Digital assets worth $477 million were stolen from FTX’s accounts when it collapsed. A hacker began moving the stolen funds to DEX protocols and cross-chain bridges over the weekend.
According to analysts at PeckShield, the hacker’s address, labeled FTX Accounts Drainer, ranked 27th among the largest Ethereum holders last weekend. The hacker had a total of 250,735 ETH in their account at the time, which was valued at about $302.6 million.
On Sunday, November 20, the hacker began withdrawing funds to addresses on the decentralized platform 1inch and the cross-chain protocol RenBridge. A total of 50,000 ETH were withdrawn. Experts believe these actions were aimed at covering traces, and the hacker eventually intended to withdraw some of the funds to crypto mixers.
Amid this background, Chainalysis appealed to its partners to freeze the stolen funds. They also denied one of the rumors, according to which there was no hacking and the funds were managed by the Securities Commission of The Bahamas.
The independent on-chain detective ZachXBT shares the same opinion and refuted several rumors surrounding FTX’s hacking:
- Bahamian authorities are behind the hacking of the exchange.
- Kraken representatives know the identity of the hacker.
- The hacker trades meme coins.
The analyst argued that the Securities Commission of The Bahamas has no connection to the hacker’s address. Kraken officials confused the hacker’s actions with those of FTX’s executives to withdraw assets to cold wallets. Moreover, the on-chain data about meme coin trading that CertiK analysts pointed out was spoofing, i.e., faking by which some transactions were disguised as others. What exactly has been disguised as meme coin trading remains unknown.
The crisis caused by FTX’s bankruptcy keeps evolving. Several countries, including the U.S. and the Bahamas, are discussing with the authorities the possibility of extraditing Sam Bankman-Fried to testify against the company.