FTX Hacker Used Russian Crime Networks to Launder Stolen Cryptocurrency, Reveals Elliptic

Elliptic Traces Stolen FTX Crypto to Russian Cyber Gangs

It has been almost a year since the hacker responsible for the $477 million heist from FTX has remained unidentified. However, Elliptic, a blockchain analytics firm, has managed to trace the stolen funds and shed light on the hacker’s attempts to launder and hide their activities. It is believed that some of the stolen assets have been mixed with bitcoins associated with Russian cyber gangs.

The Heist and Laundering Spree

In November 2022, FTX declared bankruptcy and its CEO faced accusations of misusing customer funds. Taking advantage of this chaos, the hacker stole a massive amount of money from FTX’s exposed wallets. The cybercriminal then swiftly started laundering the stolen tokens through decentralized exchanges and cross-chain portals to cover their tracks and avoid asset confiscation.

Laundering Tactics

The hacker used platforms like Renbridge to convert the stolen tokens into popular cryptocurrencies like ether, which were then converted into bitcoin. Surprisingly, over $74 million was laundered through Renbridge, a platform affiliated with FTX’s sister company, Alameda Research. To further obscure their activities, the hacker utilized bitcoin mixing services such as Chipmixer.

Renewed Laundering Operations

For several months, more than $300 million worth of ether remained untouched in the hacker’s digital vault. However, in September 2023, they resumed laundering operations using new cross-chain bridges and bitcoin mixers as previous ones faced restrictions or confiscations.

Tracing the Funds

Elliptic’s investigation revealed instances where the laundered funds appeared on exchanges after being mixed with other transactions. These transactions were linked to accounts associated with Russian cybercriminals. While the hacker’s true identity remains unknown, these clues suggest that the perpetrator may be from Eastern Europe, contradicting earlier suspicions of North Korea’s Lazarus Group.

Hot Take: Hacker Remains at Large, Traces Lead to Russian Cyber Gangs

Despite Elliptic’s efforts to trace the stolen funds, the hacker responsible for the FTX heist remains unidentified. The investigation has revealed connections between the laundered assets and Russian cyber gangs, indicating a potential origin in Eastern Europe. As time passes, it becomes increasingly challenging to apprehend the hacker and recover the stolen funds. This case highlights the importance of robust security measures and ongoing efforts to combat cybercrime in the cryptocurrency industry.