Links Found Between FTX Hack and Russian Cybercrime Groups
A recent investigation by blockchain intelligence firm Elliptic suggests a potential connection between the FTX hacking incident in November 2022, which resulted in a $400 million loss, and Russian-based cybercrime groups. The majority of the stolen assets, primarily in Ether (ETH), remained inactive for five days after the breach before a significant portion was converted to Bitcoin (BTC) using the RenBridge cross-chain tool. Approximately 65,000 ETH, worth around $100 million, were exchanged into Bitcoin through this method.
Use of Coin Mixers
The report also revealed that out of the 4,536 BTC converted from ETH via RenBridge, 2,849 BTC had been routed through mixers, with ChipMixer being the primary service used. Tracking the assets that went through the mixer is challenging; however, it is known that at least $4 million ended up on exchanges and potentially converted to fiat currency. Following the shutdown of ChipMixer, the attackers turned to Sinbad as an alternative coin mixer.
Suspects and Russian Involvement
Various suspects have been considered in relation to the FTX hack, including rogue FTX employees and the North Korean hacker group Lazarus. However, Elliptic’s analysis suggests that most on-chain evidence points to Russian groups. The stolen assets traced through ChipMixer are often combined with funds from Russia-linked criminal organizations before being sent to exchanges. This indicates potential involvement of a broker or intermediary with ties to Russia.
Uncovering Further Information
While the identity of the attackers remains unknown, further analysis of wallet data and fund movements may provide additional insights. Elliptic believes that investigating these aspects could shed more light on the individuals or groups responsible for the FTX hack.
Hot Take: Russian Cybercrime Groups Likely Involved in FTX Hack
Research by Elliptic suggests that Russian-based cybercrime groups may have played a role in the FTX hacking incident, which resulted in a $400 million loss. The majority of the stolen assets were converted to Bitcoin using the RenBridge cross-chain tool, with significant amounts passing through mixers like ChipMixer. Evidence indicates that funds from Russia-linked criminal organizations were combined with the stolen assets before being sent to exchanges. While the exact identity of the attackers remains unknown, investigating wallet data and fund movements could provide more information. This revelation highlights the ongoing challenges posed by cybercriminals in the cryptocurrency space.
By
By
By
By