Research by blockchain intelligence firm Elliptic has revealed potential links between the FTX hacking incident last November, which resulted in an estimated $400 million loss, and Russian-based cybercrime groups.
The majority of the stolen assets, primarily in Ether (ETH), had remained dormant for five days following the breach, before a significant portion of the funds was exchanged to Bitcoin (BTC) using the RenBridge cross-chain tool.
Around 65,000 ETH, worth approximately $100 million, were reportedly exchanged into Bitcoin in this way.
The news was first reported by CoinDesk on Thursday, citing research shared with them by Elliptic.
The report highlighted that out of the 4,536 BTC converted from ETH through RenBridge, 2,849 BTC had been routed through mixers, with ChipMixer being the main service used.
The tracing of the assets that went through the mixer is challenging, but it is clear that at least $4 million ended up on exchanges, potentially converted to fiat currency, Elliptic told CoinDesk.
Following the shutdown and seizure of ChipMixer during an international law-enforcement operation, the attackers turned to the coin mixer Sinbad as an alternative.
Despite the identity of the attackers remaining unknown, analysis of wallet data and fund movements may help uncover further information about the attackers, Elliptic said.
So far, the suspects have ranged from rogue FTX employees doing an inside job to the North Korean hacker group Lazarus, which has been associated with various crypto protocol exploits.
However, most on-chain evidence, according to Elliptic, points toward Russian groups.
CoinDesk cited Elliptic as saying:
"A Russia-linked actor seems a stronger possibility. Of the stolen assets that can be traced through
Read more on cryptonews.com