Hackers who emptied FTX and FTX USA of more than $450 million in assets, just moments after the doomed crypto exchange filed for bankruptcy on November 11, continue to move assets in an attempt to launder the money.
A crypto analyst who follows ZachXBT on Twitter claimed that the FTX hackers transferred part of the stolen funds to the OKX exchange, after using the Bitcoin mixer ChipMixer. The analyst reported that at least 225 BTC – worth $4.1 million USD – has been sent to OKX so far.
1/ Myself and @bax1337 spent this past weekend looking at the repositories of the FTX attacker to ChipMixer.
It seems that they probably transferred part of the stolen FTX funds to OKX after withdrawing from CM.
So far we have counted at least $4.1m (255 BTC) sent to OKX pic.twitter.com/C46JZWtktn
– ZachXBT (@zachxbt) November 29, 2022
According to ZachXBT, the FTX hacker first started depositing BTC into ChipMixer on November 20, after using Ren Bridge, a protocol that acts as a bridge for cryptocurrencies. In his analysis, ZachXBT shared that he observed a pattern with addresses receiving funds from ChipMixer. According to him, each of the addresses follows a similar pattern; “withdrawal from CM”, “50% shell out” and then “50% deposited to OKX”.
After the discovery of the deposits made to the OKX exchange, the Director of OKX shared on Twitter that; “OKX is aware of the situation, and the team is investigating the wallet.”
#OKX aware of the situation, and the team investigates the wallet.
– lennixlai.eth (OKX) (@LennixOKX) November 29, 2022
Related: OKX releases proof-of-booking page, along with instructions on how to self-audit its books
On November 12, Cointelegraph reported that the hack was flagged right after FTX announced bankruptcy. At the time, of the $663 million drained, approximately $477 million was suspected to have been stolen, while the rest is believed to have been moved into safe storage by FTX itself.
On November 20, the hacker began transferring his Ether (ETH) holding to a new wallet address. The FTX wallet was the 27th largest ETH holder after the hack, but fell by 10 positions after dumping 50,000 ETH.
The fact that hackers managed to drain assets from FTX global and FTX.US at the same time, despite these two entities being completely independent, has become a hot topic of discussion within the crypto community, and has raised speculation that it may be an inside job.