Are terrorists really being funded by crypto?
On 10 October 2023, the Wall Street Journal published an article headlined ‘Hamas Militants Behind Israel Attack Raised Millions in Crypto'. It quoted an amount of $93-million. The article set off a firestorm in Congress, led by senator Elizabeth Warren, and a small army of legislators got very testy, issuing warnings and threats and composing a stern letter to the president signed by 100 members of Congress, who basically knee-jerked their way into a position before anyone had bothered to properly verify the facts.
After the smoke had cleared, the actual number, when properly analysed by companies who took the time to dig deeper (like the blockchain analysis company Chainalysis and others), was estimated to be much lower. There were numerous problems in the article, including the difficulty of determining how much of the money was used for actual terrorism and how much was used to buy medicine, for example. (Hamas governs the Gaza strip – presumably they have other expenses besides AK-47s).
However, it is true that Hamas, Islamic Jihad, Hezbollah and others designated by most Western countries as terrorist organisations have all used crypto channels for at least a small part of their fundraising. Some of these are entirely public, with crypto addresses openly published on websites. Others are more surreptitious, with blockchain addresses circulated on encrypted telegram channels. But the whole crypto channel fundraising process has turned out to be something of a problem for these organisations.
Almost all blockchains keep their record of transactions public, by design. Anyone can see the movement of value from account to account. The accounts themselves are anonymous, but their contents are not. Following the money is easy, and there are now several companies (as well as agencies like the NSA in the US) who forage and cross-reference these public transactions to extract nuggets of information in an effort to strip them of their anonymity. This includes tracking terrorist group transactions and other illicit funding, for clients like the FBI or CIA or the justice department.
This has led to a number of crypto wallets being seized and frozen, most recently and famously by the Israeli government which, after working with big crypto players like Binance and Tether, was able to de-anonymise blockchain addresses belonging to both Hamas and Hezbollah. Because it is easy to track crypto back to the originating account (which is kind of the point of the “chain” in blockchain), the contributors of funds to these groups suddenly found themselves at risk of exposure.
There’s a lesson for the bad guys: Seeking crypto donations for terrorist acts is a foolish strategy.
Outing your supporters as sponsors of terrorism is not a great business model.
A bunch of other mechanisms have been tried to secure anonymity (such as one-time wallet addresses), but Israeli cryptographers are rumoured to be among the best in the world, and these somewhat smarter camouflage techniques also saw their masks ripped off. Most terrorist groups are, to be fair, not that crypto-literate, but now the seizures and uncoverings have become so frequent that, earlier this year, Hamas publicly asked its supporters to cease sending Bitcoin donations altogether.
There’s a lesson for the bad guys there: Seeking crypto donations for terrorist acts is a foolish strategy.
It is far easier to raise funding from sponsor states like Iran, where large amounts can be hidden and moved with impunity. This is how terrorist organisations have traditionally been funded; rogue states have developed clever ways of subverting international regulations that seek to surveil and sanction illicit activities. Not to mention the time-tested old-style ways of financing crime with bags of cash, bartering, laundering, or crooked bank employees. These have worked pretty well for bad actors for decades, under cover of darkness. Crypto channels have served to bring them into the light, which is not a comfortable state of affairs for any of those involved.
Unless you are North Korea. The country is not on any list of terrorist organisations; it is a sovereign state with a seat at the United Nations. But they are considered to be a nasty bunch and the country has become a global pariah after ignoring arms treaties in order to build a nuclear weapons capability which they frequently trot out to threaten all and sundry.
It doesn’t take a great deal of nous to imagine North Korean hackers working for Hamas.
More pointedly, North Korea has reputedly trained 50,000 hackers, some from a very early age. Unlike Hamas, they are very crypto-sophisticated indeed and have stolen $3.2-billion in crypto since 2016, according to Chainalysis. This is how they funded their entire nuclear programme – with almost no other source of global trade revenue.
Which brings us to an uncomfortable conclusion: The current extent of crypto-financing for terrorists may be inaccurate or overblown, but only because they do not have the deep skills to do it properly. Yet.
Given the shifting alignments and new partnerships emerging from the current crises in the Middle East and Ukraine, it seems likely that the sort of skills required to move dark money around the cryptoverse unnoticed will gain momentum as these new friends-of-convenience share knowledge and skills. Russia hosted a delegation from Hamas recently. North Korea is supposedly supplying ordnance to Russia in its war against Ukraine. It doesn’t take a great deal of nous to imagine North Korean hackers working for Hamas.
Read more in Daily Maverick: AI – a terrifying story about your face and a company called Clearview
Still, there may yet be a silver lining or two. North Korea’s bag of stolen crypto swag shrank significantly for the first time this year, which can only mean that the good guys are getting smarter. And a slew of new laws and regulations around the industry have started to nestle comfortably into the statute books, despite the fact that many of them are anathema to the original spirit of crypto and have many vocal detractors (including your correspondent).
But, considering the stakes here, objectors would do well to reconsider the boundaries of crypto’s much-vaunted hoodies and masks. DM
(For a deep dive into terrorist crypto funding, listen to this episode of The Unchained podcast here)
Steven Boykey Sidley is a professor of practice at JBS, University of Johannesburg. His new book It’s Mine: How the Crypto Industry is Redefining Ownership is published by Maverick451. It can be ordered directly from the DM store here or on Kindle. It’s also available at bookstores.