On-chain sleuth 🕵️

187 posts

On-chain sleuth 🕵️

On-chain sleuth 🕵️

@Onchainsnoop

Fighting/Tracking/Reporting on-chain scams in my free time.

Katılım Eylül 2022
227 Takip Edilen291 Takipçiler
Sabitlenmiş Tweet
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Here's how the funds moved cross chain from SOL to ETH-@DriftProtocol hack -~$268M was bridged from Solana to Ethereum in ~7 hours. -At least 6 bridges were used (excluding gas-related transfers) -Total cross chain transactions: 143 Breakdown of bridge usage and volumes below.
On-chain sleuth 🕵️ tweet media
English
2
0
0
698
Cointelegraph
Cointelegraph@Cointelegraph·
🚨 JUST IN: The Drift Protocol exploiter has accumulated 130,262 $ETH worth $267M significantly impacting market volume.
Cointelegraph tweet mediaCointelegraph tweet media
English
70
66
321
35.3K
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
The funds are currently unspent across 4 Ethereum addresses: 0xbddae987fee930910fcc5aa403d5688fb440561b 0x0fe3b6908318b1f630daa5b31b49a15fc5f6b674 0xaa843ed65c1f061f111b5289169731351c5e57c1 0xd3feed5da83d8e8c449d6cb96ff1eb06ed1cf6c7 intel.arkm.com/explorer/entit…
English
1
0
0
67
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Here's how the funds moved cross chain from SOL to ETH-@DriftProtocol hack -~$268M was bridged from Solana to Ethereum in ~7 hours. -At least 6 bridges were used (excluding gas-related transfers) -Total cross chain transactions: 143 Breakdown of bridge usage and volumes below.
On-chain sleuth 🕵️ tweet media
English
2
0
0
698
ZachXBT
ZachXBT@zachxbt·
Update: $230M+ USDC bridged via CCTP from Solana to Ethereum across 100+ txns. 6 hours is how long Circle had to freeze stolen funds from the $280M+ Drift hack. Circle is a centralized stablecoin issuer headquartered in New York and the attack began around 12 pm ET. Why does our industry allow them to stay silent? @jerallaire @circle @usdc
ZachXBT tweet media
English
196
348
2.7K
441.4K
Circle
Circle@circle·
Two things are evolving together: how value moves and how work gets done. @jerallaire explains why the connection between them matters.
English
29
23
193
79K
ZachXBT
ZachXBT@zachxbt·
Circle was asleep while many millions of USDC was swapped via CCTP from Solana to Ethereum for hours from the 9 figure Drift hack during US hours. Value was moved and nothing was done yet again. Comes days after you froze 16+ business hot wallets incompetently which is still being slowly unfrozen. @circle @jerallaire @usdc are bad actors for the industry.
ZachXBT tweet mediaZachXBT tweet media
English
185
388
3.6K
412.2K
chainflipgod
chainflipgod@chainflipgod·
@Onchainsnoop @WazzCrypto Yeah myself and another Chainflip LP saw the Mert tweet and were on it within a moment, worked with the Chainflip team to get it shutdown as best we could First one got through because the blockchain analytics companies are slower than molasses to update
English
2
0
2
97
Wazz
Wazz@WazzCrypto·
Drift summary: - $200M stolen and no one noticed for an hour - Apparently a single compromised admin key (lol) - Hacker still came in for seconds 2 hours after the hack to drain a few extra millions - Hacker still bridging out $USDC 3 hours after the hack wp everyone
English
33
10
519
48.7K
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Follow-up attack (Jan 8): 0x7347C7468Cef51053d395a6D1e0c771198c5014A Funds were routed via ChangeNOW and appear to have been swapped into XMR.
English
0
0
0
212
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Attacker addresses linked to the Jan 5 and Jan 8 Kontigo hack. (Base/Ethereum) Jan 5 attack: 0x1347914ac3184382e955e2b26089743836cb24a0 0xfeeb5227ef65eb78ef6baccbcd643944103684f6 0x61FcBA9828c8f65B1C5a62E420B1F56517f6FcD7
HT
1
0
0
254
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
@tayvano_ Round number input and random output. Looks like the 500k is an internal movement of funds between two addresses belonging to the same service and the output is withdrawal from the service..??
English
0
0
2
164
Tay 💖
Tay 💖@tayvano_·
You receive a flat 500,000 from someone. You know what it's for (wink wink nudge nudge 😄) Now, under what circumstances do you send out...*checks notes*....exactly $46,511.62? Don't overthink it—you're not an expert and that's fine. Just use your brain. There are a handful of possibilities. All of them are possible based on the limited information I've given you. Some are more reasonable than others. What do you think?
English
9
0
32
4.6K
Tay 💖
Tay 💖@tayvano_·
I am very concerned that the courts, these AUSA's prosecuting crypto crime, and the IRS do not seem to understand the difference between using LIFO to: (1) establish the amount of assets that flowed through a very limited set of KNOWN parties and a very limited set of their KNOWN accounts. (2) trace $148k through TEN unattributed wallets on the blockchain, each of which do somewhere between $4m in volume and $1.5 billion in volume, to establish that the last wallet in the chain received the victims funds and then sent out the victim's funds to Tornado Cash. I've never seen anything like this. I've never worked with a single fed who would back a freeze like this. I wouldn't back a freeze like this. Doing so runs a real risk in freezing an innocent third-party's funds unlawfully. It almost certainly does not impact the actual criminal—the thief, or their money laundering counterparts. Thus, it would not create recourse for the victims of the original crime.
Tay 💖 tweet media
English
20
44
318
46.9K
On-chain sleuth 🕵️ retweetledi
ZachXBT
ZachXBT@zachxbt·
1/ Meet Yicong Wang (王逸聪), a Chinese OTC trader who has helped Lazarus Group convert tens of millions of stolen crypto to cash from various hacks via bank transfers since 2022.
ZachXBT tweet mediaZachXBT tweet mediaZachXBT tweet media
English
400
849
5.9K
1.4M
SlowMist
SlowMist@SlowMist_Team·
🚨 Breaking News: SlowMist AML(@MistTrack_io), in collaboration with Taiwan's Criminal Investigation Bureau, Judicial Reform Foundation, and XREX, has set a legal precedent by cracking a complex crypto scam case! 🕵️‍♂️💼🔍 For the first time in Taiwan's judicial history, advanced blockchain tracking technology was utilized to trace illegal fund flows and prove cryptocurrency asset ownership, leading to the freezing, seizing, and successful return of stolen funds to victims. 🚓💸🔐 This groundbreaking case showcases the power of collaboration and technology in fighting cybercrime and protecting digital assets. 🌐🛡️ Read more about this landmark achievement and how it was accomplished. slowmist.medium.com/slowmist-aml-s…
English
6
8
41
8.9K
On-chain sleuth 🕵️ retweetledi
Rekt News
Rekt News@RektHQ·
Phishing is a year-round sport... ...but crypto has been providing especially bountiful waters lately. When it comes to the experts, it seems nobody is safe. What lurks in the murky depths? rekt.news/gone-phishing/
Rekt News tweet media
English
8
17
76
19.7K
On-chain sleuth 🕵️ retweetledi
ZachXBT
ZachXBT@zachxbt·
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon. 0x75497999432b8701330fb68058bd21918c02ac59
ZachXBT tweet media
English
277
300
2.2K
105.6M
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
@coinexcom As more information emerges and losses extend to two additional chains, BTC and XRP, the total stolen amount has surged significantly! BTC: 1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH - 231 BTC ($6M) XRP: rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf - 12,625,364 XRP ($6.1M) twitter.com/coinexcom/stat…
CoinEx Global@coinexcom

#CoinExResponseUpdate - We have identified and isolated the suspicious wallet addresses linked to the hack: $ETH:  *0xce013682eddefaca8c94fe56a43a04212ebe4673  *0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE  *0xCC1AE485b617c59a7c577C02cd07078a2bcCE454  *0x483D88278Cbc0C9105c4807d558E06782AEFf584 $BTC:  *1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH $TRON:  * TP75t6owoqXxskLq6FB2R37PymNTmohq9L  * TPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ$XRP:  * rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf We are actively collaborating with the affected crypto projects to formulate a solution. Furthermore, we urge crypto projects and our fellow crypto exchanges to remain vigilant. If you detect any unusual or related activities from the aforementioned wallet addresses, please contact us immediately. By standing together, we could navigate and surmount any challenges that come our way.

English
0
0
0
267
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Stolen funds on Ethereum are on the move. 3,365.31 ETH worth $5.35 million is transferred to a new address (0x2118e4432d668aCFa347ddBA0efCcc6BB04DB297) #hack #ETH @coinexcom
English
1
0
0
311
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
Stolen tokens on on all 3 chains are being converted to thier native tokens. Additionally, a portion of the funds on Polygon has been transferred to a new address oklink.com/polygon/addres… @coinexcom
Tay 💖@tayvano_

Looks like keys compromised. Outflows from lots of their hot wallets across many chains. Zach dropped more theft addies here 👉 t.me/investigations CoinEx has been around a while and has shit across all the chains. I expect more outflows to be found in coming hours.

English
1
0
0
488
On-chain sleuth 🕵️
On-chain sleuth 🕵️@Onchainsnoop·
🚨 Stolen funds from @Stake on BNB chain are on the move! via @axelarcore @squidrouter, shifting from BNB to AVAX. Sending/Receiving address address on BNB/AVAX: 0x695A2a6713D911fA48D9b0e2eb936F95575Ad894
On-chain sleuth 🕵️ tweet mediaOn-chain sleuth 🕵️ tweet media
English
4
0
1
452

Keşfet

@Cointelegraph @DriftProtocol @zachxbt @circle @jerallaire @usdc @chainflipgod @WazzCrypto