The crypto funds stolen from FTX shortly after its bankruptcy filing continue to be transferred. The security firm Chainalysis published a series of tweets in which it drew attention to the transactions.
In addition, the company cleared up the rumor that the hacker is the Securities Commission of The Bahamas (SCB).
“Reports that the funds stolen from FTX were actually sent to the Securities Commission of The Bahamas are incorrect. Some funds were stolen, and other funds were sent to the regulators,” the blockchain sleuth said.
On Nov. 18, the SCB confirmed that it had ordered the transfer of FTX client funds to a cold wallet for safekeeping. However, the regulator only received the portion of customer funds that could not be stolen by the hacker.
Chainalysis also said in this sense that the cryptocurrencies stolen by FTX are on the move and exchanges should be on high alert to freeze them in case the hacker tries to cash them out.
At the same time, Chainalysis, which drew criticism for failing to detect the FTX fraud in advance, stressed that it is actively working with the entire crypto industry to recover the stolen crypto funds.
We are in touch with our partners across the ecosystem as we work to help secure as many assets as possible to return to depositors.
Chainalysis also called attention to the fact that the hacker is bridging funds from ETH to BTC, likely to mix them before attempting a withdrawal.
3/ Funds were bridged from ETH to BTC, likely to be mixed prior to a cash out attempt. You can see this morning’s movements in Reactor: pic.twitter.com/U7Gfr1hHsX
— Chainalysis (@chainalysis) November 20, 2022
FTX Drainer Converting ETH To RenBTC
PeckShield also drew attention to this issue. The blockchain security company reported countless transactions from the FTX drainer over the last 24 hours. That drainer had risen to become one of the largest Ethereum whales within the last week.
For a short period of time, the FTX drainer had ascended to become the 27th largest holder of Ethereum, sparking concerns about potential implications for the Ethereum ecosystem.
However, in the last 24 hours, the hacker has moved on to trading ETH for renBTC. PeckShield reported, “FTX Accounts Drainer 1 currently holds 200,735.1 $ETH (~$235.5M) & drops to the 37th largest holder of $ETH (from 27th).”
However, as of press time, the hacker has already moved up another spot and now currently holds ETH worth around $235.5 million, once again rising to the 36th largest holder of ETH from 37th place.
In a recent post, Peckshield said that the bridged funds in renBTC are now located at a address beginning with “bc1qaq,” which currently holds 2444.55 BTC worth about $40 million.
Just before press time, the FTX accounts drainer 0x8059 bridged about 684.6 renBTC (about $11.15 million) out via Ren: BTC Gateway.
According to analyst ZachXBT, the hacker is using these numerous steps to ensure that the stolen cryptocurrencies cannot be frozen. Ultimately, the “funds will likely be sent to a mixer at some point in the future.”
At press time, the BTC price was trending downwards, facing the fears and rumors about a possible Genesis and DCG insolvency.