Elliptic, a blockchain analysis company, claims to have discovered fresh evidence that could establish a potential connection between the extensive FTX hack and Russian cybercrime networks. Following the $475 million breach of FTX in November, approximately $74 million was channeled through RenBridge, a platform associated with Alameda.
A significant portion of these funds underwent a process of mixing through ChipMixer, which is well-known for its affiliations with Russian ransomware groups and darknet organizations. Subsequently, additional stolen funds emerged just before the trial of former CEO Sam Bankman-Fried, involving a conversion of $120 million through THORSwap. The wrongdoer continued to launder the funds through Sinbad, a mixer linked to North Korea’s Lazarus Group.
Hunting the Shadows: FTX Hacker’s Identity Yet to Be Unveiled
Nevertheless, Elliptic posits that the unsophisticated techniques employed in the incident imply a potential Russian connection, rather than an extensive involvement by the Lazarus group. The identity of the hacker remains an enigma, despite some indications of the path taken by the pilfered cryptocurrency.
Initial theories leaned towards the possibility of an inside job involving FTX personnel or even Sam Bankman-Fried himself. However, the evidence now leans more strongly in the direction of Russian cybercriminals engaged in the laundering of the stolen assets.
Although the perpetrator remains unidentified, Elliptic’s tracking efforts provide valuable insights into the methods hackers use to convert and conceal their ill-gotten gains. These connections to established criminal pathways restrict the movement of the funds in the future.
As of now, the FTX hack’s stolen assets remain hidden in the shadows, despite some clues regarding their origins. Nonetheless, blockchain monitoring aids in gradually closing in on these purloined resources, even as the culprits employ a myriad of concealment strategies.