On-chain sleuth ZachXBT has shared his findings on which he sees because the most common misconceptions concerning the FTX hack — taking to Twitter to fix a “lot of misinformation” concerning the event and also the possible culprits.
Inside a extended November. 20 publish on Twitter, the self-announced “on-chain sleuth” debunked speculation that Bahamian officials were behind the FTX hack, that exchanges understood the hacker’s true identity, which the offender is buying and selling memecoins.
1/ I’ve come across a lot of misinformation being spread on Twitter and in news reports concerning the FTX event so allow me to debunk the 3 most typical things I have seen
“Bahamian officials are behind the FTX hack”
“Exchanges know who the hacker is”
“FTX hacker is buying and selling meme coins” pic.twitter.com/IAtHnpJI44— ZachXBT (@zachxbt) November 20, 2022
On the day that that FTX declared personal bankruptcy on November. 11, the crypto community started flagging suspicious transactions on wallets connected with FTX, using more than $650 million transferred from the wallet.
While there wasn’t any official offender continues to be identified, a November. 17 statement from the Securities Commission from the Bahamas (SCB) that mentioned it’d purchased the change in all digital assets of FTX to some digital wallet of the commission around that point motivated some to think the SCB was behind the supposed “hack.”
However, ZachXBT contended the “0x59” wallet address connected using the hacker would be a blackhat address and never associated with either the FTX team or even the SCB since it “started selling tokens for ETH, DAI, and BNB and taking advantage of a number of bridges so crypto could not be frozen on 11/12.”
“The very fact 0x59 was dumping tokens and bridging sporadically was completely different behavior in the other addresses who withdrew from FTX and rather delivered to a multisig on chains like Eth or Tron,” he added.
Zach also notes the blackhat wallet also had connection with another wallet, 0x24, that they suggests “has very [suspicious] behavior on-chain using sketchy services.”
“This behavior completely differs that which was stated concerning the Debtors moving assets to cold storage or Bahamian government moving assets to Fireblocks.”
ZachXBT states his final clue was the wallet address selling Ether (ETH) for renBTC and then using RenBridge, that they states will likely finish using the funds being delivered to “a mixer at some stage in the long run.”
Blockchain analytics firm Chainalysis found an identical conclusion inside a November. 20 publish, noting that:
“Reports the funds stolen from FTX were really delivered to the Securities Commission from the Bahamas are incorrect. Some funds were stolen, along with other funds were delivered to the regulators.”
FTX has additionally commented around the recent fund movements, posting an alert to exchanges “that particular funds transferred from FTX Global and related debtors without authorization on 11/11/22 are now being used in them through intermediate wallets.”
(2/2) Exchanges must take all measures to secure these funds to become came back towards the personal bankruptcy estate.
— FTX (@FTX_Official) November 20, 2022
ZachXBT also highlighted the possibility misinformation all around the claim the hacker’s identity have been discovered by “Kraken or any other exchanges.”
The rumor have been circulating since Kraken’s chief security guard claimed inside a November.12 publish that“We be aware of identity from the user.”
Zach states “The truth is” the consumer recognized as the hacker was likely only the FTX group securing assets to some multi-signature wallet on Tron, using Kraken because of the FTX hot wallet being from gas for transactions., stating:
“The withdrawals to those multisigs also matched what Ryne Miller (FTX GC) had stated at that time. This required place hrs following the initial 0x59 withdrawals.”
Related: FTX funds on the go as crook converts a large number of ETH into Bitcoin
As his last point, ZachXBT required are designed for the rumor that the FTX hacker is buying and selling memecoins, that was first noted by blockchain analytics firm CertiK.
Rather, the blockchain detective claims the transfers happen to be “spoofed” around the Ethereum network, citing a March blog by Etherscan community member, Harith Kamarul explaining how transactions could be faked.