimes without. Any famous address attracts a lot of spam.

The Silk Road seized coins and this auction are no exception. In this case, the same person who is spamming the Auction address is also spamming the seized coin address.”

At the time of writing, the Shadow Brokers’ auction has netted a total of 1.761 BTC, which equates to approximately $1,022.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Bitcoin, ShadowBrokers)