On December 5th, COINOTAG reported significant developments in the ongoing saga of the DEXX attack. Coindan, the founder of SlowMist, has disclosed a detailed list of addresses associated with the DEXX attackers leveraging cross-chain transactions to Ethereum. The implicated addresses, such as 0xFFFa5823f73a3F43B75c2E586DFB05b51e7B7BeA and several others, underline a sophisticated approach to asset laundering.
In a concerning update, it appears that those behind the attack are consolidating the stolen decentralized funds on the Solana network. The attackers have employed the Wormhole cross-chain service, further complicating the recovery of these assets. This strategic move to shift funds to Ethereum addresses, particularly those starting with 0xffe224e, marks a calculated effort to obscure the source of the illicit gains.