FTX account drainer might have an insider
The FTX account drainer has kept at his prowling since the leading crypto exchange collapsed three weeks ago. Users’ accounts have been steadily drained through a backdoor allegedly built into the FTX system by the founder and former CEO, Sam Bankman-Fried, himself. But 0xScope has recently noticed a strange coincidence happening on the blockchain.
Investigative analysis
On-chain platform, 0xScope, has announced on Twitter that it observed a smart money wallet address carrying out strange activities that coincides with when the FTX drainer makes deposits. The platform said the wallet address always borrows assets in excess of $10 million worth of USDC/ETH. The wallet then proceeds to deposit the borrowed assets into the exchange just before the FTX drainer dumps the stolen ETH.
0xScope postulates that there is a possibility that the wallet owner knows the activities of the FTX drainer, and he benefits from them. 0xScope identified the wallet address as 0xd275e5cb559d6dc236a5f8002a5f0b4c8e610701.
The on-chain platform began its observation on the 21st of November at 14:11 UTC when 15,00 ETH was transferred from the wallet into FTX. The exchange hacker then began to withdraw 15,000 ETH and sent them to different addresses at 16:11 UTC.
0xScope also later discovered that the wallet began to transfer USDC to the exchange at 8:00 on the 21st of November. And a Binance hacker began to sell ETH to receive RenBTC at 9:16.
ETH Price Manipulation Might Continue
On the same day that the FTX drain began, the wallet’s activities were paused before the hacker began to trade. It was observed that the wallet had a lot of interactions with AAVE tokens. The last set of transactions was carried out at 18:43 on the 11th.
At 7:24 on the 12th, the hacker’s address stopped being active. And at 7:58, the wallet picked up activity.
By 11:55 on the same 12th, the wallet activity ceased and the hacker’s address resumed activity at 12:38. It, therefore, looks like the FTX drainer’s activities are quite connected with the wallet’s.
As of Monday, the amount left in the drainer’s account was about $200 million. The hacker seems to be unhindered in all his activities for several days.
The hacker has not only stolen from FTX but he has been able to affect the price of Ethereum through his massive dump. His attempt to swap ETH for BTC has greatly manipulated the ETH price. The trend might continue till he has completely changed all ETH in his possession to BTC.