eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20

[eXch]

Twitter clown ZachXBT and his lost credibility

Today, ZachXBT referred to our team as "clowns" in a post that attempted to be humorous, falsely claiming that we accidentally sent funds to an incorrect address.

For the public record, we categorically state that the information in his post is a pure lie, because (a) the transaction in question does not belong to us, and (b) any professional researcher would recognize that the only Ethereum address we operate on is 0xf1da173228fcf015f43f3ea15abbb51f0d8f1123. There are no other addresses on the Ethereum blockchain, aside from deposit addresses that interact with this address, that are associated with our exchange.

This is not the first time ZachXBT has made unfounded statements on his botted Twitter account, seemingly for the sake of gaining attention (e.g. https://bitcointalk.org/index.php?topic=577207.msg64767483#msg64767483). We have previously cautioned the public about the risks of relying on the opinions of amateur researchers like ZachXBT and his teenage peers, once again demonstrated a lack of competence and professionalism.

Our respect for ZachXBT has diminished over time due to his repeated inaccuracies, but today marks a clear point where he has proven himself to be toxic, incompetent, and generally untrustworthy. We urge the community to verify information from credible sources and to approach claims made by civilians like ZachXBT with caution.

Other important points to dismiss the FUD currently being distributed about eXch

1. eXch is NOT laundering money for Lazarus/DPRK.

2. The insignificant portion of funds from the ByBit hack eventually entered our address 0xf1da173228fcf015f43f3ea15abbb51f0d8f1123 which was an isolated case and the only part processed by our exchange, fees from which we will be donated for the public good.

3. Any claims by ZachXBT and others on Twitter regarding transactions not related to 0xf1da173228fcf015f43f3ea15abbb51f0d8f1123 that are falsely attributed to eXch are a targeted FUD attack on our exchange.

[bitmover]

"The wheel is come full circle..."

Although this is a great response, it is impossible not to remember when chipmixer didn't freeze funds stolen from the binance hack.

A few months later, it was seized.

Exch is one of the most reliable bitcoin services in the internet, in my opinion. I hope this incident does not harm exch's business.

[joker_josue]

Yet another fake news website called "Cryptopolitan" trying to throw dirt at us by calling eXch "a mixer": https://www.cryptopolitan.com/lazarus-laundering-40000-ether-bybit/

This is a prime example of amateur journalism and blatant disinformation at its finest, basing on random posts from people on Twitter having absolutely zero professional formation in this field, using the "mixer" card as always just to attack us.

It's incredible how a website, supposedly dedicated to crypto sector news, says such a barbaric thing. If it was a generic news site, I could still understand, but a site dedicated to crypto? It's a shame.

@eXch however, what was your position regarding the addresses that allegedly belong to the hackers? Were there actually movements from them on the platform?

[xtests]

Twitter clown ZachXBT and his lost credibility

[...]

It's interesting how bloggers like ZachXBT are attempting to shift the focus manipulating their audience simply because they need someone to blame.

The narrative they're pushing aims to absolve ByBit of fault, desperately fingerpointing at others who are barely related to the situation, diverting attention from ByBit as the main subject of discussion.

This tactic allows people to quickly forget that the real culprits in this story are ByBit, which bears full responsibility for ignoring the persistent threats in the information security industry. Many reputable security research firms (obviously not those like CertiK...) have been warning the industry about DPRK techniques targeting employees of large centralized exchanges to trick them into revealing credentials or deploying malware. Given the known data on how ByBit's wallet was compromised, it could have been easily prevented by simply educating their IT staff with access to critical infrastructure on the basics of information security. Clearly, this education was lacking, as evidenced by how easily they were deceived into providing credentials from ByBit's critical infrastructure to a phishing domain.

The whitehat community on Twitter/X seems reluctant to highlight ByBit's fault, instead opting to blame others, which comes across as a mix of frustration and desperation. Additionally, given that amateur whitehats like ZachXBT lack the sufficient technical training to investigate hacks thoroughly, their only effective tool becomes on-chain tracing of stolen funds that does not require one to become an IT security expert.

It's also crucial to remember that individuals like ZachXBT and Tayvano are themselves victims of significant hacks in the past, which renders them vulnerable and explains their subsequent focus on on-chain tracing, albeit with a victim mentality. For instance, very few in this community recognize that the Atomic Wallet hack is largely attributable to Tayvano (a close friend of ZachXBT), yet many still agree with and sympathize with her toxic behavior, as constantly evidenced by the lengthy and profane rants on her Twitter/X account.
From a practical psychology perspective, the tendency of ZachXBT and Tayvano to project their past faults onto others and to focus their lives on Twitter/X posts that blame others may reflect underlying psychological issues, such as unresolved trauma. This behavior can be indicative of a coping mechanism where individuals deflect their own insecurities and failures by criticizing others, allowing them to avoid confronting their own shortcomings.

I was somewhat of a supporter of ZachXBT in the past, having donated to him on several occasions, but in light of recent events where he desperately blames eXch with falsified facts, I have to reconsider my opinion of him.

[ne0Que]

"The wheel is come full circle..."

https://oshi.at/pJQr.png
[oshi.at clearnet] [oshi.at onion] [90 days expiry]

I’ve been following the recent discussions regarding the Bybit hack attributed to the Lazarus Group and the concerns raised about potential laundering of stolen funds through the eXch.cx platform. I understand the challenges and tensions outlined in the email exchange between Bybit and eXch.cx, as well as the posts on this thread (e.g., this post).

I’d like to suggest a path forward that could benefit all parties involved. Bybit has publicly stated their commitment to recovering the stolen funds and has even offered a 10% bounty on recovered amounts, which presents a lucrative opportunity for any platform or individual assisting in this effort. If eXch.ch were to collaborate with Bybit by monitoring and freezing the specific attacker addresses (as listed in Opang Zeng’s email), it could not only help recover the funds but also demonstrate eXch.cx’s commitment to combating illicit activities on its platform.

Allowing potential laundering of stolen funds, even unintentionally, carries significant legal risks, as money laundering is a serious offense that can attract the attention of authorities like the FBI, CIA, or Interpol. By proactively working with Bybit to track and freeze these funds, eXch.ch could mitigate such risks, protect its reputation, and potentially earn a substantial reward.

I urge eXch.ch to reconsider its position and engage in open dialogue with Bybit’s risk team. Collaboration in this case could turn a challenging situation into a positive outcome for both exchanges, their users, and the broader cryptocurrency community. I’d be happy to see eXch.xh take a leadership role in ensuring the integrity of the crypto ecosystem.

[joker_josue]

I urge eXch.ch to reconsider its position and engage in open dialogue with Bybit’s risk team. Collaboration in this case could turn a challenging situation into a positive outcome for both exchanges, their users, and the broader cryptocurrency community. I’d be happy to see eXch.ch take a leadership role in ensuring the integrity of the crypto ecosystem.

Are you part of Bybit’s team?

How did you find this post?

[LoyceV]

By proactively working with Bybit to track and freeze these funds, eXch.ch could mitigate such risks, protect its reputation, and potentially earn a substantial reward.

First, .ch is a phishing site. Second: giving in to the notion of taint is a direct attack on crypto's fungibility. Now it's Ethereum, next time it's going to be Bitcoin.

[ne0Que]

I urge eXch.ch to reconsider its position and engage in open dialogue with Bybit’s risk team. Collaboration in this case could turn a challenging situation into a positive outcome for both exchanges, their users, and the broader cryptocurrency community. I’d be happy to see eXch.ch take a leadership role in ensuring the integrity of the crypto ecosystem.

Are you part of Bybit’s team?

How did you find this post?

1. No
2. X.com

I am concerned about money laundering issues like this. I am a bybit customer and like to help to get the stolen funds back.

By proactively working with Bybit to track and freeze these funds, eXch.cx could mitigate such risks, protect its reputation, and potentially earn a substantial reward.

First, .ch is a phishing site. Second: giving in to the notion of taint is a direct attack on crypto's fungibility. Now it's Ethereum, next time it's going to be Bitcoin.

Thank you for notifying me about the tld extension error.

Bitcoin is a different discussion. But still, if you are in the position and able to stop money laundering, then it becomes a problem if you do not do it. It doesn't matter what chain, business, even if it is on personal level. Laundering is a crime everywhere on this planet.. Just saying. But I don't want to emphasize that part. I want to emphasize there is a lucrative outcome for eXch.cx if they just put the ego aside and start catching stolen money.

[OmegaStarScream]

Are you part of Bybit’s team?

How did you find this post?

https://x.com/benbybit/status/1893519210883744188

[eXch]

Dear friends, to prevent any further FUD and bad energies caused by constant attack on our exchange by a small group of people abusing their influence, we are locking this thread for next 48-72 hours to prevent further dissemination of false information about eXch.

To reiterate, we would like to highlight that:

- All funds are safe

- Our operations are not affected by the ByBit hack in any way

- We are not laundering money for Lazarus/DPRK (the opposite opinion is solely a perspective of some people that wish decentralized coins' fungibility and on-chain privacy to vanish, these are long-time haters of decentralized crypto in general)

- The insignificant part of funds that was processed by us from the ByBit hack in an isolated case will be donated to various open-source initiatives dedicated to privacy and security both inside and outside crypto space. This attack on our exchange is a perfect example why we need to stimulate and support Bisq userbase growth imminently (which will be possible with Bisq Light Client within next 1-2 months), because nobody can judge a decentralized protocol.

- Hopefully, Etherscan will reconsider the "communnity note" they put today for our address pushed as a result of misleading statements of some amateur researchers that harass us, given that ByBit exploiter funds do not enter our address anymore and it's just an obvious and proven fact, which everybody can confirm. This is basically a result of continuous witch hunting on us for being the last centralized accountless non-KYC exchange out there that doesn't scam its users, where some major hack unrelated to us is being used as a precedent to attack our reputation. For some reason, they haven't put such warnings for Thorchain Ethereum addresses, that have already processed more than 200 times the total amount we processed yesterday and will continue.

For any questions, feel free to contact us using official channels (SimpleX, email and support tickets on our website).

Love and prosperity to everyone,
Sincerely yours,
Johann from Private Project Facilitators LTD / eXch

[eXch]

Dear friends, we express our cordial gratitude to everyone who stood by us during these difficult times.

This thread has been unlocked now.

There will be a big press release posted here within a few days, covering a lot of the details related to the past events.

[s1lverbox]

As long as you not obfuscate anything then you shouldnt be hold against wall with NK tx. funny how many thinking you should do better then for example Ethereum foundation which could rollback chain for this. If they dont care why you should?

Keep it up

[OmegaStarScream]

Saw this on Twitter and thought I'd share with those who might be using both exch and FixedFloat. FF is planning to start blocking transactions coming from exch starting today as mentioned in their recent article:

In connection with the position of eXch, we are forced to take the following measures. Now all funds received from the eXch service are considered criminal. In accordance with the Terms of Use of FixedFloat 6.4. in case of detection of such funds, we reserve the right to suspend the provision of services and freeze the funds received. This rule comes into force on March 3, 2025.

[fillippone]

At least the good outcome of the situation, you can clearly tell the difference between the good actors, and the bad one.
The most important feature of an exchange, their ethic and respect for their user is by far the most undervalued by user themself.
Kudos to Exch.

[Pmalek]

I have a question about your ethereum address and your business going forward. We can see the community note that is posted on Etherscan as a sort of warning to the general public. What affect will this and other measures have on the risk score given by blockchain analysis platforms on tokens connected to your ETH address? Do you have new information on how the funds connected to the tagged address are now treated by popular crypto exchanges?

[NotATether]

Saw this on Twitter and thought I'd share with those who might be using both exch and FixedFloat. FF is planning to start blocking transactions coming from exch starting today as mentioned in their recent article:

In connection with the position of eXch, we are forced to take the following measures. Now all funds received from the eXch service are considered criminal. In accordance with the Terms of Use of FixedFloat 6.4. in case of detection of such funds, we reserve the right to suspend the provision of services and freeze the funds received. This rule comes into force on March 3, 2025.

I may not have the highest opinion of eXch, but everybody can see that this is gangster activity from FixedFloat.

And didn't these guys get hacked out of millions of dollars a couple months ago? They should work on fixing their own crappy service instead of attacking competitors.

[examplens]

And didn't these guys get hacked out of millions of dollars a couple months ago? They should work on fixing their own crappy service instead of attacking competitors.

The FixedFloat hack was almost comical. As far as I remember, it happened monthly. Multiple times and each time in the same way.
Otherwise, they have been known to keep funds without any strong basis, this is nothing new, even if they have publicly acknowledged such a stance.

[joker_josue]

Saw this on Twitter and thought I'd share with those who might be using both exch and FixedFloat. FF is planning to start blocking transactions coming from exch starting today as mentioned in their recent article:

In connection with the position of eXch, we are forced to take the following measures. Now all funds received from the eXch service are considered criminal. In accordance with the Terms of Use of FixedFloat 6.4. in case of detection of such funds, we reserve the right to suspend the provision of services and freeze the funds received. This rule comes into force on March 3, 2025.

I may not have the highest opinion of eXch, but everybody can see that this is gangster activity from FixedFloat.

This has always been a strategy, adopted by many companies, to try to block competition. They simply try to make life difficult for other traders, to try to make them give up.

I believe that eXch has already started thinking of ways to try to turn the tables on these guys.

[logfiles]

<...>

Oh, wow. It clearly shows the kind of people behind fixedfloat. eXch has definitely been a big competitor and definitely a huge pain in the jealousy asses, and now the best move they can make is to block transactions from eXch?  

Foremost, who in the crypto world uses eXch to gain uttermost transaction privacy only to send to shitty spies like fixedfloat? It doesn't make sense, he-he-he.

[paid2]

Saw this on Twitter and thought I'd share with those who might be using both exch and FixedFloat. FF is planning to start blocking transactions coming from exch starting today as mentioned in their recent article:

In connection with the position of eXch, we are forced to take the following measures. Now all funds received from the eXch service are considered criminal. In accordance with the Terms of Use of FixedFloat 6.4. in case of detection of such funds, we reserve the right to suspend the provision of services and freeze the funds received. This rule comes into force on March 3, 2025.

If we needed another reason to avoid FixedFloat, here's a new one... They're extremely productive when it comes to shit on their users, and they're definitely not lacking of creativity in this domain.

Worst of all, it could apparently be retroactive.

The FixedFloat hack was almost comical. As far as I remember, it happened monthly. Multiple times and each time in the same way.
Otherwise, they have been known to keep funds without any strong basis, this is nothing new, even if they have publicly acknowledged such a stance.