An address connected to the BNB bridge exploiter has moved $74 million worth of crypto to 0x5313, becoming the fourth-largest Rocket Pool’s rETH whale, blockchain security firm PeckShield reported.
According to PeckShield, the crypto assets transferred to the new wallet included 43,228 stETH, worth about $70 million, 1,679 Rocket Pool’s rETH, worth $2.9 million, and 771 ETH, valued at $1.27 million. The account further swapped $7 million in crypto assets, including 6.2 million USDC and 472 ETH for 3,990 rETH.
BNB Exploiter: The Fourth-Largest Holder of rETH
The 0x5313 is now one of the largest holders of staked Ethereum, with over $82 million in liquid staked ETH from the top two platforms. This includes 39,000 wrapped LDO, stETH, and 5,700 RocketPool staked ETH.
With its rETH holding valued at $10 million, the exploiter is now the fourth largest holder of rETH. RocketPool staked ETH and Wrapped Lido stETH are trading at a premium to ETH itself.
The BNB bridge exploiter took advantage of a bridge vulnerability to steal 2 million BNB tokens valued at over $500 million in October 2022.
At the time, Binance decided to temporarily pause the BNB Smart Chain to prevent the hacker from moving the funds. The exploiter was only able to successfully move about $100 million worth of assets before the rest were frozen. Since then, the hacker has been using decentralized protocols to move assets.
Arkham Intelligence data shows that the address used 1inch to swap 33,000 ETH valued at $50 million for stETH. It also received 8.9 million worth of stETH in two transactions from 0x68EA8. After transferring most of its assets today to 0x5313, the exploiter moved 0.2 ETH to 0x4Ad.
All these fund transfers appear to be part of a strategy by the hacker to obfuscate his transactions. It could also be a way to minimize losses after the exploiter lost 7.18 million JUSDTNative due to liquidation on his AVAX position.
DeFi exploits have been relatively low this year. PeckShield reported that there were only $8.8 million in crypto losses due to exploits in January. That is a 93% year-on-year decline from 24 exploits.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.