shanefontaine
commented
2 years ago Thank you for your report.
Unfortunately, none of these addresses are eligible. All eligible addresses are here.
It looks like they were submitted in #513.
Closed gitNickV closed 2 years ago
shanefontaine
commented
2 years ago Thank you for your report.
Unfortunately, none of these addresses are eligible. All eligible addresses are here.
It looks like they were submitted in #513.
Related Addresses
0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 0x55efe9d55e9c907e4cbc4786597a5171fe2bb5d7 0x19c6469a379202e4e609efef589594aa8817ffe8 0x1fe75249bae5791c78d6f292851a7f38af34a1cd 0x949442a84efc7c07b22f02e0726b19388ff2fbea 0x534966ec6f92dbb9883fd402b107abdc5c2664a7 0x31d59c28618ae3c5ecdd4ee5eb3810553bf16ba3 0x75860813cd32de6195384a18dde980c666223f44 0x58f69318b6aa34c6112981e123b8d125b9697f45 0x38f8e58554373f1ebc7b5596f4d39ccb74ad060a
Reasoning
It is a group of 10 wallets who owned by 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5
Methodology
I analysed initial fundings those wallets made on different blockchains. That is this abuser's history:
It is starts from this account: 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 On 10.11.2020 at 8:49 he created a new wallet (0x38f8e58554373f1ebc7b5596f4d39ccb74ad060a) funded it on Ethereum from his main wallet and used him for his secondary pruposes. On 07.05.2021 at 12:07 he created third account (0x55efe9d55e9c907e4cbc4786597a5171fe2bb5d7), funded it same way and used for some othere purposes.
In Ocotober 2021 he faced with airdrop hunting hype. At first he just bridged some funds from Ethereum to Optimism, Arbitrum and zkSync on all of 3 accounts he have (he made it on October 16 between 8:58 and 12:12) to try to hunt some drop from them.
But in 3 days in October 2021 he created extra 7 accounts to abuse some airdrops: 0x1fe75249bae5791c78d6f292851a7f38af34a1cd funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 19.10.2021 at 18:18 0x949442a84efc7c07b22f02e0726b19388ff2fbea funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 19.10.2021 at 18:21 0x19c6469a379202e4e609efef589594aa8817ffe8 funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 19.10.2021 at 18:33 0x31d59c28618ae3c5ecdd4ee5eb3810553bf16ba3 funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 20.10.2021 at 13:07 0x534966ec6f92dbb9883fd402b107abdc5c2664a7 funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 22.10.2021 at 6:46 0x75860813cd32de6195384a18dde980c666223f44 funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 22.10.2021 at 12:49 0x58f69318b6aa34c6112981e123b8d125b9697f45 funded from same 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 on 22.10.2021 at 12:50
Connection between 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5 and batch of 7 accounts is pretty obvious.
0x38f8e58554373f1ebc7b5596f4d39ccb74ad060a and 0x55efe9d55e9c907e4cbc4786597a5171fe2bb5d7 that was created before have some their individual activity on some blockchains. But on Optimism for example it is easy to see that they act pretty similar to each other and other wallets of this group:
Them: https://optimistic.etherscan.io/address/0x38f8e58554373f1ebc7b5596f4d39ccb74ad060a https://optimistic.etherscan.io/address/0x55efe9d55e9c907e4cbc4786597a5171fe2bb5d7 A couple wallets from this batch: https://optimistic.etherscan.io/address/0x534966ec6f92dbb9883fd402b107abdc5c2664a7 https://optimistic.etherscan.io/address/0x19c6469a379202e4e609efef589594aa8817ffe8 Same activity at same dates
Rewards Address
0x72153F1040BDfe6961bB73448f1AF265B2bFDf0b