According to ChainCatcher, SlowMist analysis found that the IP associated with the theft of 1,155 WBTC was traced to Hong Kong, but the possibility of using a VPN cannot be ruled out. Previously, an address was suspected to have become a victim of a phishing attack and lost 1,155 WBTC worth $71 million. The hacker sold all these WBTCs and exchanged them for 22,960 ETH, and used a large number of wallet addresses to send and disperse funds in order to launder money.