Watch Your Back
live dataLightning-channel openers, sextortion, ransomware, clipper-malware archive.
Rows in labels.db
480,729
Confidence
0.7-0.95
Refresh cadence
Quarterly
Schema
per-subkey
About this source
Watch Your Back is a security-research dataset out of cybersec-code on GitHub. It aggregates 17 sub-categories of BTC addresses associated with security incidents: Lightning Network channel-opening transactions, sextortion campaigns, ransomware payment endpoints, clipper-malware destination addresses, and an archived snapshot of BitcoinAbuse before it shut down. Each sub-category becomes its own source subkey (watchyourback:sextortion, watchyourback:ransomware, etc.) so filtering by attack class is one query.
How we got the data
Cloned from the cybersec-code/watchyourback GitHub repository. 17 sub-source directories walked, .tags rows parsed and ingested. ~480K addresses total.
Why this confidence
Varies by sub-category. Lightning openers (mechanical extraction from on-chain data) get 0.95. Ransomware and sextortion entries vary; some are first-hand victim reports, others are reposts from other feeds. Confidence per entry preserves the original dataset's per-entry annotation.
License & attribution
Permissive open-data license per upstream. We carry the original sub-source directory name as our subkey so attribution back to the dataset's curators is always one click away.
Largest sub-buckets
This source uses per-subkey rows so a single address page can
distinguish, e.g., watchyourback:AntPool.com from
watchyourback:F2Pool.com. Top 20 by row count:
| Subkey | Rows |
|---|---|
| 20220323_ln-opening-channels | 232,838 |
| sextortion | 62,513 |
| miner | 37,461 |
| coinjoin-input | 36,548 |
| bitcoinabuse_blackmail-scam | 21,126 |
| bitcoinabuse_sextortion | 18,463 |
| 20210202_tracking-ransomware-end-to-end_cerber-locky-addresses | 16,128 |
| bitcoinabuse_ransomware | 11,878 |
| 20210126_clipper_clipsa | 9,412 |
| ransomware | 7,560 |
| 20210128_bitcoin-otc | 6,595 |
| bitcoinabuse_other | 5,325 |
| ransomnote | 5,091 |
| key-release-analysis | 2,418 |
| bitcoinabuse_bitcoin-tumbler | 1,267 |
| 20220506_blockchain-iocs | 749 |
| bitcoinabuse_darknet-market | 672 |
| hacked-txin | 466 |
| extremism | 426 |
| exchange | 415 |
Sample addresses
Up to 100 representative rows from this source, picked live from labels.db. Addresses appearing in the current rich-list snapshot are surfaced first, sorted by balance. Click any address to see its full /address aggregator entry.
| Address | Label | Balance (BTC) | Confidence |
|---|---|---|---|
| 34xp4vRoCGJym3xR7yCVPFHoCNxv4Twseo | WatchYourBack: exchange:binance.com | 248,597.58 | 0.85 |
| 3M219KR5vEneNb47ewrPfWyb5jQ2DjxRP6 | WatchYourBack: exchange:binance.com | 166,841.14 | 0.85 |
| bc1qgdjqv0av3q56jvd82tkdjpy7gdp9ut8tlqmgrpmv24sq90ecnvqqjwvw97 | WatchYourBack: exchange:bitfinex | 130,010.08 | 0.85 |
| 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF | WatchYourBack: miscabuse | 79,957.27 | 0.70 |
| bc1qa5wkgaew2dkv56kfvj49j0av5nml45x9ek9hz6 | WatchYourBack: miscabuse | 69,370.18 | 0.70 |
| 3LYJfcfHPXYJreMsASk2jkn69LWEYKzexb | WatchYourBack: pending | 68,200.01 | 0.60 |
| 1AC4fMwgY8j9onSbXEWeH6Zan8QGMSdmtA | WatchYourBack: miscabuse | 51,830.40 | 0.70 |
| 13v8hur858wjwsd2Z9cGxpsGyx3ynQf7S8 | WatchYourBack: username:"wot_Pwnonias | — | 0.85 |
| 111u5Bbmz7gmaf2NXVyciTjCfdfqejzWm | WatchYourBack: clipper:clipsa | — | 0.80 |
| 111whB6nemA6dWpmN4XLLnp25U4AMrpae | WatchYourBack: clipper:clipsa | — | 0.80 |
| 11217dsx5EPhq7oF6AQW1WNpdVG8cGrAJm | WatchYourBack: clipper:clipsa | — | 0.80 |
| 11229SW3yYLcVXxTn5EXK9ZxNGwWcJ1Scn | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1122tXdLQDVgXDboqkCgVrf3ViqW9swqYh | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1122zsvFLhwMW4tWqF8MdNApWzL6KpfrXW | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1125YHcvCGunmaQFDaKjHukziHiXnR7F3U | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1126ZmvTT7rVyojSiMP5w8fGYFGDJ9Sfzi | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1128A6HV649N7u9b3BAta9zLEMAaAn4EAH | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1128H7NwRpEzD5wba8iM2KwJo9MiBr8DrY | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1128KaxmFQzDQMfpeEQKR4s9SeSMFRj5YF | WatchYourBack: clipper:clipsa | — | 0.80 |
| 11293Qicnn5SE1wtHdVoVC2HUKUsWn2SqS | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112aMS1keqJS4jLucCG59HX1uFsbrjwEvJ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112b51c13nfZxhb8Jq7W56tPYpcUk5TJ7S | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112BnvVQSY39rtU5vygeGcrRgJaxxpPvhn | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112C9phK9puGz8wndz9BmFs3KdwpXoZkuM | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112cQaanVcLzVj4uAbPUWsCLgLRFhhTDvx | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Craz59syW4dc8abVtGw7B3QeB835mPB | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112cSF3yLEsa2Aau3eQzcykffx6ys558Uj | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112DqcknC639juB2VKyiqBemccPZzibrV7 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112E9ufxnCwhUQKSjrW29UcdqCBAgsDiBJ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112EEzNrth7VBA5bkqS9Y1AWMmZanN1mww | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112FE8DmNXsa61BpaH8XnomqXbg1FvHuwF | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112FfWLqRGiQY4JucHBCrDn53jHKMesn5e | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Fhgaj1TQf4Dmu7jGfrahMCXj927tr3K | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112fWR54xeBFFCwLeGXs42geokLBcRuZaa | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112GEb8jAaoJcQvm4KUVZEWbWfooCam2AH | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112ghE3oNRy7SeJaAMoF5gXpG3MKTXXqZ5 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112GXBD2KDKqUxZxE5t5aoigr6P6Tf5yai | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112HfN8TH8vYG9usdPAJEqkRDD7ZeE2b1D | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112HgDPPYRj9wMPk8bG3zAyDX3T2rjAJo9 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112iYVHN9fi4irxeKhpg3dQgWiHZ299TAr | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112jAfkNq25JSCsJDxvNqMxCDHzEZUsxaC | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Kfk92cDEM4XYsDU2HarXi9pyUjcnRvX | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112LH5xowT4qTUtto61oGNRyLLAhY6GDCM | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112LppMn5SZU4tHoRsLqF7YgaiWW2zFdQu | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112M9QKc5SnNK7MsaE9LNd3gcnXjPZvpsT | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112mQwA9nrr5sNz9H2puHncoTf9LRNDmPZ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112odQuPKWta5n3ZHrVqDDVrdNPPsnaMz1 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112oMmKTCEiTe6HmFLteYZabnLcniV8iu8 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112oqsart6hwGwjFwzgKaYwsp8F8bsfZ4W | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112poPrf7sD4kPzxZzH3jqe4Ps7MEzBVri | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112prBioYELTquK7vDHpHfoRb2v81dE8My | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112R9d2ibQ6kdeup2gB5jcWvfnbJZAmMFb | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112RBGTiEWN1sHzw7UUWsbyzparXBi9PgJ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112rcCS4ZTKprxxrAG3jrmgZNWNhiZ4AXY | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112S3EMiAkSwa1TQttGdkX6Wx8HaVaqMMV | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112siM1yL3DMe53aN4EqRmavAwxQtv5ofS | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112SiR8TVYYGLvDE9pj3S853XzP63vfRdM | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112TDWvri2ykWdF4W2ce6bUTbLLN1sNCzY | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112TfVNMavPzmjzjqjWZLmF2mY6arScdHd | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112tQo1GbaESkLfxz514S666LVFiVP2E8H | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112tua4x6dmyuuKgVuysernDh4HQaC43nf | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112TVakHNUnsnT8ZvrLHuMRX2QLiWWhTY2 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112UajNiai6qUcVaQEQn27dymgq8uVWgpv | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112UakPs3VjLCLUqGzTNtHodu8AMogYNCk | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Ux1j7zaUSDTR1nvikjBQoDhpC59XBg3 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112vJH1vidrBkzZ88JcNq1ZjAe8cg624zE | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112wNVQT2oiwPkyqzXdctj9XfbxG11SXBv | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112WWwSZPJuENnZwphcQMZMCJpVmADVUtz | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112X5dwDb8myHLJC7CMihCJDBnTFqygFym | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112XJfmz11sH6oYWG3SR2WFWSnX3bQkanf | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Xr2PNbo17TXu1gAhVN24JosfutxAvnz | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Y9wDet2UTjsH7dBdhaBwS2CH4vfiPn4 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112YcNmGj2QEQ7ERVTGa38NYeKrbL1pZix | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112Yxa8eUgDaG6LsU4qyLAAgjd4zFc9JiA | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112ZJkK4KZosAq5AWJukpt9MkNDUHZs4ri | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112ZPrnKGwguL5WwgoKHk1tJ2mmyzfe5vh | WatchYourBack: clipper:clipsa | — | 0.80 |
| 112ZT53buNAdAYRr4omjrx6J7qHjHcm2vd | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1131pjg31scmUdMyYs1hWcKvnTEy91GWeP | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1132fkrsFTjL5gyXx4DQqbLrzU9RtgnE2M | WatchYourBack: clipper:clipsa | — | 0.80 |
| 11338bbNh8QY5VdDqcHRb3MtiPNPaRYAsW | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1134BBMWQUoPeDf7duwGVfxrCk6SiuGA7o | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1134HcWJUScE19cJMiuCLXstnrMF81Mda9 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1136f7Xv1ycDsGoARD9FiPyZMhHSkxLvYQ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1136R2qfsbqArNbVRnfxLkgUFALx5tGR2U | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1137CMkfv8DtjbvYcRpLds34Qn4ij6NG4r | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1138851jVcAVfkinB4hXMRHmmM18zFm6jH | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1138baNvJWEd4fiw1v8mDwZkHrHeXAJsSE | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1138FP7tmNAwEPyw8FXbhto4Wap47UjXJf | WatchYourBack: clipper:clipsa | — | 0.80 |
| 11396MsK1oXcBG2xtSsEDeNbppau9gFpVo | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1139FuNFshxY1QWeJ8p8nj1Cjss9J6s668 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 1139K18oENyt8mVUnVnpp8dW2bZSkZ97EZ | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113aStrNLxbkxzaBKLMvnRRLQs4VDhMazh | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113bC368MjwGsomQ7nPvoBjgqBh8ZKibNt | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113BH8y5ju7H8DdTKvaf1oEC5JRMRCDTcL | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113BqG1WpfDPwcNvy7X1T9uBVkqMqQ1qnv | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113bUcAqxRgLiMgT7vBoHnxmMn9rgCYJU2 | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113bXX6Rb8AWuV1B1NZgLJuwqz7bfKMNpv | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113CQzXm57KZwVRb5RW2Pwvj5bky4PP8X | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113cSqQPH51yidTBNsdk4dFHgKbR4gT3Yd | WatchYourBack: clipper:clipsa | — | 0.80 |
| 113cTixHD27ZVLXFZDUC6RK1sywKwSiWy4 | WatchYourBack: clipper:clipsa | — | 0.80 |
See how this source overlaps with the others
The cross-source view shows every address labelled by two or more of our 15 sources — useful when one source flags an address and you want to know who else has it tagged, and how.
Cross-source overlapWant this as a feed?
Same data drives the Address Monitoring API: real-time inflow / outflow events on these addresses as they confirm.
About the API