Upbit Hackers Continue To Spread Out Stolen Ethereum Worth Millions Into Unknown Wallets

by Sunny Hoi

The unidentified hackers who stole $342,000 Ethereum from South Korean cryptocurrency exchange Upbit last week have started to spread out the funds to several ETH wallet addresses. Some professionals believe the theft was an inside job rather than an external security breach.

The move was brought to public attention by Whale Alert, a Twitter bot that dedicatedly follows large transactions on the blockchains of significant cryptocurrencies. Notably, the Upbit hackers are transferring the stolen Ethereum in small chunks – from 1,000 ETH ($148,380) to 10,000 ETH ($1.48 million) to additional addresses.

The $148,380 worth of Ethereum (1,000 ETH) transaction took place at 7:46 A.M. (UTC).

Around five minutes later, a large transaction containing $1.48 million worth of Ethereum ($10,000) from the same address took place at 7:52 A.M. (UTC).

Screenshot of Transactions Made By Upbit Hackers, December 3. Source: Etherscan

Various other transactions, including another 10,000 ETH transfer been made by the Upbit hackers.

Whale Alert has reported that approximately 253,000 Ethereum has been moved by the Upbit hackers.

In the first portion, the hackers transferred approximately 200,000 ETH.

In the last twenty-four hours, they moved another 53,000 ETH.

All in all, that amounts to roughly $37.5 mln.

The unknown hackers could be attempting to spread out the stolen Ethereum in an attempt to avoid the public’s attention and hide the true origin of the funds over the course of various transactions, as multiple cryptocurrency exchanges have promised to freeze the stolen funds if they are deposited on their platforms.

So far, the hackers have transferred small quantities of Ethereum to various trading platforms like Binance and Huobi to see whether the funds would be frozen by the exchanges.

There are various techniques that hackers use to conceal their stolen funds like deploying cryptocurrency mixing services (Tumblers) and creating many wallet addresses to spread out the funds, which may serve as a tactic to attempt and cash out the funds without being identified by law enforcement agencies.

Another cashing out tactic hackers leverage is the use of decentralized cryptocurrency exchanges (DEX). For instance, Cryptopia hackers successfully managed to cash out over $2 million through the EtherDelta decentralized exchange which doesn’t require KYC or anti-money laundering (AML) checks.

Note that these, however, don’t hold sufficient liquidity for the hackers to cash out $342,000 Ethereum, at press time worth $50,851,980.00 million.

It’s important to point out that while spreading out the funds by sending them to various addresses could end up throwing off some, there are blockchain companies that utilize complex tools to trace transactions on a public blockchain like that of Ethereum and law enforcement investigators that specialize in blockchain forensics who are likely already monitoring the transactions of the hackers.

As reported, Upbit hackers have already divided the $50 million worth of stolen coins into four different ETH addresses last week to make following the transactions increasingly difficult.

Related Posts