Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
ZachXBT Profile picture
@zachxbt
Jun 30, 2021 15 tweets 7 min read Read on X
Scrolly
1/ Welcome to the bull run of 2020/2021. It’s up only (was), valuations are at ATH, and your favorite influencer can be a VC.

New funds pop up on a weekly basis yet at the same time invest/incubate a billion projects at once. How are they so efficient you might ask?

👇👇👇
2/ Let me introduce you to Moonrock Capital.

In 2018 Johnathon Habicht & Simon Dedic founded Blockfyre; a blockchain advisory firm based in Germany. In 2020 this was acquired by Tixl. In between that period in 2019 Moonrock Capital was formed by them.
3/ After the Scott Melker incident someone close to the team at Moonrock & Blockfyre messaged me about the firm and all that went on.

Let’s dive into two of the projects ($POLK & $PMON) incubated by Moon Rock Capital a bit deeper to see if they did set the “standard”.
4/ Polkamon ($PMON)

As one of the largest marketing failures this bull run the chart exemplified suspicious activity.

In doing so I reviewed the entire transaction history from launch to June. Below is a brief summary of my findings.
5/ It’s clear the only thing that MoonRock helped them succeed with was pump investors/insiders funds and dump on retail.

Below is the typical lifecycle of the “Moon Rock incubation standard”.
6/ Polkamarkets ($POLK)

As another incubation you might think $PMON was a one time event.

Below is a graph with all of the largest (cumulative) sells in the first 4 weeks. Many of the wallets received tokens from other IDO’s as well.
7/ Now you’re starting to see the pattern? If you’re still not convinced here are some other projects that they invested in.

I’ve included the investment announcement date, token launch date, and ATH date in the chart.

($KYL, $DAFI, $LKR, $CGG)
8/ All your favorite CT influencers work with the VC’s and Marketing firms for a collective shilling campaign. Many do not disclose they were compensated in some capacity. They are placed into groupchats organized by people like Danny Les (for $PMON & $POLK)
9/

Perhaps you think that the teams at $PMON & $POLK were taken advantage of. A couple of the founders on the $POLK & $PMON team worked at Tixl which Blockfyre was acquired by. All of who Moon Rock worked closely with previously.
10/ Other VC’s have sprung up and do the exact same thing.

The larping VC model includes: little to no vesting period, shilling campaign, use noob friendly buzzwords, ponzi tokenomics designed to benefit VC’s at launch.
11/ Here are possible solutions that hopefully more VC’s should follow.

⁃Dont share the cap table with larping VC’s that dump instantly
⁃Make transparency status quo
⁃Regulation

This will help wash out the bad actors that give the crypto space a bad name.
12/ Follow for more threads in the future!
13/
A huge thanks to the team at @LedgerQL for providing me with the entire history of DEX trades for $POLK & $PMON. Can’t wait for the fully functioning site to be live.

Also a thanks to @mathieu_ouioui for helping give me a second eye by reviewing my analysis .
14/ Sources:

Refer to the files below for data dumps for Polychain Monster (Polkamon) & Polkamarkets.

drive.google.com/file/d/1MfinJ9…

drive.google.com/file/d/1tB8GTr…
There goes one of them…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with ZachXBT

ZachXBT Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @zachxbt

ZachXBT Profile picture
Jul 18
1/ So I began tracing the $230M+ WazirX hack back from the original exploiter address and was able to make some interesting observations.
Image
2/ The theft address I will start from is 0x6ee which was doing test transactions on July 10th from 0x09b multisig with SHIB and was funded with 6 X 0.1 ETH from Tornado.

0x6eedf92fb92dd68a270c3205e96dccc527728066

A technical breakdown of the attack by Mudit can be found below

Image
Image
3/ With the 6 X 0.1 ETH withdrawals from Tornado Cash on July 10th I was able to demix this and find 6 X 0.1 ETH matching deposits made the day before.

0xc6873ce725229099caf5ac6078f30f48ec6c7e2e

The demix is accurate as 0xc68 was also doing tests with 0x304 multisig on July 9th with SHIB.Image
Read 6 tweets
ZachXBT Profile picture
Jun 19
For those who are confused and need additional context.

Earlier today Arkham announced a $150K bounty for the identity of the DJT creator

11:49 pm UTC I reply to Arkham saying I submitted for the bounty
11:57 pm UTC Martin Shkreli panic DM’s me
12:27 am UTC Martin Shkreli creates a spaces and announces he is the creator of DJTImage
Image
Image
One of the large DJT insiders verso.sol dumping $832K worth of DJT and then depositing USDC to CEX ~1 hr ago

Coincidentally also a large holder on Martin’s other project Shoggoth

5cPzLzLQjt2oc8X6rGannrh7HmVJNAMFJKq21DdZRuHP


Image
Image
Image
Who else was potentially involved with DJT?

An account named CWR was the admin of the Telegram group for the DJT token.

CWR is also very active in Martin Shkrehli’s public Discord server with 1K+ messages.

CWR’s Discord username is ‘cameronrox’ and refers to his alleged real name Cameron Roxborough multiple times.

He boasts about going to school with Barron Trump in multiple messages in the main-chat channel.

Are they actually close friends or is he larping? That part remains unclear.

Last night CWR left both the Telegram group and Discord server. Luckily at the time of this post his messages remain in the Discord server.

Discord ID: 294231685665521664Image
Image
Image
Image
Read 4 tweets
ZachXBT Profile picture
Jun 12
1/ Here is an overview of one of the better executed scams I have seen in recent times so I figured I would share with the community as a cautionary tale.

A few weeks ago I received a DM from a follower who lost $245K after accidentally downloading malware onto their computer.
Image
Image
2/ It started as an account purporting to be Peter Lauten from a16z, messaging a team to inquire about a potential podcast partnership.

Image
Image
Image
3/ The attacker noticed that the real Peter Lauten had changed his X (Twitter) username from ‘peter_lauten’
to ‘lauten’ at a point in time and then had claimed his old username. Image
Read 7 tweets
ZachXBT Profile picture
May 27
1/ An investigation into how the @sol ($CAT) meme coin team is connected to the @GCRClassic hack from last night.

Minutes before the hack an address tied to them opened $2.3M ORDI & $1M ETHFI longs on Hyperliquid.

Let’s dive in.
Image
Image
2/ The @sol team sniped their own launch to control 63% of the supply selling $5M+ of $CAT before transferring the profits to multiple wallets.
Image
3/ 6M54x received ~15K SOL ($2.5M) from the CAT sold and began depositing funds to Kucoin (4.8K SOL) and MEXC (4.8K SOL & 1.4M USDC) on May 25th.

6M54xEUamVAQVWPzThWnCtGZ7qznomtbHTqSaMEsUHPF
Read 9 tweets
ZachXBT Profile picture
Apr 29
1/ How Lazarus Group laundered $200M from 25+ crypto hacks to fiat from 2020 - 2023

zachxbt.mirror.xyz/B0-UJtxN41cJhp…
2/ Traced 25+ connected hacks across multiple blockchains and through mixers to centralized exchanges.
Image
Image
3/ Identified accounts at Noones and Paxful (P2P marketplaces) that received funds from the hacks and were used to convert crypto to fiat.
Image
Image
Read 6 tweets
ZachXBT Profile picture
Apr 16
1/ An investigation into the alleged $11.1M @PrismaFi exploiter 0x77 (Trung) and the multiple other exploits they are connected to. Image
2/ On March 28, 2024 the Prisma team observed a series of transactions on the MigrateTroveZap contract which resulted in a loss of 3257 ETH ($11.1M)

Exploiter address
0x7e39e3b3ff7adef2613d5cc49558eab74b9a4202

A comprehensive post-morten of the incident can be found below:
Image
3/ At first the attacker communicated with the Prisma deployer the attack was whitehat.

Later that day all of the funds were deposited to Tornado Cash contradicting that statement.

The exploiter began making outrageous demands and asked for a $3.8M (34%) whitehat bounty

This amount is significantly higher than the industry standard 10% essentially extorting the team as the treasury does not have sufficient assets to reimburse users.Image
Image
Image
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(