Part of the US$400 million worth of digital assets stolen last November from the bankrupt FTX cryptocurrency exchange may have ties to Russian cybercriminal groups, according to analysis by blockchain intelligence firm Elliptic, shared with Coindesk.

See related article: Digital assets are here to stay, Bahamas prime minister says

Fast Facts

  • “A Russia-linked actor seems a stronger possibility,” the firm told Coindesk. “Of the stolen assets that can be traced through ChipMixer, significant amounts are combined with funds from Russia-linked criminal groups, including ransomware gangs and darknet markets, before being sent to exchanges.”
  • The firm reportedly said that the funds, which are mostly in Ether, were dormant for five days before 65,000 ETH worth around US$100 million were moved to Bitcoin using RenBridge, before the attackers used ChipMixer and other crypto mixing services to mask their addresses.
  • “At least US$4 million was transferred to exchanges, where it may have been cashed out,” the firm added.
  • Approximately US$323 million was stolen by an “unauthorized third party” from FTX international and US$90 million was drained from the accounts of FTX U.S.
  • The FTX hacker briefly became the 35th largest Ethereum holder last November, with a total of 228,523.83 Ether.

See related article: DOJ seeks to block Bankman-Fried from bringing up Anthropic fundraise in court