FTX account drainer continues transfers and swaps from wallets

by
Blockchain
FTX account drainer continues transfers and swaps from wallets

After FTX’s troubles began, an unknown hacker stole funds from the company. Some watchdogs have tracked the address and are close to figuring out its owner’s identity. However, the hacker has been trying hard to move these funds, but blockchain technology’s transparency is making it impossible.

FTX hacker transferring and converting ETH to renBTC

Days after the hack, some of the stolen money was on the move, with today’s reports disclosing a further transfer of funds.

According to a report from PeckShield on November 21, 2022, the FTX Accounts Drainer 1 has transferred 15k $ETH (~$16.7M) to 0x8059. Afterward, the hacker swapped these $ETH for ~1,023.6 $renBTC and 0.33 $WBTC.

Nevertheless, the security analyst revealed what’s holding the hacker back from going all out with the funds is the liquidity of renBTC.

PeckShieldAlert stated, “These $renBTC have been bridged out and it seems like the drainer is temporarily limited by the $renBTC.”

Ever since the hacker began moving funds in a bid to secure them from getting recovered, the analyst unveiled his remaining ETH. “Now that the hacker has moved roughly $15k $ETH, he currently holds 185,735.29 $ETH (~$207M).”

In addition, the FTX hacker 0x8059 has swapped ~4,999 $ETH ($5,571,335.51) for 338.97 $renBTC ($5,465,431.04) based on reports from PeckShieldAlert.

Furthermore, the FTX Accounts Drainer 1 has also transferred ~15k $ETH ($16.85M) to a new address, 0x8059. The hacker is also bridging the funds via other channels; that is, the hacker has bridged ~684.6 $684.6 $renBTC (~$11.15M out via Ren: BTC Gateway.

The hacker’s attempts to evade funds being frozen

Chainalysis explained this tactic by stating, “Funds were bridged from ETH to BTC, likely to be mixed prior to a cash out attempt.”

Another analyst, ZackXBT, claims that the hacker utilizes these numerous steps to ensure that the stolen digital assets cannot get frozen. In the end, “funds will likely be sent to a mixer at some point in the future. That is if regulators won’t have caught up with the hacker.

The crypto community has been trying to identify who the account holder could be but has yet to be successful. On that note, PeckShield revealed via a tweet that the bridged funds in renBTC are now located at an address beginning with “bc1qaq,” which currently holds 2444.55 BTC worth about $40 million.

The FTX exploiter’s remaining funds from the hack have positioned him to the 43rd largest holder of $ETH from the 35th a few days back.

What’s more, a report from CertiK reveals that the FTX hacker has transferred out 180k ETH to multiple wallets.

According to etherscan, the hacker has now cleared his wallet 0x8059 and transferred the remaining ETH to the new address in batches of 15,000 with 195,000 ETH (~$217M) being transferred.