5/ It’s clear this is a group of larps that made their money from posing as a research group when in reality they made money from IDO shilling and wrecking anyone who followed them.
6/ It’s frustrating to see all of them get such engagement and make so much money while the newbies blindly follow.
We see this reoccur time after time again. Adouble212 DM’d me saying they want to change but they’ve already caused so much damage at the expense of others.
7/ Why would you trust them now? The least they could have tried to do is reimburse the victims if they’re “truly sorry”.
2/ The theft address I will start from is 0x6ee which was doing test transactions on July 10th from 0x09b multisig with SHIB and was funded with 6 X 0.1 ETH from Tornado.
0x6eedf92fb92dd68a270c3205e96dccc527728066
A technical breakdown of the attack by Mudit can be found below
3/ With the 6 X 0.1 ETH withdrawals from Tornado Cash on July 10th I was able to demix this and find 6 X 0.1 ETH matching deposits made the day before.
0xc6873ce725229099caf5ac6078f30f48ec6c7e2e
The demix is accurate as 0xc68 was also doing tests with 0x304 multisig on July 9th with SHIB.
For those who are confused and need additional context.
Earlier today Arkham announced a $150K bounty for the identity of the DJT creator
11:49 pm UTC I reply to Arkham saying I submitted for the bounty
11:57 pm UTC Martin Shkreli panic DM’s me
12:27 am UTC Martin Shkreli creates a spaces and announces he is the creator of DJT
One of the large DJT insiders verso.sol dumping $832K worth of DJT and then depositing USDC to CEX ~1 hr ago
Coincidentally also a large holder on Martin’s other project Shoggoth
1/ Here is an overview of one of the better executed scams I have seen in recent times so I figured I would share with the community as a cautionary tale.
A few weeks ago I received a DM from a follower who lost $245K after accidentally downloading malware onto their computer.
2/ It started as an account purporting to be Peter Lauten from a16z, messaging a team to inquire about a potential podcast partnership.
3/ The attacker noticed that the real Peter Lauten had changed his X (Twitter) username from ‘peter_lauten’
to ‘lauten’ at a point in time and then had claimed his old username.
3/ At first the attacker communicated with the Prisma deployer the attack was whitehat.
Later that day all of the funds were deposited to Tornado Cash contradicting that statement.
The exploiter began making outrageous demands and asked for a $3.8M (34%) whitehat bounty
This amount is significantly higher than the industry standard 10% essentially extorting the team as the treasury does not have sufficient assets to reimburse users.