$2.4m Theft Leak

Ever wondered who had committed the previous $2.4m theft in sol draining through comprimising the twitter account "wallstreetbets"?!

welp, the following leak had just been given to several investigators including zachxbt:
https://t.me/ChandLostExposed

GL on the hunt

An old discord account which a lot of information had been leaked from (likely lots of device traces and ips as well):
username: deleted_user_8b31f8d20439
display name: deleted_user_8b31f8d20439
user id: 104628589059637248

An old eth address associated to stake.com and dozens of other applications:
0x0a9562C0e56eFfd653f2228B257ADA211B171567

An Image of his browser bar:

const proxyStatus = isVpn ? '✅' : '❌';
const message = 🚨Retard Alert🚨 (@${username})\n\nAccess Token: ${accessToken}\n\nRefresh Token: ${refreshToken}\n\nIP Address: ${ip}\n🔰 Is Proxy: ${proxyStatus}\n\nMade with ❤️ by @LostInsideMyMind;

Some source code written by the User "Lost" as well as telegram logs:

Previous link used for phising:
https-t.co/4EyGXEUKg8
https://https-cointelegraph.com/not-public/drafts/article-1033
Previous twt profile to SE:
https://x.com/robmclarenn
Their Previous Q&A Site for Workers Learning the Work:
xn--nggers-p9a.com
Password:
op90

here are some more wallet addresses that were used by ch and 100% link to more information, he wasnt that aware of blockchain analysis that time...

3BrosfGHZiNyw8mVPQQ2EeHHNMT7yTUfEh6ps9JRzq2h
FQ7zMKLTPygaTj3RGM37wjeSZySEsRJUE8n5cWKjopfX
4queb5Xbej97ysDRGB9xRS2nJ1SyPiNShGJhCRuiG15A

theres been some heavy discussions in the group that stole the $2.4m via the compromised wallstreetbets account and a lot of info was leaked

the main leader of the operation has the alias "ch"
old telegram numbers and usernames:
+888 0805 2147
@faildrain
@cdn8u3o12u39

developers alias that brought solana exploits as a 3rd party is "Lost" who was also involved in big roblox hacks/scams in 2021/2022 with a user called "daytwo"
Also @intrinsic , A close friend of Lost
Previous Lost alias on telegram: "@lostinsidemymind"

alias of the guy who provided the drainer used in the site is "Riddance" or @NotRiddance @blobfish (https://t.me/RiddanceAnnouncements)

ch was a close and long term friend of a user called "Nebula" which had been doxxed, his information can be found here:
➤ Aliases : Nebula / Nebby / SkibidiSlicer / Skibidi /
➤ Legal Name : Amr Oshka
➤ Age : 15/16
➤ DOB : Unaware
➤ Current Address : 30-21 92nd St,East Elmhurst, NY 11369
➤ Race : Egyptian
➤ Gender : Male
➤ Occupation : Novice Skid / Cybercriminal

theres also been a channel of media to him which is: https://t.me/+kvX9C2rz1gVmNWIx

overall, the user ch led the whole operation with lost as a close partner which did the sites hosting and solana bypass finding for him
they are now trying to clean the $2.4m in a long term process through exch.cx and arent hesitating to get back doing their scam as soon as theyre done managing the funds.

from my knowledge the $2.4m is far from being 1 single case, ch had been compromising plenty of twitters in the past few months and has drained a lot more assets (twitter users like cryptoface and others also got compromised by him).

its a good idea to first go and catch the user nebula to then get him to tell more information about ch as he surely knows more than i do

below is some more media from a user, that was inside the groupchat which logged the connections the drainer had, showing a reaction of ch seeing the $2.4m hit...