{"id":447404,"date":"2023-10-12T10:02:24","date_gmt":"2023-10-12T10:02:24","guid":{"rendered":"https:\/\/insidebitcoins.com\/?p=447404"},"modified":"2023-10-12T18:05:27","modified_gmt":"2023-10-12T18:05:27","slug":"russian-cybercriminal-groups-suspected-in-ftx-hack","status":"publish","type":"post","link":"https:\/\/insidebitcoins.com\/news\/russian-cybercriminal-groups-suspected-in-ftx-hack","title":{"rendered":"Russian Cybercriminal Groups Suspected in FTX Hack"},"content":{"rendered":"

An estimated $400 million that went missing from Sam Bankman-Fried’s bankrupt FTX may be linked to Russian cybercriminal groups, research firm Elliptic says.<\/span><\/p>\n

It reported <\/a>on Oct. 12 that the funds that were stolen in  November 2022, mostly in ether (ETH), remained inactive for five days before a substantial amount, 65,000 ETH ($100 million), was moved to the Bitcoin blockchain using the RenBridge service<\/span><\/a>.<\/span><\/p>\n

After that, the attackers utilized a mixer, a blockchain-based tool, to hide their tracks. <\/span><\/p>\n

“Of the 4,536 Bitcoins converted from ether at RenBridge, 2,849 BTC was sent through mixers, predominantly a service called ChipMixer,” Elliptic said. “Tracing these assets becomes more challenging, however at least $4 million was transferred to exchanges, where it may have been cashed out.”<\/span><\/p>\n

\"The
The crypto assets stolen from FTX (Source: Elliptic)<\/figcaption><\/figure>\n

Unveiling the Suspects<\/span><\/h2>\n

While the individuals behind the attack remain unidentified, there is hope that insights from wallet data and an examination of fund movements could provide essential leads. <\/span><\/p>\n

The suspects linked to the FTX hack encompass a wide spectrum, ranging from potential rogue FTX employees to the well-known North Korean hacking group, Lazarus, which has a track record of exploiting various cryptocurrency systems, Elliptic said. <\/span><\/p>\n

But the balance of evidence leans more toward “a Russia-linked actor,” it said.<\/span><\/p>\n

Elliptic also highlighted that a significant part of the stolen assets, which can be tracked through ChipMixer, seem to have connections with funds from criminal groups associated with Russia, including ransomware gangs and secretive online markets, before eventually reaching cryptocurrency exchanges.<\/span><\/p>\n

The complex set of clues could indicate the involvement of an intermediary or middleman connected to Russia, the report said.<\/span><\/p>\n

\"Daily
Daily number of transactions involving the stolen assets (Source: Elliptic)<\/figcaption><\/figure>\n

FTX Fallout<\/span><\/h2>\n

The FTX hack had profound consequences, hitting both the international exchange and its U.S. platform. In the wake of the attack, Sam Bankman-Fried faced criminal charges. <\/span><\/p>\n

Inside Bitcoins reported<\/span><\/a> that stolen assets that had remained dormant for about a year began moving shortly before Bankman-Fried’s trial commenced and have continued to be on the move. <\/span><\/p>\n

Just this month, over 15,000 ether, equivalent to nearly $25 million, were exchanged for other tokens using the privacy wallet Railgun and the THORChain exchange.<\/span><\/p>\n

Related Articles<\/b><\/span><\/h3>\n