Detective at work ZachXBT has taken to Twitter to clear up what he calls “a lot of misinformation” about the FTX hack and the people who may be responsible for it. He has shared the research he did on what he believes are the three most common mistakes people make about the gap.

The self-proclaimed “chain detective” dispelled many rumors in a lengthy Twitter post on November 20. Rumors were circulating that the Bahamian authorities were behind the FTX attack, that the exchanges knew the true identity of the hacker, and that the perpetrator was trading memecoins.
On November 11, the same day that FTX filed for bankruptcy, the cryptocurrency community began reporting strange transactions on FTX-affiliated wallets. These transactions included the movement of more than $650 million out of the wallet.
The Securities and Exchange Commission of the Bahamas (SCB) issued a statement on November 17 stating that it had ordered the transfer of all of FTX’s digital assets to a digital wallet owned by the commission at the time. Some people thought that the SCB was behind the alleged “hack”, although no one has been officially named as the culprit.
However, ZachXBT argued that the wallet address 0x59 associated with the hacker was a blackhat address and was not affiliated with either the FTX team or the SCB because it “started selling tokens for ETH, DAI, and BNB and using a variety of bridges so that cryptocurrencies could not be frozen on 11/12”. ZachXBT’s reasoning was based on the fact that the address “started selling tokens for ETH, DAI and BNB and used a
“The fact that 0x59 was sporadically dumping tokens and bridging was very different behavior than the other addresses that pulled out of FTX and instead sent to multisig chains like Eth or Tron,” he added. “The behavior of the other addresses that pulled out of FTX and sent to multisig on chains like Ether or Tron was much more consistent.”
Zach further mentions that the blackhat wallet talked to another wallet known as 0x24, which, according to Zach, “had highly suspicious behavior on-chain using questionable services.”
ZachXBT also brought to light the possibility of misinformation regarding the claim that “Kraken or other exchanges” had discovered the identity of the hacker.
Ever since Kraken’s head of security said in a post on November 12 that “We know the identity of the user,” the rumor has been circulating.
According to Zach, “In fact”, the person who was labeled as a hacker was likely simply the FTX group securing the assets in a multi-signature wallet on Tron using Kraken, as the FTX hot wallet had run out of fuel and was not could process. proceedings.
ZachXBT concluded his argument by addressing the persistent claim that the FTX hacker is involved in memecoin trading. This rumor was first brought to light by blockchain analytics firm CertiK.
Instead, the blockchain detective claims that transactions on the Ethereum network have been “forged.” As evidence, the blockchain detective cites a blog post written in March by an Etherscan community member named Harith Kamarul, who describes how transactions can be faked.