LIVE · ON-CHAIN · Generated Monday · April 27, 2026 · 16:13 UTCIssue №2026117 · bluewingintel.com
BlueWingIntel
Fraud Watch · Daily · BTC · ETH · SOL · TRX · BNB · Free
Issue №2026117
Monday · April 27, 2026 · 16:13 UTC
Ed. #1 · First Edition
$1.18M flowed into Tornado Cash in the last 24 hours.
90 discrete deposits across four pool denominations, computed live from on-chain logs. Tornado's smart contracts were sanctioned in August 2022 — the contracts themselves are immutable and keep accepting ETH. This is what the chain actually shows, not an API estimate.
Editor's note — what this edition actually is
This is Fraud Watch №1. Every figure below is pulled live from public sources at generation time.
No sample data, no padding. Sections without live signal are hidden, not filled. We lead with
Tornado Cash deposit counts because the signal is timely, computable on free public RPC, and
missing from every free competitor. Our proprietary labeled-wallet database seeds with every run.
Lead · Mixer Inflows · Tornado Cash · Last 24h
$1.18M in · 90 deposits · 516.60 ETH
Pool
Deposits
ETH in
Contract
0.1 ETH
36
3.60 ETH
0x12D66f87…
1 ETH
33
33.00 ETH
0x47CE0C6e…
10 ETH
18
180.00 ETH
0x910Cbd52…
100 ETH
3
300.00 ETH
0xA160cdAB…
Computed via eth_getLogs against the four canonical Tornado Cash ETH pools.
Contracts were designated by OFAC on 2022-08-08; they remain immutable and continue accepting deposits.
Anyone who deposited in the last 24 hours has, by Treasury position, touched sanctioned infrastructure.
Our Focus · USDT-TRC20 on TRON · The Rail Nobody Covers
$382.7K
across 6 notable transfers in the latest Tronscan window — live from the chain, not an aggregator.
TRON USDT moved ~$62B at last issuance count and is the dominant stablecoin venue for pig-butchering, ransomware off-ramps, and sanctions evasion. Sell-side doesn't cover it. Chainalysis dashboards it but won't publish it. This is BlueWing's lane.
DPRK breached LayerZero's infrastructure, forged a bridge message, and walked $290 million out of KelpDAO in one transaction. Aave is holding hundreds of millions in bad debt. The dominoes are still falling. DeFi United is scrambling to catch them.
Forensic reports · when a daily scan is not enough
Stop guessing. Start citing.
A risk verdict in thirty seconds, a filable report in three days, or the full intelligence package in ten. Same evidence discipline every BlueWing PDF has shipped since day one: SHA-256 manifests, confidence-graded findings, and a transaction hash behind every claim.
Free · Risk Check
Thirty seconds · Public
$0
Paste the address. Green, yellow, or red in under thirty seconds. OFAC and sanctions, drainer and scam-registry hits, exposure tags, one-line plain-English summary. Enough to know whether to walk away or pick up the phone. No credit card.
First 3 lookups · no email needed Then 2 / day · 10 / week · email-verified Cloudflare Turnstile bot protection
For the deal that needs a paper trail. Full transaction history, a three-hop connected-wallet graph, mixer entry flags, supply-concentration analysis, drainer-ring identification, multi-chain on the single entity. Watermarked PDF with SHA-256 evidence manifest, independently verifiable by your counterparty. Priced to close on a corporate card. No RFP. No committee.
For serious matters where counsel is already involved. Everything in Pro, plus the OSINT layer that holds up under scrutiny: GitHub scam-site enumeration, IPFS metadata, WHOIS pivots, social and homoglyph cross-reference, up to three chains with a five-hop network graph. Structured JSON export for the data room. Optional on-chain anchoring for chain-of-custody. Used by attorneys in live crypto-fraud matters.