Blockchain detective ZachXBT has provided the authorization of FTX hacking and the alleged use of memecoins, revealing recent speculations.

On-chain detective ZachXBT shared his user findings, which he holds as the three most common misconceptions about the FTX hack – he took to Twitter to correct “a ton of misdirections” about the incident and possible executions.

In a lengthy post on Twitter on Nov. 20, Bahamian authorities disproved speculation that the exchanges were behind the self-proclaimed “on-chain sleuth” hack, where the hacker was actually using and executing memecoin trading.

The day FTX filed for bankruptcy on Nov. 11, suspicious transactions began from the crypto community on FTX-related wallets, with more than $650 million transferred from the wallet.

While it did not make an official determination, a clarification was requested from the Bahamas Securities Commission (SCB), which on November 17 sent an order to move all of FTX’s digital assets to a digital wallet owned by the then commission. believe you know

ZachXBT, however, argued that “bridges to selling tokens and acquiring cryptocurrency for ETH, DAI and BNB have various uses” because the hacker-related wallet address 0x59 is a landline address and is not affiliated with the FTX team or SCB. Used.” It should not be frozen on 11/12.”

“The 0x59 token dump and occasional bridging, back details from FTX and instead a packet to a multisig on chains like Eth or Tron was a very different behavior from other addresses,” he added.

Zach also notes that the blackhat wallet has made contact with another wallet, 0x24, which is “behaving very [suspiciously] using their sketchy services on the chain”:

“This behavior is completely different from the costs of Borrowers moving their assets to cold storage or the Bahamian government moving their assets to Fireblocks.”
ZachXBT says last clue is wallet address selling Ether


Using RenBridge for ren Bitcoin (renBTC) and then RenBridge says the funds will likely end up getting “a mixer at some point in the future”.

Blockchain analytics company Chainalysis noted in a November 20 post what they saw by arriving in a similar fashion:

“Reports that the funds stolen from FTX were actually sent to the Bahamas Securities Commission are false. Some funds were stolen and other funds were sent to postings.”
Commenting on recent fund movements, FTX also warned exchanges that “certain funds transferred from FTX Global and related borrowers without authorization on 11/11/22 were transferred themselves via intermediate wallets.”

ZachXBT also outlines possible misinformation from the rules of the alleged hacking being discovered by “Kraken or other exchanges”.

The rumor has been circulating since Kraken’s chief security officer claimed “User-owned” in a post on Nov. 12.

“In reality”, the user identified as the hacker were FTX environments using Kraken to secure assets in the multi-signature wallet at newspapers Tron for transactions of the FTX hot wallet:

“These multi-signature withdrawals also matched what Ryne Miller (FTX GC) was saying at the time. This happened hours after the first 0x59 withdrawal.”
Related: FTX funds on the move as thief dumps thousands of ETH into Bitcoin

As a final point, ZachXBT targeted the rumor that the FTX hack was trading memecoins, and this rumor wasn’t first by blockchain analytics firm CertiK.

Instead, blockchain detective claims that the transfers are “fake” on the Ethereum network, with the discussion on how the discussion could be fraudulent by Harith Kamarul, a member of the Etherscan community where he lives in March.

Source: CoinTelegraph