Massive Cyber Heist in the Cryptocurrency World
In an alarming incident that rocked the cryptocurrency world in 2024, the Bittensor protocol fell victim to a massive cyber heist, resulting in the loss of around $28 million in TAO tokens. This breach has come under scrutiny from blockchain investigator ZachXBT, who has made significant progress in tracking the illicit movement of the stolen assets despite the hacker’s attempt to obfuscate their activities using Railgun, a privacy tool designed for secure transactions.
Investigation and Tracking of Stolen Assets
Through meticulous analysis, ZachXBT was able to trace the stolen funds’ pathway, pinpointing a principal suspect who appears to have played a central role in the operation. The cybercriminals initially funneled the stolen assets through instant exchanges, converting them into Monero, before transferring roughly $5 million to Railgun via various cryptocurrencies, including Ethereum, USDC, and WETH. Railgun promotes itself as a platform for anonymity, akin to Tornado Cash, but has unfortunately been utilized as a means to disguise stolen cryptocurrencies.
Investigation Techniques and Findings
ZachXBT’s investigative tactics included precise timing and value matching, which were crucial in correlating deposits and withdrawals within the Railgun network. He noted,
“Unique denominations and short intervals between transactions ensure reliable de-mixing.”
Once the funds were withdrawn, they were dispersed across three different wallets, which later engaged in the buying and selling of anime-themed NFTs. Although leveraging fake NFT trading is an atypical method for laundering illicit crypto, it appeared to serve as a cover for these illicit transfers in this instance.
Connection to Bittensor User
One particular wallet linked to this suspicious activity was associated with a Bittensor user named Rusty, who developed Skrtt Racing, a project that allowed participants to bet on races featuring toy cars reminiscent of Hot Wheels.
After thorough investigation, ZachXBT identified the individual connected to that wallet as Ayden B, who refuted any involvement in the hack but acknowledged ownership of the wallets associated with the questionable transactions. The investigator maintained optimism that the evidence gathered could lay the groundwork for potential criminal proceedings against those involved in this substantial heist.
