Links Found Between FTX Hack and Russian-Based Cybercrime Groups

Research conducted by blockchain intelligence firm Elliptic has uncovered potential connections between the FTX hacking incident that took place in November, resulting in an estimated loss of $400 million, and cybercrime groups based in Russia.

Stolen Assets and Exchange of Funds

The majority of the stolen assets, primarily in Ether (ETH), remained inactive for five days following the breach. However, a significant portion of the funds was then converted to Bitcoin (BTC) using the RenBridge cross-chain tool. Approximately 65,000 ETH, equivalent to $100 million, was exchanged into Bitcoin through this method.

This news was first reported by CoinDesk, who received the research from Elliptic. According to the report, out of the 4,536 BTC converted from ETH via RenBridge, 2,849 BTC went through mixers, with ChipMixer being the primary service utilized. Tracing the assets that passed through the mixer is challenging, but it is clear that at least $4 million eventually ended up on exchanges, possibly converted into fiat currency, as stated by Elliptic to CoinDesk.

Potential Clues and Suspects

In response to the shutdown and seizure of ChipMixer during an international law enforcement operation, the attackers turned to the coin mixer Sinbad as an alternative. While the identity of the attackers remains unknown, Elliptic suggests that analyzing wallet data and fund movements could reveal further information about them.

Various suspects have been considered, ranging from rogue FTX employees orchestrating an inside job to the North Korean hacker group Lazarus, known for its involvement in crypto protocol exploits. However, based on on-chain evidence, Elliptic points toward Russian groups as the primary perpetrators.

“A Russia-linked actor seems a stronger possibility. Of the stolen assets that can be traced through ChipMixer, significant amounts are combined with funds from Russia-linked criminal groups, including ransomware gangs and darknet markets, before being sent to exchanges.”

— Elliptic

The report suggests that there is a high probability of involvement from a broker or intermediary with connections in Russia.

The FTX hack occurred on November 11, 2022, shortly after the company filed for bankruptcy and founder Sam Bankman-Fried resigned from his position.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Terraform Labs Accuses Citadel Securities of Collapsing TerraUSD Stablecoin

Next Article

Tether Appoints Paolo Ardoino as CEO in Strategic Transition

Related Posts