Blockchain Analysts: FTX Hacker Funds Are on The Move, Here’s Where They’re Headed

Fredrik Vold
Last updated: | 2 min read
Source: Pixabay

Funds said to be stolen from the now-bankrupt crypto exchange FTX are on the move and likely headed for exchanges as hackers attempt to cash out the proceeds.

According to an update from the blockchain intelligence company Chainalysis, the funds have already been converted from Ethereum (ETH) to Bitcoin (BTC) through RenBridge (REN), a protocol that allows for decentralized cross-chain transfers between a number of different blockchains.

The next likely move, according to Chainalysis, is for the funds to be sent to a coin-mixing service in order to obfuscate where they have originated from before the hackers will attempt to cash out.

“We are in touch with our partners across the ecosystem as we work to help secure as many assets as possible to return to depositors,” Chainalysis wrote.

Worth noting, however, is that any further transfers between ETH and BTC using RenBridge is expected to become more difficult going forward, with RenBridge already announcing a freeze on new renBTC mints. And although this was announced for reasons not related to the FTX hack, it would still mean that any remaining ETH that the hackers may be in possession of may need to be sold directly to fiat.

The situation around RenBridge was also pointed to by the popular Twitter user kamikaz_ETH, who said the hackers are “actively dumping ETH on-chain.”

“He’s selling ETH to wBTC to renBTC through aggregators like 1inch,” the user added.

https://www.twitter.com/kamikaz_eth/status/1594257499129270273

Shortly after the tweet, the same user tweeted again, saying the freeze that RenBridge has announced has now incentivized the hackers to “dump the ETH asap.”

https://www.twitter.com/kamikaz_ETH/status/1594326230542974977

As of Monday morning in Europe, the selling of ETH to BTC was still happening, with 185,000 ETH now remaining in the hacker’s main wallet, according to kamikaz_ETH.

https://www.twitter.com/kamikaz_ETH/status/1594624471335591936

Unclear circumstances around the hack

It remains unclear who exactly drained FTX for the funds, with some claiming it must have been an inside job and others hinting the Bahamas government could also somehow be involved.

Notably, FTX itself has also issued a warning about the funds and asked exchanges to return any funds from the hack. “Exchanges should take all measures to secure these funds to be returned to the bankruptcy estate,” a tweet from FTX’s official Twitter account said.