Twitter | Search | |
Frank Topbottom
hacker used Tornado to fund his address a week ago. Right after that, he claimed tokens for one of arbitrage contracts and withdrew them to himself in another tx by simulating arb. In theory, this claim could be a hack, which is why a mixer might have been used.
Reply Retweet Like More
Frank Topbottom Sep 29
Replying to @FrankResearcher
But it was necessary to guess without source code that arb function would help to withdraw and then use it in a certain way. Because of this, I’m more confident that it was the creator of the arb contract himself - 0x2d033fe
Reply Retweet Like
Frank Topbottom Sep 29
Replying to @FrankResearcher
My hypothesis based on on-chain data: 0x223034e = hacker 0x762bfbd = the contract from which the hacker withdrawn 0x2d033fe = address of creator of 0x762bfbd 0x2f14f72 = address which funded creator (very likely one owner)
Reply Retweet Like
Frank Topbottom Sep 29
Replying to @FrankResearcher
The arbitrageur, in turn, received funds from two addresses funded from 0x2f14f72. This gives hope for the identification of a possible culprit, because this address used Huobi, Bitmax, Hotbit and 1inch. For these projects to help, first contact the police. GL
Reply Retweet Like
David Iach | davidiach.eth 👨‍🌾 Sep 29
Great work!
Reply Retweet Like
0xdeadf4ce Sep 29
Replying to @FrankResearcher
Looks like we got the culprit! Check the decompiled source of the contract. Hard coded permissions for 0x2d033 -
Reply Retweet Like
CM Sep 29
Damn, skills
Reply Retweet Like
wallfacer Sep 29
Replying to @FrankResearcher
Sherlock?
Reply Retweet Like
Rihand Sep 29
English please ?
Reply Retweet Like
Cockporock Sep 29
Replying to @FrankResearcher
aren't you going to list here
Reply Retweet Like