Shiba Inu Dev Alerts FBI After Shibarium Hack Trail Points To KuCoin
Shiba Inu’s core growth staff is escalating its response to the Shibarium bridge exploit after a brand new on-chain investigation mapped the hacker’s Tornado Cash laundering path to KuCoin deposit accounts. Reacting to on-chain sleuth Shima (@MRShimamoto) on X, core developer Kaal Dhairya wrote “Great work! This must be amplified. I can even guarantee it’s despatched to the FBI connected to the open investigation report and request Kucoin to cooperate.”
Shiba Inu Sleuth Exposes Shibarium Hacker
The Shibarium bridge was exploited in mid-September in an assault estimated at around $2.3–$2.4 million, after the perpetrator seized a super-majority of validator keys and withdrew belongings together with ETH, SHIB and KNINE. K9 Finance DAO, Shibarium’s liquid-staking associate, launched a bounty course of that began at 5 ETH, later advanced to a 20 ETH smart-contract offer and in the end to a ultimate 25 ETH proposal endorsed instantly by the Shiba Inu staff. The exploiter by no means accepted, and K9 Finance has since confirmed that the unclaimed ETH within the bounty contract has been returned to contributors, with Shib.io receiving again 20 ETH.
In an in depth 1 December thread, Shima mentioned the “Shibarium Bridge hacker foolishly selected to not settle for the K9 bounty – it’s lastly time to share the investigation we’ve been engaged on,” describing months of tracing that concerned hundreds of transactions and 111 wallets. His reconstruction exhibits 260 ETH flowing from exploit-linked wallets into Tornado Cash, with 232.49 ETH in the end reaching KuCoin by 48 deposits into 45 distinctive KuCoin deposit addresses, which he believes are largely operated by cash mules somewhat than the hacker instantly.
According to his write-up and an accompanying MetaSleuth dashboard, the path begins with the unique exploit deal with and 9 “dumping” wallets. Those wallets obtained the stolen tokens, liquidated them regularly for ETH over roughly per week, and despatched a complete of 260 ETH into Tornado Cash. Of that quantity, 250 ETH entered the mixer’s 10-ETH pool and 10 ETH the 1-ETH pool in an try to interrupt on-chain linkability between the hack and any later withdrawals.
The important breakthrough, Shima says, took place forty days after the exploit. A pockets already tied to the hacker cluster despatched precisely 0.0874 ETH to what was meant to be a clear Tornado withdrawal pockets. That minor top-up, he describes as “one silly mistake” that “fully unravelled their Tornado Cash laundering,” as a result of it established a direct on-chain connection between the exploit aspect of the graph and a supposedly nameless post-mixer deal with. From that contaminated node he was in a position to work outward, clustering a number of Tornado withdrawal wallets, intermediaries and ultimate KuCoin “funnel” wallets.
Shima studies that every funnel pockets usually routes funds to 2 KuCoin deposit addresses, making a ultimate cluster of 45 KuCoin endpoints and roughly two dozen depositors that he argues might be handled as money-mule cash-out accounts. He says the total deal with checklist, transaction graph and methodology had been first shared privately with the Shibarium staff so they may strategy regulation enforcement and KuCoin whereas any funds remained inside attain. However, he recounts that KuCoin’s fraud desk insisted on receiving a proper law-enforcement case quantity earlier than performing on the proof.
The official ShibariumInternet X account has now publicly backed the analysis: “Thanks to @MRShimamoto for doing all of the arduous work right here to compile this thread. We really admire your diligence and methodical strategy. Hopefully this investigation can proceed with the assistance of the right authorities. The communities want solutions.”
At press time, Shiba Inu (SHIB) traded at $0.00000878