Two group multi-sign abnormal transactions

[skyonedot]

Related Safe Addresses

This group is used as a subset of issue124, as the more obvious airdrop farmer behavior is found here

1.
0x08352d892673fa0fd2227bbaaf1e05d3dc018825
0xeece31bf6f7d63e28529e571dea616de16812366
0x11f43b0cb4e2a0939ba4f4214d33807e3c41ea6b
0x12024106a59d0677d65b030b052a1bd60a6710c3
0x16f8da92d12f08bc0b0d1cd361d1219484449d2e
0x19141747077f9c6017d9d5c0e0d8de747f2aef0c
0x2294fa5b0de84acbaaa7192db23e46cf4fe07848
0x2ebc5a8ab559c9b1d4a5de6952bc4b1fcf4b2132
0x3334b0b9db6e272b3f40a074e6e2ccdb6c30fdd0
0x36e2c755a2107c20f45263b60b8e305191a38bd4
0x38c4f59abff25b3696a7bf9bac6f5eea346f8f9a
0x40db40f4e45e7899c0b324718f4f5882dac34ccd
0x41af2b0e290fde05a59db1196f0431f2e21ff9fb
0x464fd65185370c6880127735c9ed26270809ae17
0x56fde90efbbafaebfacf85840772bcc286ae8bf1
0x59b12e90684257e56491bf6e3718f1ee7649dbee
0x601c4e1e1ee9e928b1048c359fb0a9d6089c670d
0x6cdaa77aa1e66df45abe1186abec8d3ad1897b99
0x6f2ff7b676cac45122f7804e908b6aa6be806a36
0x8030e7ba27814bb7611567fc42fb78d09385370d
0x82c9617efbcb476f68a25a49d001a954aa58e9aa
0x82e2bafbcfde627892fd8bc7a6885a418c4d963a
0x9178c782278e04a8a1678a1a0f2b82002786f03c
0x93418ab6e1b4b659913a5b93286a1435421a5ce8
0x982009030d9bb252f54fb5acd78482b7ade7355d
0xa20b385ddbce71327856c2fce2ded0200542576c
0xba1f5dbe2b6827cdb780220c58793eba166b21ff
0xbde92af647e44df275d32de7ab7d922cfd1c74f5
0xc0e065659d4855eae444f0bbabd483cdf3e9c240
0xc6842c9b5996af9d255b9855f033c461ffb4e311
0xcef5903bc5745963f508960e8881b9887d256be0
0xe3d1f8789fdcb784392cac0ded2585d68e5fda2e
0xe6ed999d806cb2ddf027bec084dbcf52677aa5a3

2.
0x0167efcf8779540c0c663988223c8af1c987dd27
0xfce853eaf6e6256033c2de33a0e850838ab0dd4d
0x02308b53273ab3494d482d5fb3d1f0710acb0890
0x0664e2399d15e744893a51f45aa2e855bffa5e34
0x0968989a87b6fec3140ae2ff19eaac049e48a1d8
0x0e0d46d1eb35faaf40ec9d6b1ebb20ed4ebaa6c3
0x217553912f41594e6e1db45530833e9518f80608
0x21ff718da8f01fdbba456d85035b9b3529d787ad
0x2916965cb25030cea3045833e36743badef32aed
0x2949353eb259a91bfb17398da5451a5dd8747729
0x299b68ac4725f5be3063f4cd33c627a3b12cdce0
0x2c681dfaeb767b0d2566e60c0f78bfb7c59c72db
0x2e192fe2f1d3b41a6c2ef870414701e6154444da
0x30664df7d38b104dc7a29aeda3d8ee75afbab131
0x3437977766fe4e39d5ade5206470ae9aef15f7ac
0x35e7e80eedb82e57a89a1e461e53389631f500d0
0x3bdd8472e1d18a89cd5016789fd1a66bbe352cf2
0x4a8c28b424bbd58799b766edeced5b29f86cf8ff
0x58c43c94f6e85a1a21d8850d273548c2640b7211
0x58e940d446c0899179275b53f9ecf77e1c4c65e9
0x5d37ee15c43fa22e303ebfa94fe7a19941e65fbd
0x65c5d27ff7facbd993aeec2ccddc91174e05c80f
0x68e77a8145579416f3eda9aed049d5cf91a53282
0x7c9e2a508d93398b65fa2aece3f256e3320fb065
0x85115b8210be88f28ca35ac38bf272a0e1b8a0af
0x872d65baa9e8feca7d6dd65796b2855c18c30a54
0x8b302d87794f62fce8e8ee1fd1e2ad7a815d35a8
0x8c5b88dc02919177452515114a9000e37510cc7c
0x8d0c0de7b9f6533329ab65658578e607425a9f9f
0x956e68cecc3096ca1c1a1a234b8c64404e094446
0x9d2457f5eb132415b8f3c7582791bdaef0ae77ad
0x9e77a2839f572f2bf42b294083cae9bb4c875264
0xa0c33d89c9f8782275b4302f0b37818df4acc506
0xa1867846ad5a22af54e0fb30d718a7dd53fcabbb
0xa8246172595716fa28d62e0e5e26719a87ba67d1
0xab345d31c805dfbc6983734010da19d5ee920058
0xabb966b8be466a63ce3b1c5c1cb84c8d923439d5
0xadd69f901baff4da16eda2c1ca0e966918d33502
0xaf67fa1e357a550e78fb94831ed230500d775020
0xb3268b45aadc4cc57cd6e723e481520ba9b43a39
0xb6c4a7c7dea089b5ed013da45a46f4f9605245c7
0xbfa823f5f7c9a13c0bbf362596fda6a2b0284ec8
0xc18924a3e29045b76327ac6683bbf30df1c4ef28
0xc6db09a301bfb0991458074199a905245f13d043
0xcb809e0951054742b1b86761d23b51a56ddab26f
0xd28c72c40b6ee8a9b29432ba884e0e2d73295f4d
0xd78ae938f0f6df5156eab14d60da23aa3a4aa6e1
0xdd4dec45868677d990f98e6ca823c681a3b0b632
0xe828fb89dcfdf3f17200acadc81610ca6b3bd105
0xe8d6e069811a736301ce5ec08ef30a5ead2efc6c
0xf23a6093e31eb5ab913c8c459ed97c4d2085824b
0xf5ea4f180458817a597eef593ae296514a0008e6
0xf7a116312c6cc8af4e7e1d31e89642b681c14829

Reasoning

The reason why these two group lists are taken out is that

• group1 only deals with USDT, not any other Tokens 🚨🚨🚨
• And group1 sends many transactions to group2, all of them are USDT 🚨🚨
• But group2 has never sent any Token to group1 🚨🚨

Please see Reason#3 for the details of transactions

There are three Groups here, and the abnormal behavior of these two Groups is as follows:

• owner has never changed, it is the same address from the beginning to now
• owner has a large number of empty wallets, i.e. wallets that have not been manipulated in any way
• owners have transferred money to each other, obviously airdrop farmer

---

1.

0x08352d892673fa0fd2227bbaaf1e05d3dc018825 -- only execute 1 transactions 
0x9178c782278e04a8a1678a1a0f2b82002786f03c -- only execute 2 transactions 
0x11f43b0cb4e2a0939ba4f4214d33807e3c41ea6b -- only execute 5 transactions 
0x12024106a59d0677d65b030b052a1bd60a6710c3 -- only execute 1 transactions 
0x16f8da92d12f08bc0b0d1cd361d1219484449d2e -- only execute 6 transactions 
0x19141747077f9c6017d9d5c0e0d8de747f2aef0c -- only execute 1 transactions 
0x2294fa5b0de84acbaaa7192db23e46cf4fe07848 -- only execute 1 transactions 
0x2ebc5a8ab559c9b1d4a5de6952bc4b1fcf4b2132 -- only execute 3 transactions 
0x3334b0b9db6e272b3f40a074e6e2ccdb6c30fdd0 -- only execute 1 transactions 
0x36e2c755a2107c20f45263b60b8e305191a38bd4 -- only execute 1 transactions 
0x38c4f59abff25b3696a7bf9bac6f5eea346f8f9a -- only execute 1 transactions 
0x40db40f4e45e7899c0b324718f4f5882dac34ccd -- only execute 2 transactions 
0x41af2b0e290fde05a59db1196f0431f2e21ff9fb -- only execute 5 transactions 
0x464fd65185370c6880127735c9ed26270809ae17 -- only execute 6 transactions 
0x56fde90efbbafaebfacf85840772bcc286ae8bf1 -- only execute 2 transactions 
0x59b12e90684257e56491bf6e3718f1ee7649dbee -- only execute 1 transactions 
0x601c4e1e1ee9e928b1048c359fb0a9d6089c670d -- only execute 1 transactions 
0x6cdaa77aa1e66df45abe1186abec8d3ad1897b99 -- only execute 1 transactions 
0x6f2ff7b676cac45122f7804e908b6aa6be806a36 -- only execute 1 transactions 
0x8030e7ba27814bb7611567fc42fb78d09385370d -- only execute 2 transactions 
0x82c9617efbcb476f68a25a49d001a954aa58e9aa -- only execute 1 transactions 
0x82e2bafbcfde627892fd8bc7a6885a418c4d963a -- only execute 1 transactions 
0x93418ab6e1b4b659913a5b93286a1435421a5ce8 -- only execute 5 transactions 
0x982009030d9bb252f54fb5acd78482b7ade7355d -- only execute 1 transactions 
0xa20b385ddbce71327856c2fce2ded0200542576c -- only execute 5 transactions 
0xba1f5dbe2b6827cdb780220c58793eba166b21ff -- only execute 1 transactions 
0xbde92af647e44df275d32de7ab7d922cfd1c74f5 -- only execute 1 transactions 
0xc0e065659d4855eae444f0bbabd483cdf3e9c240 -- only execute 1 transactions 
0xc6842c9b5996af9d255b9855f033c461ffb4e311 -- only execute 5 transactions 
0xcef5903bc5745963f508960e8881b9887d256be0 -- only execute 5 transactions 
0xe3d1f8789fdcb784392cac0ded2585d68e5fda2e -- only execute 1 transactions 
0xe6ed999d806cb2ddf027bec084dbcf52677aa5a3 -- only execute 1 transactions 
0xeece31bf6f7d63e28529e571dea616de16812366 -- only execute 1 transactions 

• Only about USDT execute transacion on the multi-sign account, no other token. And tranfer USDT has an big overlap of destination addresses

• The owner of the above three multi-sign addresses are all

The Owner is the same group address, and it is obviously related.

• 0x209b3271778360d8f8ef3010678a955a7feff7c3, owner send 0 transactions Empty Wallet
• 0x3ea3c70534b683006e1078c8bc663ce9f691dbea, owner send 0 transactions Empty Wallet
• 0x6faf253a449c04e281d1fb10840da9a9240b5bdf, owner send 0 transactions Empty Wallet
• 0xe0df26b1cc6674084bb7ada97d3347004c61888b, owner send 0 transactions Empty Wallet
• 0x3f86d374414010869ea83fe552ac36e101afdbb4, owner send 35 transactions wallet1
• 0x6efd37a28c6d3478f67f1c7546611826cdccb308, owner send 82 transactions wallet2, First Money Came From to wallet1 https://etherscan.io/tx/0xdb80e1ab3b3f6d812d99e6661c309647d392034450a286435718e3b200ec4507 ,Last Money Tranfer To Wallet1: https://etherscan.io/tx/0x71717192c565e410ce26c21bb6a84bea6551feb09169c17799a735b08b3d5d5c

---

2.

0x0167efcf8779540c0c663988223c8af1c987dd27 -- only execute 3 transactions 
0xcb809e0951054742b1b86761d23b51a56ddab26f -- only execute 1 transactions 
0x02308b53273ab3494d482d5fb3d1f0710acb0890 -- only execute 1 transactions 
0x0664e2399d15e744893a51f45aa2e855bffa5e34 -- only execute 1 transactions 
0x0968989a87b6fec3140ae2ff19eaac049e48a1d8 -- only execute 1 transactions 
0x0e0d46d1eb35faaf40ec9d6b1ebb20ed4ebaa6c3 -- only execute 3 transactions 
0x217553912f41594e6e1db45530833e9518f80608 -- only execute 1 transactions 
0x21ff718da8f01fdbba456d85035b9b3529d787ad -- only execute 1 transactions 
0x2916965cb25030cea3045833e36743badef32aed -- only execute 2 transactions 
0x2949353eb259a91bfb17398da5451a5dd8747729 -- only execute 1 transactions 
0x299b68ac4725f5be3063f4cd33c627a3b12cdce0 -- only execute 1 transactions 
0x2c681dfaeb767b0d2566e60c0f78bfb7c59c72db -- only execute 3 transactions 
0x2e192fe2f1d3b41a6c2ef870414701e6154444da -- only execute 1 transactions 
0x30664df7d38b104dc7a29aeda3d8ee75afbab131 -- only execute 1 transactions 
0x3437977766fe4e39d5ade5206470ae9aef15f7ac -- only execute 1 transactions 
0x35e7e80eedb82e57a89a1e461e53389631f500d0 -- only execute 1 transactions 
0x3bdd8472e1d18a89cd5016789fd1a66bbe352cf2 -- only execute 1 transactions 
0x4a8c28b424bbd58799b766edeced5b29f86cf8ff -- only execute 1 transactions 
0x58c43c94f6e85a1a21d8850d273548c2640b7211 -- only execute 1 transactions 
0x58e940d446c0899179275b53f9ecf77e1c4c65e9 -- only execute 2 transactions 
0x5d37ee15c43fa22e303ebfa94fe7a19941e65fbd -- only execute 2 transactions 
0x65c5d27ff7facbd993aeec2ccddc91174e05c80f -- only execute 1 transactions 
0x68e77a8145579416f3eda9aed049d5cf91a53282 -- only execute 2 transactions 
0x7c9e2a508d93398b65fa2aece3f256e3320fb065 -- only execute 2 transactions 
0x85115b8210be88f28ca35ac38bf272a0e1b8a0af -- only execute 1 transactions 
0x872d65baa9e8feca7d6dd65796b2855c18c30a54 -- only execute 1 transactions 
0x8b302d87794f62fce8e8ee1fd1e2ad7a815d35a8 -- only execute 1 transactions 
0x8c5b88dc02919177452515114a9000e37510cc7c -- only execute 1 transactions 
0x8d0c0de7b9f6533329ab65658578e607425a9f9f -- only execute 2 transactions 
0x956e68cecc3096ca1c1a1a234b8c64404e094446 -- only execute 1 transactions 
0x9d2457f5eb132415b8f3c7582791bdaef0ae77ad -- only execute 2 transactions 
0x9e77a2839f572f2bf42b294083cae9bb4c875264 -- only execute 1 transactions 
0xa0c33d89c9f8782275b4302f0b37818df4acc506 -- only execute 2 transactions 
0xa1867846ad5a22af54e0fb30d718a7dd53fcabbb -- only execute 1 transactions 
0xa8246172595716fa28d62e0e5e26719a87ba67d1 -- only execute 1 transactions 
0xab345d31c805dfbc6983734010da19d5ee920058 -- only execute 1 transactions 
0xabb966b8be466a63ce3b1c5c1cb84c8d923439d5 -- only execute 1 transactions 
0xadd69f901baff4da16eda2c1ca0e966918d33502 -- only execute 1 transactions 
0xaf67fa1e357a550e78fb94831ed230500d775020 -- only execute 1 transactions 
0xb3268b45aadc4cc57cd6e723e481520ba9b43a39 -- only execute 2 transactions 
0xbfa823f5f7c9a13c0bbf362596fda6a2b0284ec8 -- only execute 1 transactions 
0xc18924a3e29045b76327ac6683bbf30df1c4ef28 -- only execute 1 transactions 
0xc6db09a301bfb0991458074199a905245f13d043 -- only execute 1 transactions 
0xd28c72c40b6ee8a9b29432ba884e0e2d73295f4d -- only execute 1 transactions 
0xd78ae938f0f6df5156eab14d60da23aa3a4aa6e1 -- only execute 1 transactions 
0xdd4dec45868677d990f98e6ca823c681a3b0b632 -- only execute 1 transactions 
0xe828fb89dcfdf3f17200acadc81610ca6b3bd105 -- only execute 1 transactions 
0xe8d6e069811a736301ce5ec08ef30a5ead2efc6c -- only execute 1 transactions 
0xf23a6093e31eb5ab913c8c459ed97c4d2085824b -- only execute 1 transactions 
0xf5ea4f180458817a597eef593ae296514a0008e6 -- only execute 1 transactions 
0xf7a116312c6cc8af4e7e1d31e89642b681c14829 -- only execute 1 transactions 
0xfce853eaf6e6256033c2de33a0e850838ab0dd4d -- only execute 1 transactions 
0xb6c4a7c7dea089b5ed013da45a46f4f9605245c7 -- only execute 1 transactions 

• Only about USDT execute transacion on the multi-sign account, no other token.

• The Owner is the same group address, and it is obviously related.

  • 0x290e556cae1d0d17c550edc8f9ed9208e268ed5b, owner send 86 transactions Main Wallet, Distribute money to small wallet
  • 0x7684370cd8755c4ac5bef0bb29bb787130df6818, owner send 1 transactions , wallet2 First Fund Came From Wallet 1: https://etherscan.io/tx/0x9d120886bbb82caba7c99f949db214770eeabe4ebc59f9622ac0960c31acdd6d`0x9d120886bbb82caba7c99f949db214770eeabe4ebc59f9622ac0960c31acdd6d
  • 0xca33b0edfb55c99d99b1d8f76f07ffe88036083d, owner send 58 transactions, wallet3
  • 0xa9062f9367987970b6c17128b9ee0cd07c3ce920, owner send 0 transactions Empty Wallet
  • 0xc2a8264a49be2fc5bca778b7a61b1e5129169b80, owner send 0 transactions Empty Wallet
  • 0x43c9b6d9ca494c5e87ecbd524fa7381c4f4ae3f4, owner send 0 transactions Empty Wallet

---

3. Group1 Transfer USDT to Group2 txs (group2 never send token to group1):

• 0xcef5903bc5745963f508960e8881b9887d256be0 send USDT to 0xd28c72c40b6ee8a9b29432ba884e0e2d73295f4d check it https://etherscan.io/tx/0x09c661e4fedc68017c58f72ec1523dc9eafd434c2e3730fd00c3bce441250db4
• 0xeece31bf6f7d63e28529e571dea616de16812366 send USDT to 0x2949353eb259a91bfb17398da5451a5dd8747729 check it https://etherscan.io/tx/0x0a1c8baa7c10b428c7ea565d1ec6adb50664b35846e94304e409f7366dc85d06
• 0x56fde90efbbafaebfacf85840772bcc286ae8bf1 send USDT to 0x68e77a8145579416f3eda9aed049d5cf91a53282 check it https://etherscan.io/tx/0x136ffc62440f333be76fb0b53c11ef82c895196b3b0dca6527bb4a9d711404c6
• 0x38c4f59abff25b3696a7bf9bac6f5eea346f8f9a send USDT to 0x956e68cecc3096ca1c1a1a234b8c64404e094446 check it https://etherscan.io/tx/0x1a67f2194479b85b9e87d7abc595342022188f2e75953a1af1130c52bc3f67f7
• 0x19141747077f9c6017d9d5c0e0d8de747f2aef0c send USDT to 0xb6c4a7c7dea089b5ed013da45a46f4f9605245c7 check it https://etherscan.io/tx/0x1c1bc6a3260892535d8675e78adaff84e11ff0cd76bc6c76ac96888192f5f41e
• 0x16f8da92d12f08bc0b0d1cd361d1219484449d2e send USDT to 0x7c9e2a508d93398b65fa2aece3f256e3320fb065 check it https://etherscan.io/tx/0x23d60ae18239c5cf66f93a6c591ab47b98ddff0a187bb0f4188d3db033567d0a
• 0xc0e065659d4855eae444f0bbabd483cdf3e9c240 send USDT to 0x8c5b88dc02919177452515114a9000e37510cc7c check it https://etherscan.io/tx/0x439f611dcea2d704671fa9e0f1ff4e08d010a25e78f57ebf15e9fe5623ecc48a
• 0x6cdaa77aa1e66df45abe1186abec8d3ad1897b99 send USDT to 0x5d37ee15c43fa22e303ebfa94fe7a19941e65fbd check it https://etherscan.io/tx/0x4a35b18a78402b8a9c0570d2ecc30001533d4e031954846113c3dd4b06f6cc25
• 0xe3d1f8789fdcb784392cac0ded2585d68e5fda2e send USDT to 0xc18924a3e29045b76327ac6683bbf30df1c4ef28 check it https://etherscan.io/tx/0x4ca3ccc61e08ac54b1f9afe804d93887727c128cdc3a5ab738f93c91197ee587
• 0x9178c782278e04a8a1678a1a0f2b82002786f03c send USDT to 0x0968989a87b6fec3140ae2ff19eaac049e48a1d8 check it https://etherscan.io/tx/0x4d11823756af185ff3b575f7429a518597435645e5c7a3a379d13bb52e76f4e5
• 0x2ebc5a8ab559c9b1d4a5de6952bc4b1fcf4b2132 send USDT to 0x68e77a8145579416f3eda9aed049d5cf91a53282 check it https://etherscan.io/tx/0x4dd9d8e0e3850ebbb952f1234918c903d744aa4f1ca143697b73c60f1238595b
• 0x16f8da92d12f08bc0b0d1cd361d1219484449d2e send USDT to 0xf5ea4f180458817a597eef593ae296514a0008e6 check it https://etherscan.io/tx/0x5d709b001ce3785f12d5f80fbaaf344b41e6a030631426759263e06d8f58d484
• 0xe6ed999d806cb2ddf027bec084dbcf52677aa5a3 send USDT to 0x4a8c28b424bbd58799b766edeced5b29f86cf8ff check it https://etherscan.io/tx/0x60a5890b000161b5846bd013cfb453f6cef6258581d67a16f2c64ea5f9194c52
• 0x8030e7ba27814bb7611567fc42fb78d09385370d send USDT to 0x85115b8210be88f28ca35ac38bf272a0e1b8a0af check it https://etherscan.io/tx/0x60fdbc009433d62595c12630c63f24916bcc0abbc1f6b306b547af2ae5b6b804
• 0x11f43b0cb4e2a0939ba4f4214d33807e3c41ea6b send USDT to 0xd78ae938f0f6df5156eab14d60da23aa3a4aa6e1 check it https://etherscan.io/tx/0x61869fe959e754b3ee7feeb7aa23a42f419300c8fbd0c30e91da8063c84d51d8
• 0x82c9617efbcb476f68a25a49d001a954aa58e9aa send USDT to 0xd78ae938f0f6df5156eab14d60da23aa3a4aa6e1 check it https://etherscan.io/tx/0x714bb9c80cbd4d63de4e898aabb3c82224c294d7837ed180d2a1d34b3689588f
• 0x08352d892673fa0fd2227bbaaf1e05d3dc018825 send USDT to 0xb3268b45aadc4cc57cd6e723e481520ba9b43a39 check it https://etherscan.io/tx/0x728beeb435724aff6164665cae79c8828282b645cc4b08e0eea27bf16fd1bb76
• 0x982009030d9bb252f54fb5acd78482b7ade7355d send USDT to 0x7c9e2a508d93398b65fa2aece3f256e3320fb065 check it https://etherscan.io/tx/0x7937c7aa8c140f19eb68373dbe1bbce8211991af3ac5e786a60b8644801ebf1d
• 0x2ebc5a8ab559c9b1d4a5de6952bc4b1fcf4b2132 send USDT to 0xb6c4a7c7dea089b5ed013da45a46f4f9605245c7 check it https://etherscan.io/tx/0x8227d27ae09cdc5d501ffdc3c96910d246cbd51ea55ed12858f80e81bfd4d5e2
• 0x82e2bafbcfde627892fd8bc7a6885a418c4d963a send USDT to 0x3437977766fe4e39d5ade5206470ae9aef15f7ac check it https://etherscan.io/tx/0x83bbf4e78b56353613211c34aca57c4569458cfd286803ef6c9e31810357b1be
• 0xa20b385ddbce71327856c2fce2ded0200542576c send USDT to 0xc18924a3e29045b76327ac6683bbf30df1c4ef28 check it https://etherscan.io/tx/0x8d1fd500b2fa8a4f87117c43ba28b341f9509c7e78f59276853310b6a38d56cd
• 0xba1f5dbe2b6827cdb780220c58793eba166b21ff send USDT to 0x0968989a87b6fec3140ae2ff19eaac049e48a1d8 check it https://etherscan.io/tx/0x96f31331010e0459711667a8e2270a3ea77eda6b7d34cb8c3cd2419753b1d294
• 0x2294fa5b0de84acbaaa7192db23e46cf4fe07848 send USDT to 0xadd69f901baff4da16eda2c1ca0e966918d33502 check it https://etherscan.io/tx/0x977efba09e57e8723a196a948c418a9a4a0681c607af23e47a4f6ea7eeb1ef1c
• 0x6f2ff7b676cac45122f7804e908b6aa6be806a36 send USDT to 0x0664e2399d15e744893a51f45aa2e855bffa5e34 check it https://etherscan.io/tx/0x9cbf1c4dee682062ed59ad0b893027e157d877bb1fecee5b16cf44c7e955325b
• 0x9178c782278e04a8a1678a1a0f2b82002786f03c send USDT to 0x35e7e80eedb82e57a89a1e461e53389631f500d0 check it https://etherscan.io/tx/0xa5218bf3d2dd43d3501e2e6db9cae38b3b32631f0e0c952bed2fbb446a8365dc
• 0x40db40f4e45e7899c0b324718f4f5882dac34ccd send USDT to 0x58e940d446c0899179275b53f9ecf77e1c4c65e9 check it https://etherscan.io/tx/0xa5eff076d290f84a0a0e873d167ec0ce28ce3ce370305287b60613749ed11505
• 0x601c4e1e1ee9e928b1048c359fb0a9d6089c670d send USDT to 0x35e7e80eedb82e57a89a1e461e53389631f500d0 check it https://etherscan.io/tx/0xa64362856c7ea9136075971f0f13063ec021055a0aae4f28039305dd47908376
• 0xc6842c9b5996af9d255b9855f033c461ffb4e311 send USDT to 0xab345d31c805dfbc6983734010da19d5ee920058 check it https://etherscan.io/tx/0xa6cd0f8bc3771f7ed1ae149ae8d2a86de4029ca0712f8188cd1815e2208dac7b
• 0x41af2b0e290fde05a59db1196f0431f2e21ff9fb send USDT to 0xf5ea4f180458817a597eef593ae296514a0008e6 check it https://etherscan.io/tx/0xa997612cd5298e262257b61356627f484232a1f530396a9e97a7d0aa6e3fc645
• 0x59b12e90684257e56491bf6e3718f1ee7649dbee send USDT to 0xabb966b8be466a63ce3b1c5c1cb84c8d923439d5 check it https://etherscan.io/tx/0xad3c8bb7ab73ec12ecac69fb99a154ebcc6f7de782dfad6df4a488b444c90218
• 0x93418ab6e1b4b659913a5b93286a1435421a5ce8 send USDT to 0xadd69f901baff4da16eda2c1ca0e966918d33502 check it https://etherscan.io/tx/0xc53a6cbca64681931d71a8625a68ebdd2974e29f5118ab49efab50bd3a9958f1
• 0x36e2c755a2107c20f45263b60b8e305191a38bd4 send USDT to 0xab345d31c805dfbc6983734010da19d5ee920058 check it https://etherscan.io/tx/0xd001dc7812b1581ab275ae0c2ce9900581fb970a0eed162b1d2a97ede43fc690
• 0x8030e7ba27814bb7611567fc42fb78d09385370d send USDT to 0x2949353eb259a91bfb17398da5451a5dd8747729 check it https://etherscan.io/tx/0xd09934fbff90bd726dabdfd77f33583353903c8440071045d55567b47a65c112
• 0x3334b0b9db6e272b3f40a074e6e2ccdb6c30fdd0 send USDT to 0xc6db09a301bfb0991458074199a905245f13d043 check it https://etherscan.io/tx/0xe20bfb4d07a8ace5b6fe65a30df5a5f9d67eaec235cd10a5fde136ff9c44bf33
• 0xbde92af647e44df275d32de7ab7d922cfd1c74f5 send USDT to 0x85115b8210be88f28ca35ac38bf272a0e1b8a0af check it https://etherscan.io/tx/0xe5a16bfe8cf7f81688ccc63ebdbc13fb8a63557c4d9680c47b0153f55665b9c5
• 0x464fd65185370c6880127735c9ed26270809ae17 send USDT to 0x4a8c28b424bbd58799b766edeced5b29f86cf8ff check it https://etherscan.io/tx/0xed86796068fe352a8321ed52d19b92c0d08cc3e4673a9f8af3209d293543b953

• 0x12024106a59d0677d65b030b052a1bd60a6710c3 send USDT to 0x02308b53273ab3494d482d5fb3d1f0710acb0890 check it https://etherscan.io/tx/0xfe8be9248bae12c8faeab6d0c4f02e6f76d4ae0d53630632a31649a3b10ab94d

Methodology

Addresses are reported by retrieving information from the chain, using bitquery's graphql, and detecting abnormal behavior, such as empty wallets, mutual transfers, etc.

When only some of the anomalous behaviors are present, we can consider the address reasonable, but when an address has all the anomalous behaviors, we have good reason to suspect that the address is false. Especially if the multi-signature address and the owner address have obvious exceptions both, then it is obvious that this is airdrop farmer.

Abnormal behaviors include

• For Multi-Sign Address

  • Few transactions were executed
  • There is a lot of overlap in the interactions, such as the destination address, and the time
  • The owner of multiple multi-signature addresses is exactly the same, and never changes from start to finish
  • Unusual transfer behavior

• For Owner Address

  • Empty address
  • The first source of funds is the owner.
  • Mutual transfer
  • Behavior similarity

If the verification is passed, my strategy is star, and I can provide my source code.

Safe Address

0xce495858e36c95f491b5a32ca2664405cf10ab76

Thanks

[tschubotz]

The Safes you reported store >1M USDT for some time. Store of value is legitimate use.