According to Foresight News, SlowMist has released an investigation brief on the theft of 1155 Wrapped Bitcoin (WBTC). The team has identified several IP addresses suspected to be used by the attackers, which originate from mobile nodes in Hong Kong. However, the possibility of VPN usage has not been ruled out.
In a previous report, a whale address fell victim to a phishing attack from an address with the same first and last numbers, resulting in a loss of 1155 WBTC. The phishing address subsequently sold all 1155 WBTC, converting them into 22,960 Ether (ETH). These funds are currently dispersed across ten wallet addresses.