AnubisDAO 地毯拉動嫌疑犯的可能身分曝光

Two years ago, AnubisDAO was rug-pulled for about $60 million worth of Ethereum (ETH) and funds were never recovered. However, the blockchain never forgets and block analysts have been keeping an eye on Anubis exploiter wallets.

兩年前，AnubisDAO 被盜走價值約 6,000 萬美元的以太坊 (ETH)，資金從未收回。然而，區塊鏈永遠不會忘記，區塊分析師一直在關注阿努比斯漏洞利用錢包。

New on-chain analysis by ZachXBT may have revealed who the scammers are.

ZachXBT 的新鏈上分析可能已經揭示了騙子是誰。

Deeper analysis reveals possible identity of exploiters

更深入的分析揭示了剝削者的可能身份

An analysis done by ZachXBT, an on-chain analyst, shows that the funds ended up in two exchange deposit addresses.

鏈上分析師 ZachXBT 所做的分析顯示，這些資金最終流入了兩個交易所存款地址。

These addresses are 0x51da686c7a2f973ad11fafed6ce9a3ffc020349f, herein marked as (1) and 0x253d7ba533b7d13720fb5ec5a7d1e64d4ff3f58b, herein labeled as (2).

這些地址是0x51da686c7a2f973ad11fafed6ce9a3ffc020349f，本文標示為(1)，以及0x253d7ba533b7d13720fb5ec5a7d1e64d4ff3f58b，本文標示為(222)。

1/ Here is my analysis of the $60M Anubis DAO rug pull.

I noticed a clear trend in 2023 of funds being withdrawn from Tornado Cash and bridged to Polygon before consolidating to two exchange accounts. pic.twitter.com/UX0uHSG9TN
— ZachXBT (@zachxbt) July 20, 2023
1/ 這是我對 6000 萬美元 Anubis DAO 地毯拉力的分析。我注意到 2023 年有一個明顯的趨勢：資金從 Tornado Cash 中提取並橋接到 Polygon，然後合併到兩個交易帳戶。 pic.twitter.com/UX0uHSG9TN—ZachXBT (@zachxbt) 2023 年 7 月 20 日

ZachXBT was able to trace a transaction of 95 ETH sent to (1) from bsl.eth, an address owned by Beerus. Up until now, the identity of the DAO exploiters had remained unknown. Upon further investigation, wallet (1) belongs to Ersan, a friend of Beerus.

ZachXBT 能夠追蹤從 Beerus 擁有的地址 bsl.eth 發送到 (1) 的 95 ETH 交易。到目前為止，DAO 剝削者的身份仍然未知。經進一步調查，錢包（1）屬於比魯斯的朋友艾桑（Ersan）。

While Beerus’ Twitter account is mainly dormant, having posted last in October 2021, Ersan is quite active, only recently posting on July 20, 2023.

Beerus 的 Twitter 帳號主要處於休眠狀態，最後一次發文是在 2021 年 10 月，而 Ersan 則相當活躍，最近才在 2023 年 7 月 20 日發佈。

You might also like: Attacker behind AnubisDAO rug pull transfers another $5.9m to Tornado Cash

您可能還喜歡：AnubisDAO rug pull 背後的攻擊者將另外 590 萬美元轉移到 Tornado Cash

AnubisDAO rug pull suspects laid low for 2 years

AnubisDAO 地毯拉動嫌疑犯已被埋藏兩年

In October 2021, following the massive Dogecoin pump, AnubisDAO raised 13,556 ETH from crypto investors. However, just 20 hours after receiving the funds, the ETH was sent to different addresses in a rug pull.

2021 年 10 月，隨著狗狗幣的大規模上漲，AnubisDAO 從加密貨幣投資者籌集了 13,556 ETH。然而，在收到資金後僅 20 小時，ETH 就被迅速發送到不同的地址。

The result was an immediate loss for investors.

結果是投資者立即遭受損失。

Two years later, block analysts noticed a trend of the funds (13,556 ETH) getting bridged to Polygon before getting sent to two exchange deposit addresses. These funds were moved through Tornado Cash, a cryptocurrency mixer that completely anonymizes transactions.

兩年後，區塊分析師注意到資金（13,556 ETH）在被發送到兩個交易所存款地址之前先橋接到 Polygon 的趨勢。這些資金透過 Tornado Cash 轉移，這是一種完全匿名交易的加密貨幣混合器。

As it turned out, the rug pullers didn’t move funds for over two years only for Peckshield, a blockchain security firm, to be among the first on-chain analytics platforms to pick out funds’ movements.

事實證明，拖拉機在兩年多的時間裡沒有轉移資金，只是為了讓區塊鏈安全公司 Peckshield 成為首批識別資金動向的鏈上分析平台之一。

It seems the rugged @AnubisDAO funds are being washed via @TornadoCash https://t.co/DPoZ1ifSNX https://t.co/LvDSUsL6tS pic.twitter.com/mKfSdTE6D9
— PeckShieldAlert (@PeckShieldAlert) July 16, 2023
看來堅固的 @AnubisDAO 資金正在透過 @TornadoCash https://t.co/DPoZ1ifSNX https://t.co/LvDSUsL6tS pic.twitter.com/mKfSdTE6D9 — PeckShieldAlert (@PeckShieldAlert) 2023 年 7 月 16 日被清洗

Hackers may be involved in other online scams

駭客可能參與其他網路詐騙

Further deep-dive reveals that Ersan is a notorious exploiter who “works with multiple ‘suppliers’ for a scam website known as CDGORoll.”

進一步深入研究表明，Ersan 是一位臭名昭著的剝削者，他“與多個‘供應商’合作開發一個名為 CDGORoll 的詐騙網站。”

Warren, another blockchain analyst, links Ersan to high-level and coordinated online casino scams involving shady payment processors and x-rated website hosting services.

另一位區塊鏈分析師 Warren 將 Ersan 與高級且協調的線上賭場詐騙聯繫起來，涉及可疑的支付處理器和 x 級網站託管服務。

Great finds, Zach.

Ersan, the owner of the address you mentioned in the 3rd tweet, works with multiple "suppliers" for a scam website known as CSGORoll. The money is laundered through there into some very odd places. This site is a hub for illegal funds. https://t.co/cdhA8V5WIt
— Warren (@variancewarren) July 20, 2023
很棒的發現，Zach.Ersan，您在第三條推文中提到的地址的所有者，與多個「供應商」合作，為名為 CSGORoll 的詐騙網站提供服務。這些錢通過那裡被洗到一些非常奇怪的地方。該網站是非法資金的中心。 https://t.co/cdhA8V5WIt— 沃倫 (@variancewarren) 2023 年 7 月 20 日

This breakdown comes weeks after PolyNetwork was hacked for millions of dollars.

這次故障發生幾週前，PolyNetwork 遭到駭客攻擊，損失了數百萬美元。

Given the size and patience of the AnubisDAO exploiters, investors may have to watch as their investment disappears into the Tornado Cash black hole.

考慮到 AnubisDAO 開發者的規模和耐心，投資者可能不得不眼睜睜地看著他們的投資消失在 Tornado Cash 黑洞中。

了解更多：PolyNetwork 據稱遭到駭客攻擊，偵測到大量交易