AnubisDAO抽头嫌疑人的可能身份揭示

Two years ago, AnubisDAO was rug-pulled for about $60 million worth of Ethereum (ETH) and funds were never recovered. However, the blockchain never forgets and block analysts have been keeping an eye on Anubis exploiter wallets.

两年前，AnubisDAO 被盗走价值约 6000 万美元的以太坊 (ETH)，资金从未收回。然而，区块链永远不会忘记，区块分析师一直在关注阿努比斯漏洞利用钱包。

New on-chain analysis by ZachXBT may have revealed who the scammers are.

ZachXBT 的新链上分析可能已经揭示了骗子是谁。

Deeper analysis reveals possible identity of exploiters

更深入的分析揭示了剥削者的可能身份

An analysis done by ZachXBT, an on-chain analyst, shows that the funds ended up in two exchange deposit addresses.

链上分析师 ZachXBT 所做的分析显示，这些资金最终流入了两个交易所存款地址。

These addresses are 0x51da686c7a2f973ad11fafed6ce9a3ffc020349f, herein marked as (1) and 0x253d7ba533b7d13720fb5ec5a7d1e64d4ff3f58b, herein labeled as (2).

这些地址是0x51da686c7a2f973ad11fafed6ce9a3ffc020349f，本文标记为(1)，以及0x253d7ba533b7d13720fb5ec5a7d1e64d4ff3f58b，本文标记为(2)。

1/ Here is my analysis of the $60M Anubis DAO rug pull.

I noticed a clear trend in 2023 of funds being withdrawn from Tornado Cash and bridged to Polygon before consolidating to two exchange accounts. pic.twitter.com/UX0uHSG9TN
— ZachXBT (@zachxbt) July 20, 2023
1/ 这是我对 6000 万美元 Anubis DAO 地毯拉力的分析。我注意到 2023 年有一个明显的趋势：资金从 Tornado Cash 中提取并桥接到 Polygon，然后合并到两个交易账户。 pic.twitter.com/UX0uHSG9TN—ZachXBT (@zachxbt) 2023 年 7 月 20 日

ZachXBT was able to trace a transaction of 95 ETH sent to (1) from bsl.eth, an address owned by Beerus. Up until now, the identity of the DAO exploiters had remained unknown. Upon further investigation, wallet (1) belongs to Ersan, a friend of Beerus.

ZachXBT 能够追踪从 Beerus 拥有的地址 bsl.eth 发送到 (1) 的 95 ETH 交易。到目前为止，DAO 剥削者的身份仍然未知。经进一步调查，钱包（1）属于比鲁斯的朋友艾桑（Ersan）。

While Beerus’ Twitter account is mainly dormant, having posted last in October 2021, Ersan is quite active, only recently posting on July 20, 2023.

Beerus 的 Twitter 账户主要处于休眠状态，最后一次发帖是在 2021 年 10 月，而 Ersan 则相当活跃，最近才在 2023 年 7 月 20 日发帖。

You might also like: Attacker behind AnubisDAO rug pull transfers another $5.9m to Tornado Cash

您可能还喜欢：AnubisDAO rug pull 背后的攻击者将另外 590 万美元转移到 Tornado Cash

AnubisDAO rug pull suspects laid low for 2 years

AnubisDAO 地毯拉动嫌疑人已被埋藏两年

In October 2021, following the massive Dogecoin pump, AnubisDAO raised 13,556 ETH from crypto investors. However, just 20 hours after receiving the funds, the ETH was sent to different addresses in a rug pull.

2021 年 10 月，随着狗狗币的大规模上涨，AnubisDAO 从加密货币投资者那里筹集了 13,556 ETH。然而，在收到资金后仅仅 20 小时，ETH 就被迅速发送到不同的地址。

The result was an immediate loss for investors.

结果是投资者立即遭受损失。

Two years later, block analysts noticed a trend of the funds (13,556 ETH) getting bridged to Polygon before getting sent to two exchange deposit addresses. These funds were moved through Tornado Cash, a cryptocurrency mixer that completely anonymizes transactions.

两年后，区块分析师注意到资金（13,556 ETH）在被发送到两个交易所存款地址之前先桥接到 Polygon 的趋势。这些资金通过 Tornado Cash 转移，这是一种完全匿名交易的加密货币混合器。

As it turned out, the rug pullers didn’t move funds for over two years only for Peckshield, a blockchain security firm, to be among the first on-chain analytics platforms to pick out funds’ movements.

事实证明，拉地毯的人在两年多的时间里没有转移资金，只是为了让区块链安全公司 Peckshield 成为第一批识别资金动向的链上分析平台之一。

It seems the rugged @AnubisDAO funds are being washed via @TornadoCash https://t.co/DPoZ1ifSNX https://t.co/LvDSUsL6tS pic.twitter.com/mKfSdTE6D9
— PeckShieldAlert (@PeckShieldAlert) July 16, 2023
看来坚固的 @AnubisDAO 资金正在通过 @TornadoCash https://t.co/DPoZ1ifSNX https://t.co/LvDSUsL6tS pic.twitter.com/mKfSdTE6D9 — PeckShieldAlert (@PeckShieldAlert) 2023 年 7 月 16 日被清洗

Hackers may be involved in other online scams

黑客可能参与其他在线诈骗

Further deep-dive reveals that Ersan is a notorious exploiter who “works with multiple ‘suppliers’ for a scam website known as CDGORoll.”

进一步深入研究表明，Ersan 是一位臭名昭著的剥削者，他“与多个‘供应商’合作开发一个名为 CDGORoll 的诈骗网站。”

Warren, another blockchain analyst, links Ersan to high-level and coordinated online casino scams involving shady payment processors and x-rated website hosting services.

另一位区块链分析师沃伦 (Warren) 将 Ersan 与高级且协调的在线赌场诈骗联系起来，涉及可疑的支付处理器和 x 级网站托管服务。

Great finds, Zach.

Ersan, the owner of the address you mentioned in the 3rd tweet, works with multiple "suppliers" for a scam website known as CSGORoll. The money is laundered through there into some very odd places. This site is a hub for illegal funds. https://t.co/cdhA8V5WIt
— Warren (@variancewarren) July 20, 2023
伟大的发现，Zach.Ersan，您在第三条推文中提到的地址的所有者，与多个“供应商”合作，为一个名为 CSGORoll 的诈骗网站提供服务。这些钱通过那里被洗到一些非常奇怪的地方。该网站是非法资金的中心。 https://t.co/cdhA8V5WIt— 沃伦 (@variancewarren) 2023 年 7 月 20 日

This breakdown comes weeks after PolyNetwork was hacked for millions of dollars.

此次故障发生几周前，PolyNetwork 遭到黑客攻击，损失了数百万美元。

Given the size and patience of the AnubisDAO exploiters, investors may have to watch as their investment disappears into the Tornado Cash black hole.

考虑到 AnubisDAO 开发者的规模和耐心，投资者可能不得不眼睁睁地看着他们的投资消失在 Tornado Cash 黑洞中。

了解更多：PolyNetwork 据称遭到黑客攻击，检测到大量交易