The infamous attack on FTX, a major crypto exchange, is back in the spotlight. The latest events indicate a change in strategy by the hacker, which is causing quite a stir and reviving speculation.
FTX, one of the largest crypto exchanges in the world, experienced a devastating crash in 2022 that resulted in a significant amount of Ethereum being stolen. Original estimates put losses at up to $400 million. However, after a thorough audit, FTX confirmed losses of approximately $323 million.
On September 30, @lookonchain posted the following on X:
“FTX Accounts Drainer is moving $ETH! FTX Accounts Drainer has transferred 5K $ETH ($8.37M) out in the past 3 hours. And FTX Accounts Drainer currently has 180,735 $ETH ($302.5M) left in 13 addresses.”
Perpetrator Changes Tactics
Renowned on-chain analyst Lookonchain made a surprising observation on October 6. The person responsible for the FTX hack has stopped using THORChain to launder his assets. They have now turned their attention to Threshold Network.
@lookonchain explained this situation via X (formerly Twitter) in these terms:
“After @THORSwap suspended swaps, FTX Exploiter started swapping $ETH for $tBTC and cross-chained to the Bitcoin network through @TheTNetwork. So far, FTX Exploiter has swapped 75,636 $ETH($124M) for BTC assets and cross-chained to the Bitcoin network.”
The data suggests that the attacker converted a staggering 3,000 Ether (ETH), equivalent to $4.9 million, into tBTC via Threshold. They then successfully laundered around 75,636 ETH (worth around $124 million) into Bitcoin. An alarming sum of 109,485 ETH, or almost $180 million, is still lurking in his possession.
Why the Change?
Threshold presents a decentralized bridge connecting Bitcoin (BTC) and Ethereum. It allows users to convert their assets into tBTC, an ERC-20 token equivalent to the value of Bitcoin. The hacker’s first choice was THORSwap.
In a sudden turn of events, though, THORSwap suspended its operations on October 6, to prevent further illegal activities. This decision, based on extensive internal dialogues and guidance from legal experts, aims to curb illegal transfers until a foolproof security measure is developed.
THORSwap posted its decision on X, which partly reads like follows:
“Yesterday, following a careful evaluation of the situation and consultation with advisors, legal counsel, and law enforcement, the decision was made to temporarily transition the THORSwap interface into maintenance mode. This action was taken to swiftly curtail any further potential illicit activity. THORSwap will remain in this mode until a more permanent and robust solution can be implemented to ensure the platform’s continued security and integrity.”
Previously, reports showed that the hacker had funneled at least $38 million worth of ETH through THORSwap and another privacy-focused platform, Railgun.
Culprit Behind the Mask Remains Unknown
The mysterious figure who orchestrated this great robbery is still unknown. However, rumors in crypto circles point to the possible involvement of controversial FTX founder Sam Bankman-Fried. Facing charges of wire fraud and conspiracy to commit money laundering, Bankman-Fried’s current legal battles have only fueled this speculation.
However, Bankman-Fried remains steadfast and vehemently denies any connection to the robbery. However, the synchronicity of the significant cash movements and their trial has raised curiosity about possible internal complicity.
The FTX heist saga unfolds, revealing complicated strategies and a world of speculation. As the industry watches closely, there remains hope that clarity will emerge and ensure such breaches become a thing of the past.
By Audy Castaneda
