Two years ago, AnubisDAO was rug-pulled for about $60 million worth of Ethereum (ETH) and funds were never recovered. However, the blockchain never forgets and block analysts have been keeping an eye on Anubis exploiter wallets.
New on-chain analysis by ZachXBT may have revealed who the scammers are.
Deeper analysis reveals possible identity of exploiters
An analysis done by ZachXBT, an on-chain analyst, shows that the funds ended up in two exchange deposit addresses.
These addresses are 0x51da686c7a2f973ad11fafed6ce9a3ffc020349f, herein marked as (1) and 0x253d7ba533b7d13720fb5ec5a7d1e64d4ff3f58b, herein labeled as (2).
ZachXBT was able to trace a transaction of 95 ETH sent to (1) from bsl.eth, an address owned by Beerus. Up until now, the identity of the DAO exploiters had remained unknown. Upon further investigation, wallet (1) belongs to Ersan, a friend of Beerus.
While Beerus’ Twitter account is mainly dormant, having posted last in October 2021, Ersan is quite active, only recently posting on July 20, 2023.
AnubisDAO rug pull suspects laid low for 2 years
In October 2021, following the massive Dogecoin pump, AnubisDAO raised 13,556 ETH from crypto investors. However, just 20 hours after receiving the funds, the ETH was sent to different addresses in a rug pull.
The result was an immediate loss for investors.
Two years later, block analysts noticed a trend of the funds (13,556 ETH) getting bridged to Polygon before getting sent to two exchange deposit addresses. These funds were moved through Tornado Cash, a cryptocurrency mixer that completely anonymizes transactions.
As it turned out, the rug pullers didn’t move funds for over two years only for Peckshield, a blockchain security firm, to be among the first on-chain analytics platforms to pick out funds’ movements.
Hackers may be involved in other online scams
Further deep-dive reveals that Ersan is a notorious exploiter who “works with multiple ‘suppliers’ for a scam website known as CDGORoll.”
Warren, another blockchain analyst, links Ersan to high-level and coordinated online casino scams involving shady payment processors and x-rated website hosting services.
This breakdown comes weeks after PolyNetwork was hacked for millions of dollars.
Given the size and patience of the AnubisDAO exploiters, investors may have to watch as their investment disappears into the Tornado Cash black hole.