Menu Close

French police use Twitter crypto sleuth’s research to catch scammers

The alleged fraudsters built a BAYC and MAYC NFT focused website that masqueraded as a service to animate the apes but instead phished victims details to steal their NFTs.

French authorities have reportedly utilized research from pseudonymous blockchain sleuth ZachXBT to charge five people on suspicion of stealing $2.5 million worth of nonfungible tokens (NFTs) via phishing scams. 

According to an Oct. 12 report from the Agence France Presse (AFP) shared by Barron’s, the alleged fraudsters built a website that masqueraded as a service that animates the static artwork from people’s Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) NFTs. 

Unfortunately for the victims, they had their credentials swiped and their NFTs stolen via the phishing website instead. 

The five young suspects are said to be in their mid to late 20s, and had allegedly conducted the scheme between late 2021 and early 2022. 

The charges against the five include fraud committed as part of a criminal gang, concealing fraud and criminal association. 

Two of the suspects are thought to be the ring leaders, and prosecutors have requested for them to be held in pre-trial detention. 

ZachXBT provides key info

Christophe Durand, the deputy chief of France’s national cyber unit told the AFP that it got clued into the incident after observing an investigation from the self-proclaimed “on-chain sleuth” ZachXBT on Twitter. 

Durand explained that ZachXBT had launched into an investigation in response to requests from “the community of owners of the Bored Ape Yacht Club series” that had their tokens swiped. 

Over on Twitter, ZachXBT noted that they were “very pleased” to see that French authorities had taken action against the alleged scammers. The sleuth was also happy to see their work was officially credited online, given that they are an independent investigator that is funded by community donations. 

ZachXBT also linked back to their original Aug. 9 article that he said helped kick off the investigation. 

A key part of the research revolved around the alleged scammers’ use of Tornado Cash to mix and withdraw the funds. 

ZachXBT outlined that the “mathys.eth” address in particular left revealing breadcrumbs, as they often withdrew intervals of 10 ETH that added up to the value the NFTs were sold for, around the time they were stolen. 

“While the scammer did make an attempt to hide their breadcrumb trail by depositing the stolen funds into Tornado Cash, they were not careful about covering their tracks when it came to withdrawing the funds from Tornado.”

ZachXBT has posted a series of on-chain investigations focused on rug pulls, scams, hacks and pump and dumps, and has developed a strong Twitter following of 303,200 for their efforts. 

At the start of this month, ZachXBT launched an investigation into the $450,000 Beeple Discord hack to find the people responsible. Cointelegraph also reported on ZachXBTs recent research and allegations from Sept. 29 accusing Crypto influencer Lark Davis of shilling a series of “low cap projects” just to dump on “them shortly after.”

The London Crypto Exchange is a publisher of financial information, not an investment adviser. We do not provide personalized or individualized investment advice. Cryptocurrencies are volatile investments and carry significant risk including the risk of permanent and total loss. Past performance is not indicative of future results. Figures and charts are correct at the time of writing or as otherwise specified. Live-tested strategies are not recommendations. Consult your financial advisor before making financial decisions.