The hacker behind the bankrupt cryptocurrency exchange FTX began transferring their Ether (ETH) holding to a different wallet address on November. 20. The FTX wallet drainer was the 27th largest ETH holder following the hack but came by 10 positions following the weekend ETH dump.
The FTX hacker drained nearly $447 million from multiple FTX global and FTX US exchange wallets just hrs following the crypto exchange declared Chapter 11 personal bankruptcy on November. 11. Most of the stolen funds were in ETH, making the exploiter the 27th largest ETH whale.
On November. 20, the FTX wallet drainer 1 transferred 50,000 ETH to a different address, 0x866E. The brand new wallet address then swapped the ETH for renBTC (ERC-20 form of BTC) and bridged to 2 wallets around the Bitcoin blockchain. Among the wallets bc1qvd…gpedg held 1,070 renBTC while another wallet bc1qa…n0702 held 2,444 renBTC.
FTX Wallet Drainer has become the 37th largest holder of ETH
Dropped 10 places after transferring 50,000 ETH to 0x866E today
We’re also ongoing to determine ETH swapped for renBTC in 0x866E
Wallet presently holds ~1127 renBTC and ~19k ETH pic.twitter.com/sPJjtoWwud
— CertiK Alert (@CertiKAlert) November 20, 2022
Crypto analytic group CertiK later tracked the bridged renBTC on bc1qvd…gpedg address and located the address employed a cash washing technique known as peel chain to launder the renBTC.
A Peel chain is really a method to launder a lot of cryptocurrency via a extended number of minor transactions. A little portion is “peeled” in the subject’s address inside a low-value transfer. These incremental laundered money is frequently used in exchanges where they may be transformed into fiat currency or any other crypto assets.
Related: FTX hacker has become the 35th largest holder of ETH
During the time of the FTX hack, there have been two parties involved, one spammy that were able to drain $447 million along with a white-colored hat that were able to move $186 million of FTX assets to cold storage. However, when Bahaman Registration released a notice suggesting they are attempting to move assets in the FTX, it elevated many eyebrows, with lots of claiming the securities regulator was, actually, the spammy behind the exploit.
Have you seen this? Bahamian SEC states have (attempted to?) “transfer all digital assets” to some digital wallet they, not FTX, controls. If FTX may be the white-colored hat, then is not the Bahamian govt the spammy?https://t.co/ddbEmx2nyq
— zkSTONKs (@zkSTONKs) November 20, 2022
On-chain analyst ZachXBT highlighted the token transfer pattern from the spammy wallet and stated the wallet was dumping tokens and bridging sporadically would be a completely different behavior in the other addresses that withdrew from FTX and rather delivered to a multisig on chains like Ethereum or Tron.
Searching in the movement of funds and also the techniques active in the change in these funds, t’s unlikely that FTX wallet drainer 1 is underneath the charge of the Bahamian government according to today’s on-chain activity. The BTC activity is in line with a peel chain, a kind of money washing that might be highly improbable for any government agency to engage in.