The three main myths concerning the FTX hack are dispelled by crypto sleuth

https://thecryptostar.co/?p=18756

ZachXBT, a blockchain investigator, has presented proof disproving previous rumors regarding the identity of the FTX hacker and their alleged memecoin behavior.

On-chain investigator ZachXBT addressed a “lot of disinformation” regarding the incident and the potential offenders on Twitter by outlining what he believes to be the three most widespread misconceptions about the FTX breach.

The self-described “on-chain sleuth” dispelled rumors that Bahamian officials were behind the FTX attack, that exchanges knew the hacker’s real name, and that the culprit is trading memecoins in a lengthy message on Twitter on November 20.

On November 11, the same day that FTX declared bankruptcy, the crypto community started to raise red flags about suspicious activity on FTX-related wallets, with more than $650 million moving out of the wallet.

Despite the fact that no one has been officially blamed, some speculated that the Securities Commission of the Bahamas (SCB), which issued a statement on November 17 claiming to have ordered the transfer of all FTX’s digital assets to a digital wallet it owned at the time, was responsible for the alleged “hack.”

Because it “began selling tokens for ETH, DAI, and BNB and using a number of bridges so crypto couldn’t be frozen on 11/12,” according to ZachXBT, the “0x59” wallet address linked to the hacker was a blackhat address and not connected to either the FTX team or the SCB.

He continued, “The behavior of 0x59 was significantly different from the other addresses who withdrew from FTX and sent to a multisig on chains like Eth or Tron. 0x59 was dumping tokens and bridging occasionally.

Additionally, Zach notes that the blackhat wallet communicated with 0x24, a wallet that he claims “has highly [suspect] behavior on-chain using dubious services.”

“This action totally contradicts what was reported about the Debtors putting assets to cold storage or the Bahamian government sending assets to Fireblocks,” the author writes.

The wallet address that sold Ether for $1,127 for renBTC and then used RenBridge, according to ZachXBT, was his last piece of information. He believes that this transaction will most likely result in money being sent to “a mixer at some point in the future.”

In an article published on Nov. 20, the blockchain analytics company Chainalysis reached a similar result, stating that:

“It is untrue that the money taken from FTX was really sent to the Bahamas Securities Commission. While other payments were sent to the regulators, some were stolen.

In response to the latest fund transfers, FTX posted a notice to exchanges informing them that “certain funds transferred from FTX Global and connected creditors without authorisation on 11/11/22 are being transferred to them through intermediary wallets.”

The risk for misrepresentation surrounding the assertion that the hacker’s identity had been revealed by “Kraken or other exchanges” was also brought up by ZachXBT.

Since Kraken’s top security officer stated in a post on November 12 that “We know the identity of the user,” the myth has been spreading.

According to Zach, the FTX group was probably merely utilizing Kraken to secure funds to a multi-signature wallet on Tron because the FTX hot wallet was running out of gas for transactions. Zach says:

Ryne Miller (FTX GC) has previously said that the withdrawals to these multisigs were consistent with that. This happened several hours after the first 0x59 withdrawals.

Related: Thief transfers thousands of ETH into Bitcoin, moving FTX funds.

ZachXBT addressed the FTX hacker swapping memecoins rumor, which was first brought forward by blockchain analytics company CertiK, as his final point.

Instead, the blockchain investigator contends that the transfers were “spoofed” on the Ethereum network, citing a blog post from Harith Kamarul of the Etherscan community from March that described how transactions can be faked.