The 15,000 ether (ETH) held in a wallet linked to last year’s $600 million attack on FTX’s wallets has recently been on the move, passing through privacy tools and bridges.
Last November, shortly after FTX and its affiliated entities filed for bankruptcy, an unidentified entity managed to drain multiple wallets, siphoning off approximately $600 million.
A single wallet retained $26 million worth of ETH, equivalent to 15,000 ether, until this past weekend when the first portion of 2,500 ETH (equivalent to $4 million) initiated its journey, ultimately arriving at destinations like the Thorchain bridge, the Railgun privacy wallet, or intermediary addresses.
Subsequently, the remaining funds have also been relocated, with a significant portion making its way to the Thorchain router.
Some funds found their way to a contract labelled “Metamask: Swap Router.“
The Railgun privacy wallet serves as a secure repository for tokens, facilitating users in leveraging their funds for decentralised financial (DeFi) services, including lending and borrowing.
These transactions remain shielded, rendering the specific use of these funds undisclosed.
Conversely, Thorchain operates as a bridge that empowers users to seamlessly exchange tokens across various blockchains, circumventing potential transfer restrictions.
It is estimated that addresses linked to the exploit may have orchestrated the transfer of over $32 million worth of ether via THORChain.
These developments unfold just as FTX’s founder and former chief executive, Sam Bankman-Fried (SBF), is poised to face trial, further intensifying the mystery surrounding the exchange’s collapse last year.
Notably, the identities of the parties responsible for the attack remain elusive.
In the aftermath of the exploit, numerous addresses accumulated a variety of tokens, including ETH and the dai (DAI) stablecoin, subsequently converting them into 37,000 ether, underscoring the complexity and intrigue of this incident.