Drop Account

A drop account is a compromised, stolen, or fraudulently created cryptocurrency wallet or bank account used as a temporary holding point for illicit funds during the laundering process. Drop accounts are typically established with minimal verification requirements or through credential theft, allowing criminals to quickly deposit stolen assets before moving them to permanent accounts or converting them to fiat currency. The temporary nature of drop accounts is strategic—funds remain in these accounts for only hours or days before being transferred elsewhere, minimizing the window for detection. This method is particularly common in organized theft rings where coordinated teams of fraudsters work to move assets through multiple drop accounts across different exchanges and jurisdictions simultaneously. Example: In the 2022 Ronin Bridge exploit, hackers utilized drop accounts across multiple cryptocurrency exchanges to rapidly split and move the stolen $625 million in cryptocurrency through automated mixing services and cross-chain bridges within minutes of the theft. Why it matters for compliance: Drop accounts represent a critical vulnerability in transaction monitoring systems. Compliance programs must employ real-time transaction alerting and behavioral analysis to identify rapid fund movements characteristic of drop account activity, enabling swift freezing and reporting to prevent the successful layering stage of money laundering.

Category: compliance, wallets security

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.