1) Flow of FTX hacked funds
Approx, $662m crypto were lost from FTX's hot wallet after the company unexpectedly filed for bankruptcy in Nov.
#FTX #Hack #ETH #Chipmixer #Ren
2) Who is the hacker?
- Seizure by the Bahamian government?
- Solitary work by FTX Insiders?
- Organized criminal related to SBF?
3) FTX hacked funds flow: possible two(2) cases
- Fund recovery and securing measures by white hackers : $186m moved to cold storage
⇒ This transaction would be an attempt to transfer FTX's assets from the Bahamas Securities and Exchange Commission.
4) Hacked funds : $447m stolen by malicious transactions
(Proof 1) typical move for money laundering using a set of technologies such as wallet splitting and bridging
(Proof 2) deceptive behavior of issuing and holding a token called ‘FUCK FTX’
5) Funds exploited
- Amount leaked due to FTX crisis: $662m
- Amount stolen by hackers: $447m
- Current traceable amount: $288m (as of November 25)
6) Two methods used by hackers
- Peel chain : splitting funds and sending them to hundreds of thousands of wallets, then sending them little by little to exchanges or other wallets to collect
- Chain hopping : move funds to another chain via a bridge multiple times
7) After moving to BTC, difficult to track funds if using Chipmixer (currently in progress)
=> Traceable amount: $288m
- BTC is about 15%, and decreasing as money laundering progresses
- ETH is the most at 78.86%, and most alts except ETH are sold
8) Hacker's actions so far
- Swap the stolen ETH with renBTC in DEX
- Claim with renBTC in BTC
- Distributeand deposit BTC to dozens of wallets
- Laundering funds via ChipMixer, a Bitcoin tumbling service
#FTX #Hack #ETH #Chipmixer #Ren
9) Possible scenario
- BTC provides more anonymity and flexibility in money laundering than ETH, and ‘ChipMixer’ is a representative service among them
- 3,580 renBTC will be gradually drained (Currently, renBTC's minting is temporarily suspended)
10) Caution!!
- Possible continuous dumping of ETH
- Use of renBTC transfering to BTC
- BTC’s short-term freeze due to ‘increased amount of laundry’
11) renBTC : the gateway of cashout
Any additional investment has been halted by the most recent bankruptcy of FTX and Alameda. Additionally, minting has been halted in anticipation of upgrading to ren protocol 2.0.
12) The time when Ren Protocol is suspended due to internal issues coincides with the time when the hacker's ETH assets are transferred to BTC.
After Ren protocol 2.0 upgrade, hackers will once again use same route of movement of funds
13) Market strategy (1) To step away and secure assets
possible dump on ETH after Ren 2.0 ⇒ Close high-leverage positions or close some spot positions
Due to its pegging mechanism and relevantly small amount (3%) Hacker’s wallet, there will be unlikely price dumping
14) Arbitrage opportunity
The hacker's purchase of renBTC caused the price to rise, creating an arbitrage opportunity.
After upgrading to ren protocol 2.0, if the hacker uses the same route, there will be another opportunity for arbitrage trading when the hacker moves funds.
15) In particular, holding renBTC instead of BTC in your portfolio is a way to seize the opportunity.
However, there is a risk of being exposed to Ren 2.0 instability and BTC price fluctuations, so DYOR is required
15) Summury
- FTX hacker will probably do ETH dumping, transfer of funds to BTC using renBTC, and using ChipMixer on the BTC network
- Check date of Ren 2.0 and consider countermeasures through ETH position management and renBTC preoccupation from hackers' money transfer
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.