In recent months, the financial landscape of international terrorism has come under increased scrutiny, with significant implications for the crypto industry. This dashboard serves as a comprehensive analysis hub, where we delve into the complex web of crypto transactions and their associations with alleged terrorist organizations.

Our investigation centers around a pivotal event in October, when a series of articles by Angus Berwick and Ian Talley in The Wall Street Journal raised alarming claims of crypto funding for Hamas and its affiliates. The initial article, "Hamas Militants Behind Israel Attack Raised Millions in Crypto," sent shockwaves through the crypto community, leading to further reports and an op-ed by Senator Elizabeth Warren, which ultimately galvanized over 100 members of Congress.

However, subsequent revelations have cast a shadow of doubt over these claims. Our investigation begins with a review of the evidence presented by key stakeholders:

1. Elliptic's Claim: In July 2023, Elliptic asserted that the Palestinian Islamic Jihad (PIJ) received a staggering $93 million. We'll scrutinize their findings and assess their credibility.

2. BitOK's Assertion: BitOK alleges that $41 million was funneled to Hamas based on addresses disclosed in Israeli counter-terror seizure orders. We'll delve into their methodology and evaluate the validity of their claim.

3. The Wall Street Journal: As a major catalyst, the WSJ's articles introduced these claims to the public. Our dashboard will analyze their reporting and its implications.

4. Senator Elizabeth Warren's Letter: Senator Warren's letter to the White House and Treasury, relying exclusively on the WSJ's reporting, demands attention. We'll dissect its arguments and assess its factual basis.

5. Chainalysis's Perspective: Chainalysis has released a blog post questioning the methodology of these claims without explicitly referencing any provider. We'll closely examine their findings.

6. Elliptic's Follow-Up: Subsequently, Elliptic has disputed the WSJ's approach and Senator Warren's letter. We will assess the merits of their counterarguments.

7. BitOK's Clarification: BitOK has provided clarification on their methodology. Our dashboard will explore these clarifications and their potential impact.

8. WSJ's Refusal to Retract: Despite growing doubts, the WSJ has refused to retract its initial reporting. We'll examine the reasons behind this stance.

9. Senate Hearing on October 26: In this crucial Senate hearing, several Senators and witnesses continued to question the WSJ/Warren claim that crypto had funded "over $130 million" in donations to Hamas or its affiliates. We'll analyze the proceedings of this hearing.

Our objective is to provide an independent, data-driven, and fact-based assessment of these claims and counterclaims. Through the lens of blockchain analysis, we aim to elucidate the truth behind these allegations and offer a clearer perspective on this complex issue. Data visualizations, detailed reports, and other informative materials will be available to help you navigate this intricate landscape.

To investigate and characterize the addresses mentioned in Israeli seizure orders, and determine the veracity of the WSJ/Warren claims, the objective of this dashboard is to conduct independent open-source intelligence (OSINT) analysis of the on-chain transactions and their connections to known terror organizations.

This analysis aims to address key aspects, including:

• Verification of the addresses mentioned in the seizure orders to ascertain their affiliation with the claimed organizations or potential links to unaffiliated exchange wallets.

• Investigating the funds moved on-chain and their relevance to the actual terror organizations involved.

• Evaluating the methodology employed by Elliptic, BitOK, Chainalysis, and the WSJ in their reporting.

• Debunking specific details within the WSJ's claims through factual analysis.

• Creating data visualizations or graphics that provide a comprehensive understanding of the situation.

This work will contribute to a more fact-based and independent account of the events and address any discrepancies in the initial reporting. By focusing on known ground truths, this analysis will offer insights into whether the WSJ's claims are accurate or require revision.

The provided information about wallets blacklisted by Tether and their interactions with various entities, such as Amir Capital and Binance, can also be considered to assess their relevance to the larger context.

This OSINT analysis will help shed light on the veracity of the WSJ/Warren claims and provide a more accurate understanding of the situation. Data visualization and any other relevant work products can aid in conveying your findings effectively.

In this section, we have thoroughly examined all available transactions related to Islamic Jihad, Hamas, and Hezbollah. This investigation primarily focused on transactions directly sent to Islamic Jihad. Several months ago, the Israeli defense ministry published a list of Binance and Tron accounts purportedly belonging to Islamic Jihad. Upon scrutinizing the Tron addresses, we made some noteworthy observations. Notably, these wallets received less than $93.7 million USDT, which contrasts with previously published figures.

List of Addresses (Receptors) Related to Islamic Jihad:

('TGSv6fGeiZbWAljBdsgkGLumtqp4wFXxzq', 'TDAegnxRRBVuRFjltkpmignshcu12nfoQF', 'TGSv6fGeiZbWAIjBdsgkGLumtqp4wFXxzq', 'TFS7HvL8Y7zWoSR6FroD9SGiKCpWTZLLLX', 'TDAegnxRRBVuRFjItkpmignshcu12nfoQF', 'TCWMveoWyAwkCthHC43nfgbtmAfPGXYhQD', 'TMmEYcSL4KhzJuYpRHI6aLsG16YoFyYKUq', 'TMmEYcSL4KhzJuYpRH16aLsG16YoFyYKUq', 'TM45NsDQlYUMMHosa2uK5FZbxxggNzxSys', 'TM45NsDQIYUMMHosa2uK5FZbxxggNzxSys', 'TJZnMKRAXWqhewxDUGvsfaoe8exUjHPwA6', 'THBPKbkuVSxNG7cq8bAvicrTm2YpMMZVKQ', 'TMmEYcSL4KhzJuYpRHl6aLsG16YoFyYKUq', 'TGSv6fGeiZbWA1jBdsgkGLumtqp4wFXxzq', 'TM45NsDQ1YUMMHosa2uK5FZbxxggNzxSys', 'TNT8WTuCoPwuYzScrHwbv5Wzw9XBwu9u3q', 'TPpRxpTw3Mn71rHzStQfjHB369zxHYqQiz', 'TQ4HeWsnzXexz2UKY3Ef94xg3mWkawirR', 'TXBMWt3T4WhFkcPnob1567cGDM3ou27GWE', 'TVzsknku8cubpukTmUVn5Ro747Bgw3GS63', 'TUtw7GQJssJ6WtBE1J2xKks7VimKP8m587', 'TU3bxJ7FRpwsfwwc7bQLa9Jr89e7UzWB3m', 'TSgiPLeKKTd6vQa2aLfb1QFmNV9DQ52xYK', 'TQLoZxoAu2arL3jCyz5ToZf4gqkmvXxtTy', 'TVoJZwG6SZrpk2YM2WW54HyvJmKTkeqG', 'TTxuaC7zJ5QbBhnUL2KEkQbFc5UEipE1fd', 'TK8qQuPSCeQxAKuqHLX4xycSVFNXGVWQy', 'THsPCpqBmmi8CzMWvQ1Zw7cMZaJ77hmmVW', 'TCG5LT8GZu9xedHbfwo2Mea2nJJbi5QGTv', 'TXXfxvnjg4497duutm5uEHUgqAhSVoM4nS', 'TY825nrM5GiztWFRQW3JpPUAGuZhWPisSA', 'TY3TUu4RwSDmUqQAbQ66vU3tRdkqPC19M4', 'TY3TUu4RwSDmUqQAhQ66vU3tRdkqPC19M4', 'TWvsfLNZrB8xPEeUE5Jzo94MzNYcCZ3ia8' )

All related transfers to these addresses have been examined through the analysis.

When categorizing the wallets based on their distinct behaviors, we identified three groups: those that sent/received many transfers but with minimal volume, those that sent/received low transfers but with a significant volume, and those that sent/received a medium number of transfers with substantial volume. The analysis revealed that the group receiving a significant volume (over $1 million) received $62 million and sent $39 million, resulting in a netflow of $23 million. In contrast, the groups with volumes ranging from $100,000 to $1 million and less than $100,000 had negative netflows of -17 million and -6 million, respectively.

The data suggests that some entities may have been funneling large sums of money to Islamic Jihad wallets, potentially for illicit activities. The fact that these transactions involved significant volumes of USDT is noteworthy, as it could indicate attempts to manipulate or influence the cryptocurrency market. The negative netflows of certain wallet groups may suggest that they were used for money laundering or other suspicious financial activities.

labeled the addresses, primarily focusing on the senders. The data indicates that a considerable number of movements originated from Binance, with the wallet related to audaxtrading exhibiting the highest negative netflow. Most of the movements originated from Binance's hot wallets, with one originating from Ukraine/Russian war and three from Hamas/Hezbollah.

The involvement of Binance in these transactions is a significant finding. The negative netflow from the wallet related to audaxtrading may raise concerns about the legitimacy of its activities. The majority of the transactions are connected to Binance, highlighting the exchange's role in this network.

If we grouped the transactions by common movements from a wallet to another, we can see how there are a lot of movements to TQ4HeW... wallet with an important amount of volume, around 400k per sender. TMmEY... wallet shows similar behavior, in this case around 100k per sender. TU3bx... the same but for around 50k. TVzsk... less transaction but over 100 per each sender and 200k in average. TDAegn less than 100 transfers per wallet but the highest quantiity of volume per sender with average around 500k. An interesting behavior is a lot of movements with 0 value.

However, in this Sankey Diagram on the left the results are not shown properly and a deeper analysis on identifying wallets must be done to provide better understand of the situation. For this reason, the next section will consist of improve this chart.

The analysis delves deeper into identifying clusters within these transfers. The second Sankey Diagram provides a clearer understanding of the connections and interactions between the wallets.

The Sankey Diagram reveals various intriguing patterns, such as connections to Amir Capital, unusual transfers from Binance in large numbers but small amounts (possibly indicative of smurfing), and the increase in smaller transactions leading up to the collapse of Terra Luna. There is also a strong connection to wallets related to Hamas/Hezbollah. The presence of wallets that have not been mentioned on the internet but have significant financial interactions raises questions about their origin and purpose.

To enhance the insights from our previous analysis, we have considered blacklisted wallets, including those blacklisted by Tether and related to Hamas/Hezbollah.

Notably, we were initially looking for whales that exhibited a sudden increase in USDT transfer activity around the time of the Ukraine/Russian war. Some outliers in activity were identified in wallets linked to Ukraine/Russian war. However, the transfers from these wallets to Islamic Jihad wallets were infrequent and of low value.

In this section, we present an overview of the transactions related to these addresses. The data reveals that, out of more than 58,000 transactions, a total of $83.9 million has been transferred, considering USDT, USDC, and TRX transfers. Lower than stated by Elliptic and others previously. The majority of the volume was in USDT. It's important to note that this figure differs from the data provided by Elliptic. Additionally, when analyzing the evolution of transfers over time, it becomes evident that the highest activity occurred from May 2022 to January 2023, with a peak of fewer than 4,500 transfers and approximately $7.2 million (USD) transferred, also lower numbers than previously stated. During this period, TRX transfers began to increase, accounting for over 50% of the total transfers to Islamic Jihad wallets, although the volume remained relatively low.

All transactions examined in this section were found to be directly sent to identified Islamic Jihad wallets, confirming the accuracy of our selections.

1. Data Collection:

   • I initiated the investigation by collecting blockchain data from Tron blockchain thanks to Sam's previous codes. These datasets contained addresses related to the allegations, as they were disclosed in Israeli counter-terror seizure orders and referenced in various reports.

2. Data Analysis:

   • I then proceeded to analyze this data. This analysis involved a detailed examination of transaction history, including transaction amounts, timestamps, sources, and destinations.

3. Blockchain Forensics:

   • I harnessed blockchain forensics tools to trace the flow of funds from the source to the alleged recipient addresses. I also paid close attention to whether mixers or tumblers were used to obscure the source of funds.

4. Network Analysis:

   • I performed network analysis to identify connections between the flagged addresses and other entities. This included mapping wallet clusters, which often indicated common ownership or control.

5. Verification of Claims:

   • To ensure the accuracy of claims made by various parties, including Elliptic, BitOK, The Wall Street Journal, and Senator Elizabeth Warren, I cross-referenced their assertions with the findings of our blockchain analysis. This rigorous process allowed me to validate the accuracy of the claims regarding the amount of funds and their recipients.

6. Methodology Review:

   • I critically reviewed the methodologies used by Elliptic, BitOK, and Chainalysis to ensure they adhered to industry best practices. My goal was to assess the validity of their approaches in the context of our investigation.

7. Data Visualization:

   • Within the dashboard, I incorporated data visualizations, such as graphs and charts, to present key findings and relationships in a clear and accessible manner. These visual aids were designed to facilitate users' understanding of complex data.

8. Reporting:

   • Detailed reports were generated to concisely summarize the findings of our investigation. These reports included clear explanations of key observations and their potential implications, along with background information and context to assist in the interpretation of results.

By employing this methodology, I provided a structured and systematic approach to investigating the crypto funding allegations, maintaining the accuracy and credibility of the analysis presented. The dashboard allowed users to explore the data, visualize key findings, and draw their own conclusions based on our in-depth analysis.

Additionally, the intertwining of a known scam, Audaxtrading[dot]net, with wallets sending significant amounts of USDT to Islamic Jihad is noteworthy. The involvement of numerous source wallets and the small amounts sent from various Tron wallets further complicate the picture.

Most notably, Islamic Jihad wallets appear to exclusively handle USDT, at least on the Tron blockchain, suggesting a specific focus on this cryptocurrency.

In summary, these findings raise concerns about the nature of these transactions, the involvement of various entities, and the potential illicit activities associated with the movement of funds to Islamic Jihad wallets. Further investigation is needed to uncover the full extent of these activities and their implications.

1. Magnitude of Transactions: The analysis of transactions related to Islamic Jihad, Hamas, and Hezbollah unveiled substantial financial activity. Over 58,000 transactions were examined, with a total of $83.9 million transferred vs previous $93M stated, primarily involving USDT, USDC, and TRX transfers. This signifies a considerable financial movement within the network.

2. Temporal Patterns: Notable patterns emerged when studying the evolution of transfers over time. The peak of activity occurred between May 2022 and January 2023, with approximately 4,500 transfers and $7.2 million (USD) transferred as maximum monthly activity vs previous higher numbers. Intriguingly, TRX transfers gained prominence during this period, surpassing 50% of the total transfers to Islamic Jihad wallets.

3. Sender Analysis: The analysis included blacklisted wallets linked to the Ukraine/Russian war, which resulted in the identification of wallets associated with Ukraine/Russian war. However, these wallets exhibited low transaction activity and limited value transfers to Islamic Jihad wallets.

4. Receiver Analysis: All transactions were directly sent to identified Islamic Jihad wallets, verifying the accuracy of the selections.

5. Related-Wallets Behavior: Categorizing wallets based on their behaviors revealed distinct groups. One group received a substantial volume (over $1 million), with a netflow of $23 million. Conversely, two other groups exhibited negative netflows of -17 million and -6 million, respectively. This suggests varying roles within the network.

6. Binance Involvement: The data highlighted substantial involvement of Binance in these transactions, raising questions about the exchange's role in this network. A wallet related to audaxtrading showed a significant negative netflow, warranting further investigation.

7. Common Movements: Specific wallets, such as TQ4HeW..., TMmEY..., and TU3bx..., exhibited unique behaviors, with a large number of transactions having zero value. These behaviors indicate distinct roles in the network.

8. Clustering Insights: The second Sankey Diagram revealed intriguing patterns, including connections to Amir Capital, the nature of transfers from Binance wallets, and increased smaller transactions leading up to the collapse of Terra Luna. Notably, Islamic Jihad wallets appear to exclusively handle USDT on the Tron blockchain.

In summary, the analysis indicates substantial financial activity, potentially related to illicit activities, involving various entities, including Binance. The temporal patterns and clustering of wallets raise questions about the true nature of these transactions. Further investigation is required to fully understand the extent of these activities and their implications.