We identify the whole process and hacker address, and those funds ended up in @ChangeNOW_io.
Before his NFT got transferred, it seems he approved the hacked collection to
0x8e25ab3382ad5bde35a09e72d3b9a851a7cc8d00 (0x8e)
and then 0x8e transfer all NFT to:
0x43ca3957a188ee03da87d6bed138bcc8d5c3d7a0(0x43)
0x43 takes all the offers and swapped the $ETH he gets to $ETH and goes to #changenow.
(hacker tries to confuse others but with money flow, you can clearly see where the $ETH goes)
For now, the hacker has cleared all the ETH positions to #changenow.
Recently, #changenow and #fixfloat has become the major money laundry hub for the crypto exploiters, this should be worth some attention.
Furthermore:
Hacker's initial gas from:
0x67472bef5eef545ea05c919589f7b287c7a42588
and this address can trace back to:
0x62d480a2771796493eebb03965da676c97f398c9
Which performed another exploit.
Huobi had a net outflow of 11.7M in the past hour and 57.9M in the past 24 hours, the net outflow velocity appears to be increasing.
The largest token outflow in the last 24 hours is $USDC (-9.45%).
Huobi is currently the exchange with the largest asset outflow in the past 24 hours, and the token that #Huobi currently holds the biggest position is $HT, while other exchanges are stable coins and $ETH.
The chains with the most asset outflows are #Ethereum and #Tron, but #Huobi's Eco chain (Heco) balance has increased.
Currently, 44.74% of Huobi's Ethereum assets are $HT.
The drop in $HT price may have a greater impact on the total balance.
1. Withdraw 62M USDT on #Justlend 2. Buy 2M USDD using 2M USDT on #Sun 3. Withdraw 6M USDC on #JustLend and transferred out 4. Transfer 60M USDT to @binance
We find a smart money (or dark money?) address that always borrows >$10M USDC/ETH and deposits it to exchange every time before FTX-drainer dumps ETH.
Chances are he knows the activity of FTX-drainer and benefits from it:
🧵
🕵️According to our #JumpCrypto entity, for now, they have over $2.5B worth of assets on Ethereum, and 90%+ of them are $ETH (2.07M/$2.28B).
This makes Jump the single largest EOA holder.
Every move Jump makes matters to ETH holders.
Of all 56 addresses within Jump Entity, one address holds 2M ETH, let's see what does this address recently do:
0x0716a17fbaee714f1e6ab0f9d59edbc5f09815c0
This address total was sent out 60K $ETH after October, where did it go?
Time to use our money flow tool.
Well, the finding is surprising and no-surprising at the same time, the ETH got out and was immediately moved to another address and seems deposited around $39M to exchanges like #Gemini.
😬Rumor has it that @SBF_FTX has been moving users' funds around. We dived in for a hell lot of time and here's what we found:
🚨We found that @SBF_FTX and @AlamedaResearch have been SHARING the same funding and lots of exchange accounts for a long time 🫡.
Proofs👇:
First of all, we applied address clustering to all the @SBF addresses we can find, and one of them is highly connected with a tagged #Alameda's address.
SBF's: 0xD57581D9e42E9032e6f60422fA619b4A4574Ba79 (0xD5)
Alameda's:
0xf108a465a5dafb51bb48615b1a4f5e00401ff90d (0xf1)
Why do we say address 0xD5 is @SBF_FTX?
Okay, first of all, he admits himself.
And we also find this is one of the multi-signer of @sushiswap, which SBF is.