FTX hacker begins possible Pump & Dump scam as troll messages & cryptic tokens sent to Uniswap
Deeper look at on-chain data shows the hacker has been sending messages to exchanges, Vitalik and Uniswap using tokens created within the past 24 hours.
Update Nov. 20: The mentioned transactions below appear to have been subject to transaction spoofing and, thus, the relationship between the hacker and the tokens is therefore still unknown.
The FTX Hacker address — 0x59AB…fd32b — is sending cryptic tokens, including one labeled “WHAT HAPPENED” to addresses across the blockchain, including exchanges, Vitalik, and Uniswap.
A deeper analysis of the on-chain transactions by CryptoSlate revealed the messages have been going on for multiple days using newly created tokens such as “WHAT HAPPENED,” “CRO NEXT,” and “FTX SUCKS.”
The image below showcases the token, “WHAT HAPPENED,” which was created at 9.40 AM GMT and minted directly to the FTX Hacker’s address with a supply of 1 billion tokens. Within 2 minutes, 90% of the tokens were sent to the Uniswap V2 contract, with many others distributed among other addresses linked to the Hacker.
Investors should be aware that such tokens may be trading on Uniswap with accounts linked to the FTX Hacker wallet, tagged as ‘FTX Accounts Drainer 1 – 6,’ potentially trading the tokens to inflate their price. The possibility of a new scam targeting meme coin investors is now feasible.
The name of the token — ‘WHAT HAPPENED’ — relates to a series of obscure tweets sent from former CEO Sam Bankman-Fried’s Twitter account over the past few days. A ten-part thread started with the word ‘what’ and then continued to spell out the word ‘happened’ before ending with the following statement:
10) [NOT LEGAL ADVICE. NOT FINANCIAL ADVICE. THIS IS ALL AS I REMEMBER IT, BUT MY MEMORY MIGHT BE FAULTY IN PARTS.]
— SBF (@SBF_FTX) November 15, 2022
Examples of other tokens and transactions can be seen below, including the WHAT, SOYCONMAN, FTX SUCKS, CRO NEXT, and FUCK FTX tokens.
CryptoSlate is utilizing Arkham Intelligence to track transactions, and will publish any further developments as we find them.
As of press time, the account has also moved roughly $50 million out, with close to $300 million left in the wallet.
Arkham Intelligence shared insights revealing that the Hacker had moved $48.2 million DAI to ETH on Cowswap.
In the past 3 hours, the FTX attacker swapped their entire balance of DAI – $48.2 million – into ETH on Cowswap.
On two different accounts, the attacker managed to swap $4 million DAI to ETH, and swapped $5 million USDT to ETH, without getting blacklisted by Tether. pic.twitter.com/aHwknkrL8F
— Arkham | Crypto Intelligence (@ArkhamIntel) November 15, 2022