Post

How to get URL link on X (Twitter) App

On the Twitter thread, click on or icon on the bottom
Click again on or Share Via icon
Click on Copy Link to Tweet
Paste it above and click "Unroll Thread"!
More info at Twitter Help

Arkham

@arkham

Nov 14, 2022 • 10 tweets • 4 min read • Read on X

Scrolly

We are now 3 days deep into the attack on FTX.

So far, Paxos has blacklisted 4 addresses, and the attacker has repeatedly bridged to and from multiple different networks.

What will the FTX attacker do next?

An update on their current token balances and actions so far 👇

The original address that tokens were sent to, 0x59, received and dumped a multitude of FTX's remaining token holdings.

The attacker appeared to be panicking, and lost a large amount of their token holdings to slippage.

They also tried using different DEX aggregators including 1inch, Cowswap and DODO exchange.

In order to prevent slippage, the attacker was forced to sell PAXG, LINK and MATIC in batches.

The attacker also sent funds to different wallets, distributing a total of just under 3000 PAXG to 3 separate wallets that were all subsequently blacklisted.

The attacker did not manage to get rid of all of their token holdings before their funds were frozen by Paxos.

The attacker has been consolidating a balance of DAI and ETH, tokens that cannot be blacklisted or frozen on the ETH mainnet.

Currently, these are their current token balances on ETH mainnet.

FYI: the attacker also holds ~$55 million over BSC, Polygon and Avalanche networks.

This address, 0x2cb, then bridged USDC back to Ethereum through Multichain/Anyswap, and now holds its balance entirely in Ether.

A total of almost $20 million in PAXG was frozen across the attacker's 4 addresses that hold PAXG.

The attacker also attempted to obfuscate fund transfers on BSC by 'swapping' tokens with the recipient address set to a separate address, 0x2cb.

The attacker used the same strategy to send almost $5 million worth of BUSD to a different wallet, 0x525, as USDC.

Here on line 3, "address, to" is not set to 0x59, despite 0x59 sending the transaction.

0x525 then bridged funds back to Ethereum, holding around $16m of Ether.

The attacker also withdrew funds on Polygon, the majority of which they sent to the 0x2cb address featured above.

Around $3.8 million of MATIC was withdrawn from Polygon over the Matic bridge, but the attacker needs to wait 7 days before accessing funds on Ethereum.

At the moment the hacker holds:

~$215m of Ether
~$48m DAI
~$41m of BNB on BSC
~$20m of frozen PAXG
~$7m DAI on BSC
~$4m USDT on Avalanche
~$3.8m of MATIC in the Matic Bridge

Arkham will provide further updates as the situation develops.

• • •

Missing some Tweet in this thread? You can try to force a refresh

This Thread may be Removed Anytime!

Twitter may remove this content at anytime! Save it as PDF for later use!

More from @arkham

Arkham

@arkham

May 28

SAYLOR SAID HE WOULD NEVER REVEAL HIS ADDRESSES ... SO WE DID

We have identified an additional 70,816 BTC belonging to Strategy, bringing our total identified MSTR BTC holdings to $54.5 Billion. We are the first to publicly identify these holdings.

This represents 87.5% of total MSTR holdings (including assets in Fidelity Digital’s omnibus custody).

Previously, we tagged:

- 107K BTC sent to MSTR Fidelity deposits (Fidelity does not segregate custody, so these BTC do not appear in the MSTR entity)
- Over 327K BTC held in segregated custody including Coinbase Prime, in our MSTR entity.

Track Strategy on Arkham:

intel.arkm.com/explorer/entit…

Read 4 tweets

Arkham

@arkham

Feb 17

CHINESE MAN BURNS $1.3M ETH CLAIMING ATTACK BY BRAIN-COMPUTER WEAPONS

This morning, an address sent $1.3M of ETH to the burn address, accusing some Chinese investors of using “brain-computer weapons”. It is now completely unrecoverable.

Did the brain-computer weapons make him do this?

Address: 0x1a19c370EA73d67a0a91085811A1E89e89B36813

He enclosed a message in Chinese: “The CEOs of Kuande Investment: Feng Xin and Xu Yuzhi used brain-computer weapons to persecute all company employees and former employees, and even they themselves were controlled.”

The address appears to be controlled by “Hu Lezhi” who claims to be an “ordinary programmer and entrepreneur”

In total the address has sent $4.95M to the burn address, Wikileaks, and the Ethereum Foundation this week.

It has also transferred $825K ETH to a Coinbase Deposit and $273K ETH to a fresh address 0x2a6.

Read 4 tweets

Arkham

@arkham

Feb 15

LIBRA-CONNECTED ADDRESSES EXTRACT >$100M

Last night the President of Argentina, @JMilei posted a contract address of a Solana memecoin “LIBRA”

LIBRA hit a max valuation of over $4 BILLION before falling over 95% in less than 6 hours, and the tweet was later deleted.

Breakdown below:

70% of the supply is held in 2 addresses, while 15% of supply was directly deposited into Meteora LP by the Developer address.

The developer address has claimed over $20M in trading fees from these deposits.

Additionally, 7 different addresses received a total of 60M LIBRA tokens from the deployer - each of these addresses deposited LIBRA into liquidity pools and later extracted SOL/USDC.

Addresses connected to the LIBRA coin launch currently hold over $100M of USDC and SOL extracted from liquidity over the past 18 hours, mostly moved to separate holding addresses.

LIBRA-associated accounts currently hold $57.6M USDC and $48.6M SOL.

Read 6 tweets

Arkham

@arkham

Jan 30

ROSS ULBRICHT LOST $12M ON PUMPFUN...

Ross Ulbricht, or someone with access to his wallets, just accidentally nuked the price of a pumpfun coin sent to him while trying to provide liquidity on Raydium.

Because he initialized the liquidity pool at the wrong price, $1.5M of the token (5% supply) was instantly taken by a MEV Bot, then sold into the existing pool.

Then he did it again and he lost another $10.5M. (35% supply)

Ross Ulbricht’s Solana donation address received 50% of the supply of ROSS (Ross Ulbricht Fund) from the developer last week.

Ross tried to add single-sided liquidity to sell the coins off passively, but accidentally created a pool with Raydium CPMM (Constant-Product Market Maker) instead of CLMM (Concentrated Liquidity Market Maker).

The MEV Bot that took the coins managed to sell them off for over $600K, sending the price down -90% in the process.

Despite losing 40% of the supply, Ross still holds 10% of the token in a separate address, with LP correctly added on Raydium Concentrated Liquidity. (currently worth ~$200K)

Read 4 tweets

Arkham

@arkham

Jan 19

DID TRUMP SELL $500M TRUMP?

In short, no. The team holds around ~$500 M in TRUMP liquidity pools on-chain. They have removed a total of $20M from these pools as USDC. Separately, they appear to have sent $92M in TRUMP to exchanges.

Deep dive below:

$TRUMP is 80% locked, with 10% for Liquidity and 10% for ‘Public Distribution’.

100M TRUMP was sent to the TRUMP Liquidity Provider, which added liquidity on Meteora.
8tKLhRyFC3RsQ41APTqKdzr9DdeGqV2RtRgSjVgsY4xb

another 10% was split between 3 wallets:

Initial TRUMP Deployer (kept 14M TRUMP)
5e2qRc1DNEXmyxP8qwPwJhRWjef7usLyi7v5xjqLr5G7

TRUMP Team Wallet 1 (received 56M TRUMP)
2Fe47zbh8svDNGNehFy1NY8bsjQNtomvKFuq1jNgWSkv

TRUMP Team Wallet 2 (received 30M TRUMP)
7qtDv72fGzuuGmyg1FkTxBybYH2sXkUd6u8WXwnkRnpE

Of these wallets, THREE added liquidity on Meteora. The TRUMP Liquidity Provider, the TRUMP Team Wallet 1, and the TRUMP Team Wallet 2.

Notably, TRUMP Liquidity Provider added 100M TRUMP
TRUMP Team Wallet 1 added 52.6M TRUMP [has removed 0 USDC]
TRUMP Team Wallet 2 added 2M TRUMP [has removed $19.9M USDC]

TRUMP Team Wallet 2 sent the proceeds to a new wallet:
GRvmQxtFRqtQZYaeF8bUqH8FrDHoK5Eabs5aYyU34bPg

This wallet currently holds $591M of TRUMP and $16M of USDC.

Read 7 tweets

Arkham

@arkham

Nov 6, 2024

ANNOUNCING ARKHAM EXCHANGE POINTS

Users can earn Arkham points based on their trading volume on the Arkham Exchange.

Points are available for everyone.

VIPs who open an Exchange account can earn a 10% boost on their earned points so far.

Points earned by VIPs for Intel Platform referrals remain valid.

During the first 30 days of trading, Arkham VIPs can continue to earn points for Intel Platform referrals and VIP nominations as they have previously done so.

Arkham VIPs with points who are not eligible or do not wish to sign up to the Arkham Exchange will still be able to convert their points to ARKM.

Arkham Points will be redeemable for ARKM after the first 30 days of trading on the Arkham Exchange.

Learn more:

Read 5 tweets

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Share this page!

Enter URL or ID to Unroll

Arkham

Try unrolling a thread yourself!

More from @arkham

Arkham

Arkham

Arkham

Arkham

Arkham

Arkham

Did Thread Reader help you today?

Don't want to be a Premium member but still want to support us?

Send Email!