A day after FTX filed for bankruptcy, the firm’s hot wallets were drained by hackers, walking away with nearly $650 million in altcoins.
Now, after various bridgings and on-chain chicanery, the attacker is left with holdings of more than $367 million across various major blockchains.
The attacker laundered proceeds using decentralized exchanges (DEX) and cross-chain bridges, reported blockchain intelligence firm Arkham Intelligence.
A total of almost $20 million in PAXG was frozen across the attacker's 4 addresses that hold PAXG.
The attacker also attempted to obfuscate fund transfers on BSC by 'swapping' tokens with the recipient address set to a separate address, 0x2cb. pic.twitter.com/dLxYyWPuNf
According to Elliptic, cross-chain bridges are widely used by hackers to launder stolen funds. “Chain hopping,” the movement of stolen funds between different blockchains, helps hackers evade tracing by enforcement agencies.
Here’s how it went down.
On November 12, 2022, roughly $650 million in ill-gotten funds were routed from FTX’s hot wallet to two wallet addresses, one on Solana and the other on Ethereum.
Since then, the hacker’s wallet address bridged the funds to different blockchain networks, including Binance Smart Chain, Polygon, and Avalanche, according to data from respective block explorers.
Law enforcement agencies were, however, able to freeze nearly $20 million in Paxos Gold (PAXG) tokens linked to the attack on November 14.
Hacker’s wallet holdings across Ethereum, Binance Smart Chain, Polygon, and Avalanche. Source: Debank
According to data from debank, the hacker’s wallet address holds nearly 229,000 Ethereum (ETH) and 8,184.9 Paxos Gold (PAXG) tokens on Ethereum.
On Binance Smart Chain, the wallet holds nearly 108.454 million BNB and 1.685 million DAI stablecoin. Avalanche hosts about 3.970 million in Tether’s stablecoin USDT in the hacker’s wallet address.
It was launched as an exclusive cryptocurrency, only for those with deep pockets. But after a vote, now the average Joe will soon be able to buy President Trump-backed WLFI from exchanges.
The native token of World Liberty Financial will soon be available for trading to "begin the next phase of community ownership and engagement," according to its website.
WLFI is World Liberty's native governance token. In the crypto space, holders of a governance token can vote to make changes to how the proj...
A blockchain researcher accidentally burned approximately $58,000 worth of Pump.fun’s PUMP token on Solana—but he told Decrypt that he isn’t “sad or angry” about the costly mistake.
The mistake came after he bought $40,000 worth of the token in Pump.fun’s sought-after token sale on Saturday, which sold out in just 12 minutes. Once the token launched, PUMP debuted at a price of $0.005827, which is 45% higher than its ICO valuation, bringing the unlucky trader’s losses to a total of $58,270.
On Su...
Hyperliquid has rapidly become a major player in decentralized finance, but Project X aims to level the playing field on the layer-1 HyperEVM chain that powers it—and seeks to become the frontend for the ecosystem in the process.
In a space crowded with teams racing to build similar platforms, the team insists its strategy stands apart. Rather than focusing solely on technical innovation, Project X sits down with Decrypt for an exclusive interview on how it is taking a distribution-first approac...
