Shiba Inu Community Gets Answers as Sleuth Uncovers Shibarium Hack Money Trail

• Shiba Inu community members received answers to the September Shibarium hack that led to the loss of 92.6 billion SHIB and 224.57 ETH.
• Onchain sleuth Shima shared the details, noting that the hacker made a mistake by accidentally transferring 0.0874 ETH to a secret withdrawal wallet.

On-chain sleuth Shima has uncovered the full path that led to the Shibarium bridge hack experienced three months ago. His comments come shortly after the Shibarium bridge hacker refused to accept the bounty offered by K9 Finance.

Exposé of Shibarium Bridge Hack

Sleuth Shima explained on X that he has been investigating the Shibarium hack since it happened. Shima has now disclosed juicy details about the hack, which he found from an unexpected link.

According to Shima, the hacker made a major error that revealed the entire laundering trail. The sleuth said every stage of the Tornado Cash withdrawals and the later movements into KuCoin were completely exposed.

Describing the laundering process, the onchain sleuth said the hacker used a main wallet and nine “dumping” wallets to receive the stolen assets. 

Shima shared a MetaSleuth chart that showed the wallets formed an orange cluster. It marked the original Shibarium bridge exploit address, the movement of funds into nine wallets, and the gradual sale of the stolen tokens for ETH. These wallets led to the trail that eventually moved through Tornado Cash and into KuCoin. 

The on-chain sleuth added that he spent days tracing the blockchain and shared his findings with the Shibarium team. The onchain sleuth explained that he wanted the Shibarium team to involve law enforcement before going public. Meanwhile, KuCoin still had the option to freeze any funds. 

Shima further noted that his team reached out to the KuCoin fraud department. However, the exchange insisted on receiving a law-enforcement case number before taking action. Shima then decided to publish the complete analysis so victims and authorities could make their own decision when progress stalled.

As indicated in our earlier discussion, the attacker gained control of validator keys, draining 92.6 billion SHIB and 224.57 ETH. To restore chain integrity, the Shiba Inu (SHIB) team froze BONE, paused staking, and launched a forensic probe. They also unveiled a privacy upgrade for Shibarium and BONE shortly after.

The Shibarium Hacker Error

The sleuth noted that the entire strategy fell apart because a hacker-linked wallet accidentally sent 0.0874 ETH to a secret withdrawal wallet. Shima identified the sender as 0x45b5 and the receiver as 0x4476. 

He revealed he noticed this transfer while preparing a second bounty message and analyzing every address tied to the attacker. The small ETH transfer immediately stood out to Shima. He quickly discovered it provided the link he needed to uncover the entire laundering operation.

Accordingly, Shima investigated every transaction around 0x4476 and uncovered a larger cluster of Tornado-linked withdrawal wallets. Since the 0.0874 ETH transfer linked 0x4476 directly to the hack, Shima treated all connected wallets as part of the laundering network.

Consequently, he identified a pattern in which the attacker withdrew funds from Tornado Cash. Eventually, the attacker moved the funds through one to three intermediary wallets before transferring them into KuCoin deposit addresses.

Shima said he identified 48 KuCoin deposits involving 45 unique deposit addresses. He also found that KuCoin received 232.4949 ETH through 25 depositors. This is in addition to one reused deposit address linked to DAI from a separate exploit.