Attackers who managed to gain access to the accounts of many celebrities on Twitter transferred the received funds to a separate address. Previously, it was used to send funds to Coinbase and BitPay and CoinPayments services.
Recall, unknown attackers hacked Twitter accounts of Binance CEO Changpeng Zhao, Bill Gates, Jeff Bezos, Elon Musk, and many others. On the pages of hacked celebrity accounts, were posted messages about the fake distribution of 5000 BTC from an unknown site Cryptoforhealth.
According to Whitestream blockchain analysts, three transactions sent by the following address lead to Coinbase and BitPay wallets. 14.75 BTC (almost $135,000) managed to arrive at this address. Subsequently, hackers used a bech32 address.
The first transaction involves the transfer of 1.2 BTC ($11,000) in May this year. In the second and third, insignificant amounts appeared a few days before the current events. Experts believe that at that time the hacker was in the process of switching to a bech32 address. The nature of the last two transactions prompted them to such a thought.
The company believes that the recipients of the funds will reveal the identity of their sender. However, the investigation may not be so simple if the attacker's transactions were connected with payments to merchants through these services.
Whitestream suggested that the attacker used the old address intentionally to confuse the traces in order to conduct an attack.