FTX Hacker Reportedly Transfers Part of Stolen Funds to OKX After Using Bitcoin Mixer
Hackers who drained FTX and FTX.US of over $450 million in value just moments after the doomed crypto exchange filed for bankruptcy on Nov. 11 continue to move assets around in an attempt to launder the money.
A cryptoanalyst who goes by ZachXBT on Twitter alleged that FTX hackers have transferred part of the stolen funds to the OKX exchange after using the Bitcoin mixer ChipMixer. The analyst reported that at least 225 BTC – worth $4.1 million – has been sent to OKX so far.
1/ Myself and @bax1337 spent this weekend looking at the FTX attacker’s contributions to ChipMixer.
It seems that they probably transferred some of the stolen FTX funds to OKX after withdrawing from CM
So far we have accounted for at least $4.1 million (255 BTC) sent to OKX pic.twitter.com/C46JZWtktn
— ZachXBT (@zachxbt) 29 November 2022
According to ZachXBT, the FTX hacker first started depositing BTC into ChipMixer on November 20 after using Ren Bridge, a protocol that acts as a bridge for cryptocurrencies. In his analysis, ZachXBT shared that he had observed a pattern of addresses receiving funds from ChipMixer. According to him, each of the addresses follows a similar pattern; “withdrawal from CM”, “50% peels off” and then “50% deposited to OKX”.
Following the discovery of the deposits to the OKX exchange, the OKX CEO shared on Twitter that; “OKX is aware of the situation and the team is investigating the wallet stream.”
#OKX is aware of the situation and the team is investigating the wallet stream.
— lennixlai.eth (OKX) (@LennixOKX) 29 November 2022
Related: OKX releases proof-of-reserves site, along with instructions on how to self-audit its reserves
On November 12, Cointelegraph reported that the hack was flagged right after FTX announced bankruptcy. At the time, of the $663 million lost, about $477 million was suspected to have been stolen, with the rest believed to have been moved to safekeeping by FTX itself.
On November 20, the hacker started transferring the Ether (ETH) holdings to a new wallet address. The FTX wallet tapper was the 27th largest ETH holder after the hack, but fell 10 positions after dumping 50,000 ETH.
The fact that hackers were able to drain assets from FTX global and FTX.US at the same time, despite these two entities being completely independent, became a hot topic of discussion in the crypto community, raising speculation that it was possibly an inside job.