ZachXBT
@zachxbt1.bsky.social
On September 24, 2025 addresses linked to SBI Crypto saw ~$21M in suspicious outflows on Bitcoin, Ethereum, Litecoin, Doge, & Bitcoin Cash.
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash.
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash.
October 2, 2025 at 4:44 PM
On September 24, 2025 addresses linked to SBI Crypto saw ~$21M in suspicious outflows on Bitcoin, Ethereum, Litecoin, Doge, & Bitcoin Cash.
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash.
The stolen funds were transferred to five instant exchanges and deposited to Tornado Cash.
A new Bloomberg article on Scattered Spider revealed that the centralized exchange Crypto[.]com previously had a breach and never publicly disclosed the incident that exposed the personal information for a portion of its users.
#crypto #bloomberg #scatteredspider #cryptodotcom
#crypto #bloomberg #scatteredspider #cryptodotcom
September 22, 2025 at 12:18 AM
A new Bloomberg article on Scattered Spider revealed that the centralized exchange Crypto[.]com previously had a breach and never publicly disclosed the incident that exposed the personal information for a portion of its users.
#crypto #bloomberg #scatteredspider #cryptodotcom
#crypto #bloomberg #scatteredspider #cryptodotcom
Reposted by ZachXBT
Vorab analysierte Kryptowährung...
Kredit @zachxbt1.bsky.social
_
#Kryptowährung #Krypto #Kryptographie #RCMP #Kryptografie
Kredit @zachxbt1.bsky.social
_
#Kryptowährung #Krypto #Kryptographie #RCMP #Kryptografie
September 18, 2025 at 6:53 PM
Vorab analysierte Kryptowährung...
Kredit @zachxbt1.bsky.social
_
#Kryptowährung #Krypto #Kryptographie #RCMP #Kryptografie
Kredit @zachxbt1.bsky.social
_
#Kryptowährung #Krypto #Kryptographie #RCMP #Kryptografie
In a press release, RCMP just confirmed they seized 56M CAD in assets from TradeOgre.
#crypto #cryptonews #rcmp #tradeogre
#crypto #cryptonews #rcmp #tradeogre
September 19, 2025 at 11:53 AM
In a press release, RCMP just confirmed they seized 56M CAD in assets from TradeOgre.
#crypto #cryptonews #rcmp #tradeogre
#crypto #cryptonews #rcmp #tradeogre
This week the project @OpenVPP ($OVPP) claimed to be working with the US government on the tokenization of energy.
12 hrs ago Hester Pierce replied saying she does not work alongside or endorse private crypto projects.
12 hrs ago Hester Pierce replied saying she does not work alongside or endorse private crypto projects.
September 18, 2025 at 12:06 AM
This week the project @OpenVPP ($OVPP) claimed to be working with the US government on the tokenization of energy.
12 hrs ago Hester Pierce replied saying she does not work alongside or endorse private crypto projects.
12 hrs ago Hester Pierce replied saying she does not work alongside or endorse private crypto projects.
JP (THORChain co-founder & Vultisig co-founder) had a personal wallet drained for $1.35M by DPRK on September 9, 2025 after a meeting call scam on Telegram.
Ironically JP and his products have benefited significantly financially from the laundering of DPRK exploits/hacks such as Bybit in the past.
Ironically JP and his products have benefited significantly financially from the laundering of DPRK exploits/hacks such as Bybit in the past.
September 13, 2025 at 5:34 PM
JP (THORChain co-founder & Vultisig co-founder) had a personal wallet drained for $1.35M by DPRK on September 9, 2025 after a meeting call scam on Telegram.
Ironically JP and his products have benefited significantly financially from the laundering of DPRK exploits/hacks such as Bybit in the past.
Ironically JP and his products have benefited significantly financially from the laundering of DPRK exploits/hacks such as Bybit in the past.
Yesterday an unknown victim was exploited for ~3.047M USDC on Ethereum.
The attacker swapped USDC for ETH and immediately deposited the funds to Tornado.
Theft address
0xf0a6c5b65a81f0e8ddb2d14e2edcf7d10c928020
#crypto #usdc #ethereum #scamawareness
The attacker swapped USDC for ETH and immediately deposited the funds to Tornado.
Theft address
0xf0a6c5b65a81f0e8ddb2d14e2edcf7d10c928020
#crypto #usdc #ethereum #scamawareness
September 11, 2025 at 7:14 PM
Yesterday an unknown victim was exploited for ~3.047M USDC on Ethereum.
The attacker swapped USDC for ETH and immediately deposited the funds to Tornado.
Theft address
0xf0a6c5b65a81f0e8ddb2d14e2edcf7d10c928020
#crypto #usdc #ethereum #scamawareness
The attacker swapped USDC for ETH and immediately deposited the funds to Tornado.
Theft address
0xf0a6c5b65a81f0e8ddb2d14e2edcf7d10c928020
#crypto #usdc #ethereum #scamawareness
SwissBorg experienced an incident a few hours ago and 192.6K SOL ($41.5M) was stolen on Solana
Theft address
TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1
Theft address
TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1
September 9, 2025 at 11:29 PM
SwissBorg experienced an incident a few hours ago and 192.6K SOL ($41.5M) was stolen on Solana
Theft address
TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1
Theft address
TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1
It appears the Solana project 'Aqua' has likely rug pulled 21.77K SOL ($4.65M) after being promoted by teams such as Meteora, Quill Audits, Helius, SYMMIO, Dialect, and many influencers.
September 9, 2025 at 11:25 PM
It appears the Solana project 'Aqua' has likely rug pulled 21.77K SOL ($4.65M) after being promoted by teams such as Meteora, Quill Audits, Helius, SYMMIO, Dialect, and many influencers.
NEW LEAK: Price sheet of 200+ crypto influencers and their wallet addresses from a project they were recently contacted by to promote.
From 160+ accounts who accepted the deal I only saw <5 accounts actually disclose the promotional posts as an advertisement.
#crypto
From 160+ accounts who accepted the deal I only saw <5 accounts actually disclose the promotional posts as an advertisement.
#crypto
September 2, 2025 at 8:07 AM
NEW LEAK: Price sheet of 200+ crypto influencers and their wallet addresses from a project they were recently contacted by to promote.
From 160+ accounts who accepted the deal I only saw <5 accounts actually disclose the promotional posts as an advertisement.
#crypto
From 160+ accounts who accepted the deal I only saw <5 accounts actually disclose the promotional posts as an advertisement.
#crypto
On Aug 19, 2025 a victim fell for a social engineering scam and lost 783 BTC ($91M) after exchange and hardware wallet customer support were impersonated.
The stolen funds began to peel off and deposits to Wasabi were made by the threat actor.
The stolen funds began to peel off and deposits to Wasabi were made by the threat actor.
August 23, 2025 at 7:43 PM
On Aug 19, 2025 a victim fell for a social engineering scam and lost 783 BTC ($91M) after exchange and hardware wallet customer support were impersonated.
The stolen funds began to peel off and deposits to Wasabi were made by the threat actor.
The stolen funds began to peel off and deposits to Wasabi were made by the threat actor.
1/ An unnamed source recently compromised a DPRK IT worker device which provided insights into how a small team of five ITWs operated 30+ fake identities with government IDs and purchased Upwork/LinkedIn accounts to obtain developer jobs at projects.
August 17, 2025 at 12:30 AM
1/ An unnamed source recently compromised a DPRK IT worker device which provided insights into how a small team of five ITWs operated 30+ fake identities with government IDs and purchased Upwork/LinkedIn accounts to obtain developer jobs at projects.
Update: More court documents were unsealed after my post.
There’s paragraphs in the affidavit which describe the X panel used to compromise accounts and a script for social engineering Redman used.
There’s paragraphs in the affidavit which describe the X panel used to compromise accounts and a script for social engineering Redman used.
July 30, 2025 at 11:36 PM
Update: More court documents were unsealed after my post.
There’s paragraphs in the affidavit which describe the X panel used to compromise accounts and a script for social engineering Redman used.
There’s paragraphs in the affidavit which describe the X panel used to compromise accounts and a script for social engineering Redman used.
1/2 I am pleased to share that Cameron Redman was convicted today & ordered to pay restitution as a result of my investigation.
In June 2022 X panel access was sold for 250 ETH which resulted in 10+ account compromises (JRNY, Beeple, Nouns, Zeneca, DeeKay, etc) & millions stolen via phishing scams.
In June 2022 X panel access was sold for 250 ETH which resulted in 10+ account compromises (JRNY, Beeple, Nouns, Zeneca, DeeKay, etc) & millions stolen via phishing scams.
July 30, 2025 at 9:40 AM
1/2 I am pleased to share that Cameron Redman was convicted today & ordered to pay restitution as a result of my investigation.
In June 2022 X panel access was sold for 250 ETH which resulted in 10+ account compromises (JRNY, Beeple, Nouns, Zeneca, DeeKay, etc) & millions stolen via phishing scams.
In June 2022 X panel access was sold for 250 ETH which resulted in 10+ account compromises (JRNY, Beeple, Nouns, Zeneca, DeeKay, etc) & millions stolen via phishing scams.
Appears my avatar made it on China Central Television (CCTV) yesterday in a short segment about the $243M theft from the Genesis creditor.
July 28, 2025 at 12:47 PM
Appears my avatar made it on China Central Television (CCTV) yesterday in a short segment about the $243M theft from the Genesis creditor.
An observation I have noticed is the easiest way for a project to dilute their brand image is by running a Yaps campaign as they currently incentivize low value farmers who spam AI generated posts vs attracting sticky capital and organic users.
July 25, 2025 at 6:35 PM
An observation I have noticed is the easiest way for a project to dilute their brand image is by running a Yaps campaign as they currently incentivize low value farmers who spam AI generated posts vs attracting sticky capital and organic users.
11/ No matter how many times I say this people need to stop blindly following influencer calls.
I hope X considers suspending his account for all of the scams he’s been involved with.
I hope X considers suspending his account for all of the scams he’s been involved with.
July 22, 2025 at 4:24 PM
11/ No matter how many times I say this people need to stop blindly following influencer calls.
I hope X considers suspending his account for all of the scams he’s been involved with.
I hope X considers suspending his account for all of the scams he’s been involved with.
10/ Crypto Beast temporarily deactivated his account but has since returned doing small giveaways to engagement bait into gaining new followers.
I would expect he does similar pump and dump schemes in the future.
I would expect he does similar pump and dump schemes in the future.
July 22, 2025 at 4:19 PM
10/ Crypto Beast temporarily deactivated his account but has since returned doing small giveaways to engagement bait into gaining new followers.
I would expect he does similar pump and dump schemes in the future.
I would expect he does similar pump and dump schemes in the future.
9/ If you use X search you can clearly see it’s not the first time Crypto Beast has done this, as many old followers got rekt on other bundled rugs $ALPHA $RICH $YE $RUG $ACE $JOHN
July 22, 2025 at 3:13 PM
9/ If you use X search you can clearly see it’s not the first time Crypto Beast has done this, as many old followers got rekt on other bundled rugs $ALPHA $RICH $YE $RUG $ACE $JOHN
8/ Another sniper cluster did indeed sell $2.6M+ with ties to the ALT deployer address but 45+ wallets directly tied to Crypto Beast sold $11M+ so it’s only a small part of the story.
Additional wallets linked to him still hold 89M+ ALT (10% supply)
Additional wallets linked to him still hold 89M+ ALT (10% supply)
July 22, 2025 at 3:04 PM
8/ Another sniper cluster did indeed sell $2.6M+ with ties to the ALT deployer address but 45+ wallets directly tied to Crypto Beast sold $11M+ so it’s only a small part of the story.
Additional wallets linked to him still hold 89M+ ALT (10% supply)
Additional wallets linked to him still hold 89M+ ALT (10% supply)
7/ Meanwhile Crypto Beast lied to followers on X and deleted promotional posts about the token in an attempt to gain sympathy from the community.
July 22, 2025 at 3:01 PM
7/ Meanwhile Crypto Beast lied to followers on X and deleted promotional posts about the token in an attempt to gain sympathy from the community.
6/ Here’s a table with Celestia to Solana instant exchange txns I was able to perform timing analysis on.
My analysis proves the Crypto Beast public wallet is directly tied to the bundled wallets that sold $ALT on July 14, 2025 as the same Celestia address was used to fund all of them.
My analysis proves the Crypto Beast public wallet is directly tied to the bundled wallets that sold $ALT on July 14, 2025 as the same Celestia address was used to fund all of them.
July 22, 2025 at 2:59 PM
6/ Here’s a table with Celestia to Solana instant exchange txns I was able to perform timing analysis on.
My analysis proves the Crypto Beast public wallet is directly tied to the bundled wallets that sold $ALT on July 14, 2025 as the same Celestia address was used to fund all of them.
My analysis proves the Crypto Beast public wallet is directly tied to the bundled wallets that sold $ALT on July 14, 2025 as the same Celestia address was used to fund all of them.
5/ The Celestia address from above transferred small amounts to five instant exchanges from May - July 2025 (Kucoin nested, Sideshift, Binance nested, HTX nested, etc) to fund side wallets.
July 22, 2025 at 2:58 PM
5/ The Celestia address from above transferred small amounts to five instant exchanges from May - July 2025 (Kucoin nested, Sideshift, Binance nested, HTX nested, etc) to fund side wallets.
4/ I observed LedZo5 was funded via instant exchange so I traced back from the funding txns to the Celestia address below by performing a timing analysis.
celestia1chflqywwp0k8rjzgp3w4447fquyk9ynnc6zws5
celestia1chflqywwp0k8rjzgp3w4447fquyk9ynnc6zws5
July 22, 2025 at 2:57 PM
4/ I observed LedZo5 was funded via instant exchange so I traced back from the funding txns to the Celestia address below by performing a timing analysis.
celestia1chflqywwp0k8rjzgp3w4447fquyk9ynnc6zws5
celestia1chflqywwp0k8rjzgp3w4447fquyk9ynnc6zws5
3/ Crypto Beast previously shared a public wallet on X & TG in now deleted posts.
Ledzo5cdS1RYfX4h391fYC8TF6xkwAC8U77F2pCaH4L
Ledzo5cdS1RYfX4h391fYC8TF6xkwAC8U77F2pCaH4L
July 22, 2025 at 2:54 PM
3/ Crypto Beast previously shared a public wallet on X & TG in now deleted posts.
Ledzo5cdS1RYfX4h391fYC8TF6xkwAC8U77F2pCaH4L
Ledzo5cdS1RYfX4h391fYC8TF6xkwAC8U77F2pCaH4L