Crypto sleuth debunks 3 biggest misconceptions about the FTX hack – Cointelegraph

Blockchain detective ZachXBT has provided evidence refuting recent speculation about the identity of the FTX hacker and their supposed memecoin activity.
On-chain sleuth ZachXBT has shared his findings on what he sees as the three most common misconceptions about the FTX hack — taking to Twitter to correct a “ton of misinformation” about the event and the possible culprits. 
In a lengthy Nov. 20 post on Twitter, the self-proclaimed “on-chain sleuth” debunked speculation that Bahamian officials were behind the FTX hack, that exchanges knew the hacker’s true identity, and that the culprit is trading memecoins.
1/ I have seen a ton of misinformation being spread on Twitter and in the news about the FTX event so let me debunk the three most common things I’ve seen

“Bahamian officials are behind the FTX hack”
“Exchanges know who the hacker is”
“FTX hacker is trading meme coins”
On the same day that FTX filed for bankruptcy on Nov. 11, the crypto community began flagging suspicious transactions on wallets associated with FTX, with more than $650 million transferred off the wallet. 
While there was no official culprit has been identified, a Nov. 17 statement from the Securities Commission of the Bahamas (SCB) that stated it had ordered the transfer of all digital assets of FTX to a digital wallet owned by the commission around that time prompted some to believe the SCB was behind the supposed “hack.”
However, ZachXBT argued that the 0x59 wallet address associated with the hacker was a blackhat address and not affiliated with either the FTX team or the SCB because it “began selling tokens for ETH, DAI, and BNB and using a variety of bridges so crypto couldn’t be frozen on 11/12.”
“The fact 0x59 was dumping tokens and bridging sporadically was very different behavior from the other addresses who withdrew from FTX and instead sent to a multisig on chains like Eth or Tron,” he added.
Zach also notes that the blackhat wallet also had contact with another wallet, 0x24, which he suggests “has very [suspicious] behavior on-chain using sketchy services:”
ZachXBT says his final clue was the wallet address selling Ether (ETH) for ren Bitcoin (renBTC) and then using RenBridge, which he says will most likely end with the funds being sent to “a mixer at some point in the future.”
Blockchain analytics firm Chainalysis came to a similar conclusion in a Nov. 20 post, noting that:
FTX has also commented on the recent fund movements, posting a warning to exchanges “that certain funds transferred from FTX Global and related debtors without authorization on 11/11/22 are being transferred to them through intermediate wallets.”
(2/2) Exchanges should take all measures to secure these funds to be returned to the bankruptcy estate.
ZachXBT also highlighted the potential misinformation surrounding the claim the hacker’s identity had been discovered by “Kraken or other exchanges.”
The rumor had been circulating since Kraken’s chief security officer claimed in a Nov.12 post that, “We know the identity of the user.”
Zach says “In reality,” the user identified as the hacker was likely just the FTX group securing assets to a multi-signature wallet on Tron, using Kraken due to the FTX hot wallet being out of gas for transactions, stating: 
Related: FTX funds on the move as thief converts thousands of ETH into Bitcoin
As his last point, ZachXBT took aim at the rumor that the FTX hacker is trading memecoins, which was first noted by blockchain analytics firm CertiK.
Instead, the blockchain detective claims the transfers have been “spoofed” on the Ethereum network, citing a March blog by Etherscan community member Harith Kamarul, explaining how transactions can be faked.


Leave a Comment

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

Welcome to FactsPrime

Sorry, We have detected that you have activated Ad-Blocker. Please Consider supporting us by disabling your Ad Blocker, It helps us in maintaining this website. To View the content, Please disable adblocker and refresh the page.

Thank You !!!