Beosin: Once the funds related to the Bybit exchange hacker attack enter the Tornado.cash mixer, the fund penetration analysis will be immediately initiated

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

Beosin: Once the funds related to the Bybit exchange hacker attack enter the Tornado.cash mixer, the fund penetration analysis will be immediately initiated

02-22 11:01

Odaily News The Beosin security team conducted in-depth tracking and analysis of the stolen funds in the Bybit exchange hacker attack. The study found that one of the stolen funds deposit addresses, 0x36ed3c0213565530c35115d93a80f9c04d94e4cb, transferred 5,000 ETH to the split address 0x4571bd67d14280e40bf3910bd39fbf60834f900a at 06:28:23 UTC on February 22, 2025. Subsequently, the funds were split into amounts ranging from tens to hundreds of ETH at a frequency of once every few minutes, and further transferred to multiple addresses. It is worth noting that after multiple transfers, some funds attempted to cross-chain to the BTC chain address bc1qlu4a33zjspefa3tnq566xszcr0fvwz05ewhqfq through Chainflip, indicating that hackers attempted to further conceal the flow of funds through cross-chain operations. In addition, at 07:44:47 UTC on February 22, 2025, the split address transferred 56.68 ETH to the black address 0x33d057af74779925c4b2e720a820387cb89f8f65. This address is marked as "Hacker: Phemex Hacker" in the Beosin tag library, and the "Phemex Exchange $85 million theft" was done by the well-known hacker group Lazarus Group. This key discovery further confirms our previous inference based on the similarity between the attack mode and the WazirX incident, that is, the Bybit exchange hacker attack is very likely related to the Lazarus Group. It is worth mentioning that in the Phemex incident, some of the stolen funds were transferred to mixers such as Tornado Cash to conceal their flow. For the Bybit incident, we are fully prepared. Once the relevant funds enter the Tornado.cash mixer, Beosin will immediately start the fund penetration analysis. The special working group has been equipped with the latest version of the Tornado Cash penetration algorithm, and several professional analysts who have successfully completed fund penetration in similar cases have joined to ensure that the flow of funds can be tracked efficiently and provide strong support for subsequent actions. At present, the Beosin security team is cooperating with the Bybit security team to track funds.

最热快讯

2025-06-06 03:23:37

Hyperliquid’s 50x leveraged BTC short position turned from loss to profit, with a floating profit of over $600,000

Odaily News According to hypurrscan data, as the price of BTC fell this morning, Hyperliquid's 50x leverage whale turned its previous BTC short position into a profit, with a current floating profit of over $600,000. Its current position is 394 BTC short positions, with a total value of over $40 million, an average opening price of $103,772, and a liquidation price of $104,230.

2025-06-06 02:59:35

James Wynn wrote a long article about himself: He started playing with contracts in March, earned 8-digit profits from Meme coins, and lost 100 million in a week

Odaily News James Wynn posted on the X platform that he had just started to participate in perpetual contract trading in March this year. He had never traded seriously before, and at most he speculated on MEME coins (previously he was famous for discovering PEPE at a market value of 600,000 and making 8-digit profits). He once rolled over 3 million US dollars to 100 million in just one month, and then lost it all in one week on HyperLiquid. At that time, he was just playing around, but the on-chain data was public, and hundreds of thousands of people watched his account soar and plummet, so he just let himself go. Later, things gradually got out of control. He understood that this was essentially gambling. He wanted to recover his losses, but he was also afraid of being laughed at for "making 100 million and not being able to keep it", so he got deeper and deeper. The numbers jumping on the screen became a virtual game, and greed completely prevailed.

2025-06-06 02:55:00

BTC rebounded and broke through 102,000 USDT, and the 24-hour decline narrowed to 2.87%

Odaily News OKX market shows that BTC rebounded and broke through 102,000 USDT, and is now at 102,016.4 USDT, with the 24-hour decline narrowed to 2.87%. (This newsletter is generated by AI)

2025-06-06 02:52:44

SlowMist: Lazarus hackers are using a new stealing Trojan, OtterCookie, to target cryptographic practitioners

Odaily News The SlowMist security team has issued a warning that the North Korean Lazarus hacker group is using a new stealing Trojan called OtterCookie to launch targeted attacks against cryptocurrency and financial practitioners. Attack methods include faking high-paying job interviews/investor negotiations, using deepfake videos to impersonate recruiters, and disguising malware as "programming test questions" or "system update packages." Theft targets include login credentials saved by browsers, passwords and digital certificates in macOS keychains, and encrypted wallet information and private keys. SlowMist recommends being vigilant about unsolicited job/investment invitations, requiring multiple verifications for remote interviews, and never running executable files of unknown origin, especially so-called "technical test questions" or "update patches." Strengthen terminal protection (EDR), deploy antivirus software, and regularly check for abnormal processes.

2025-06-06 02:39:54

Abraxas Capital shorts mainstream currencies for hedging, with current floating profits exceeding $55 million

Odaily News According to OnchainLens monitoring, Abraxas Capital shorted BTC, ETH, SOL, HYPE and SUI through two wallets on the HyperLiquid platform, with current floating profits exceeding US$55 million during the market decline.

2025-06-06 02:31:24

TRUMP wallet official website linked to account X for the second time

Odaily News After the X account @TrumpWalletApp associated with the official website of TRUMP Wallet was frozen for the second time, it has now been unfrozen again. It is reported that the X account of TRUMP Wallet was frozen by the X platform on June 4, and was unfrozen and frozen again the next day. According to previous news, the official website of TRUMP Wallet showed that the wallet was jointly developed by Magic Eden and TRUMP Meme, but Donald Trump Jr., the eldest son of Trump, said that the Trump Group had no connection with this wallet product.

资讯热榜