According to @zachxbt, a blockchain explorer he reviewed is unreadable due to lacking data filters, address labels, and third-party integrations, which limits on-chain analysis for traders, source: @zachxbt on X, Sep 15, 2025. According to @zachxbt, Figure and its team attempted to pressure DefiLlama to change how Total Value Locked is calculated and cited numbers they could not verify, highlighting a potential TVL methodology dispute relevant to market participants tracking protocol metrics, source: @zachxbt on X, Sep 15, 2025. According to @zachxbt, recent IPOs with even remote crypto affiliation since Circle are pumping, signaling momentum in crypto-adjacent equities that traders may monitor for sentiment read-through, source: @zachxbt on X, Sep 15, 2025. According to @zachxbt, VanrEkt has not produced research papers or built novel protocols despite positioning as crypto natives, underscoring the need to verify team track records before relying on claims, source: @zachxbt on X, Sep 15, 2025. For traders, these claims point to data reliability and methodology risks around TVL and on-chain analytics, warranting extra diligence when evaluating assets or reports tied to Figure, DefiLlama TVL figures, or the unnamed explorer’s datasets, source: @zachxbt on X, Sep 15, 2025.

According to ZachXBT, a project's co-founder attacked an honest actor after the actor did not cite the project's own stated numbers, which he claims are not fully verifiable on-chain (source: ZachXBT on X, Sep 13, 2025). According to ZachXBT, he is just getting started targeting TradFi participants who do not respect crypto-native standards (source: ZachXBT on X, Sep 13, 2025). Based on ZachXBT’s claims about unverifiable metrics, traders should prioritize on-chain proof of reserves, TVL verification, and treasury wallet flow analysis before relying on reported figures to manage headline and data-integrity risk (source: ZachXBT on X, Sep 13, 2025). No specific token or project was named in the post (source: ZachXBT on X, Sep 13, 2025).

According to @zachxbt, a company is trying to publicly pressure DefiLlama using proprietary metrics that are not 100% verifiable on-chain. Source: X post by @zachxbt dated Sep 13, 2025. The post provides a link to a related statement by 0xngmi for additional context. Source: X post by @zachxbt dated Sep 13, 2025. For traders who rely on DeFi dashboards and on-chain analytics to screen protocols by TVL and rankings, this allegation underscores the risk of discrepancies when metrics lack full on-chain proof and warrants caution when comparing datasets across vendors. Source: X post by @zachxbt dated Sep 13, 2025.

According to @lookonchain, JP (@jpthor), the co-founder of THORChain and Vultisig, was scammed out of approximately 1.3 million dollars by North Korean hackers via a conference call scam, with a referenced transfer at Etherscan transaction 0x348c67dd3f9c4a8cdfbf526511820b73e58fbd01fe84355713351b5889f82ba0 (source: @lookonchain; source: Etherscan). According to @zachxbt, JP and his products have benefited from helping North Korean hackers launder funds, linking the allegation to THORChain and Vultisig activity (source: @zachxbt). For traders, the directly related crypto asset is THORChain’s token RUNE and the associated wallet product Vultisig, with verification via the cited on-chain transaction hash for due diligence and monitoring (source: @lookonchain; source: Etherscan).

According to @PeckShieldAlert, @zachxbt reports SwissBorg suffered an exploit on Solana with 192.6K SOL valued at about $41.5M stolen (source: @PeckShieldAlert). According to @PeckShieldAlert, the attacker deposited 100 SOL to Bitget, indicating exchange touchpoint activity relevant for tracing flows (source: @PeckShieldAlert).

According to ZachXBT, a leaked price sheet lists 200+ crypto influencers and their wallet addresses from a project that contacted them for paid promotion (source: ZachXBT on X, Sep 1, 2025). According to ZachXBT, 160+ accounts accepted the deal, yet fewer than five disclosed the posts as advertisements (source: ZachXBT on X, Sep 1, 2025). According to ZachXBT, the presence of identifiable wallet addresses tied to paid promotions enables traders to monitor these wallets on-chain around the timing of promotional posts to evaluate short-term flow and transparency risks (source: ZachXBT on X, Sep 1, 2025). According to ZachXBT, traders can use the leaked wallet list as a watchlist to track transfers involving newly promoted tokens and to detect coordinated activity across multiple influencer accounts (source: ZachXBT on X, Sep 1, 2025).

According to @OnchainLens, a victim lost 783.75 BTC (about $91.4M) on Aug 19, 2025 after a social engineering scam that impersonated exchange and hardware wallet support (source: Onchain Lens on X, Aug 29, 2025; citing ZachXBT on X). The post states the theft occurred exactly one year after the $243M Genesis Creditor hack (source: Onchain Lens on X, Aug 29, 2025). The post also references a transaction hash tied to the theft (source: Onchain Lens on X, Aug 29, 2025). Based on the figures provided, the implied BTC price is roughly $116.6k ($91.4M ÷ 783.75 BTC), helping traders size potential on-chain movement if these coins are later traced (source: calculation from data in Onchain Lens post).

According to @zachxbt, actors tied to a prior theft routed stolen crypto to a centralized service, signaling an attempted laundering and potential cash-out path (source: @zachxbt on X, Aug 28, 2025). According to @zachxbt, the same parties attempted partial payments and targeted escrow mechanisms to exploit counterparties, which he describes as bad-faith tactics (source: @zachxbt on X, Aug 28, 2025). According to @zachxbt, the parties are applying social media pressure while funds are traceable to a centralized venue, highlighting exposure to compliance review at centralized services that could affect fund movement timing (source: @zachxbt on X, Aug 28, 2025).

According to @zachxbt, the X account @web3 is linked to a team member involved with the Squiggles NFT rug and Raichu, signaling elevated counterparty risk for any @web3-associated mints, promotions, or partnerships (source: @zachxbt on X, Aug 28, 2025). The post includes an image and a link referencing a prior investigation thread, indicating this alert is tied to previously documented concerns around Squiggles and Raichu (source: @zachxbt on X, Aug 28, 2025). For trade execution, participants should halt or reduce exposure to @web3-led NFT drops until team identities, project provenance, and fund flows are independently verified, prioritizing cold-start listings and escrow controls where feasible (source: @zachxbt on X, Aug 28, 2025). Market participants should reassess risk models for secondary trading liquidity and listing venues connected to @web3 to mitigate potential rug-pull exposure and reputational spillover across related collections (source: @zachxbt on X, Aug 28, 2025).

According to @zachxbt, Coinbase’s Jesse and a team engaged with an individual named Sahil despite widely shared warnings about his alleged record of celebrity coin rug pulls on Solana documented on X and referenced by Coffeezilla on YouTube, signaling elevated counterparty and reputational risk around celebrity SOL tokens for traders and partners alike; Source: @zachxbt on X, August 25, 2025. According to @zachxbt, traders should treat the post as a red flag for celebrity memecoins on Solana and prioritize independent verification over perceived endorsements, given that prior warnings were easily discoverable via public threads; Source: @zachxbt on X, August 25, 2025. According to @zachxbt, practical trading diligence here includes checking the deployer wallet’s past token launches, reviewing liquidity lock status, and scanning prior allegations tied to the promoter before taking exposure to low-liquidity SOL memecoins; Source: @zachxbt on X, August 25, 2025.

According to @zachxbt, a new Solana meme coin presale received 150+ promotional posts from lower-tier influencers with millions of botted followers and likes but raised only 65 SOL, with few disclosure labels on the posts. Source: ZachXBT on X, Aug 23, 2025, https://twitter.com/zachxbt/status/1959237311880966480. He characterizes the campaign as destined for failure due to the mismatch between heavy influencer promotion and minimal presale funding, alongside disclosure gaps. Source: ZachXBT on X, Aug 23, 2025, https://twitter.com/zachxbt/status/1959237311880966480. For traders, undisclosed paid endorsements are noncompliant with the FTC Endorsement Guides, creating regulatory enforcement risk around such promotions. Source: Federal Trade Commission Endorsement Guides, ftc.gov. The SEC has warned investors about celebrity and influencer promotions of crypto offerings and urges independent due diligence before purchasing tokens advertised online. Source: SEC Office of Investor Education and Advocacy Investor Alert on celebrity endorsements of crypto offerings, investor.gov (2017).

According to @zachxbt (X, Aug 21, 2025), on Aug 19, 2025 a victim was socially engineered by impostors posing as exchange and hardware-wallet support and lost 783 BTC (~$91M) (source: @zachxbt, X, Aug 21, 2025). The thief has begun peeling the funds with deposits sent to Wasabi, signaling active on-chain distribution of the stolen BTC (source: @zachxbt, X, Aug 21, 2025). Traders should monitor the related peel-chain and Wasabi inflows to manage UTXO exposure and potential exchange touchpoints (source: @zachxbt, X, Aug 21, 2025).

According to @zachxbt, Ethereum address 0x78e1a4781d184e7ce6a124dd96e765e2bea96f2c was used by parties referenced in his thread to send and receive multiple payments. Source: ZachXBT on X (Aug 13, 2025). Traders can verify and monitor this address’s on-chain transactions using Ethereum block explorers such as Etherscan for situational awareness. Source: Etherscan.io.

According to @zachxbt, the on-chain address 0x78e1 is closely tied to the USD 680,000 Favrr exploit from June 2025, with the project’s CTO and other developers identified as DPRK IT workers using fraudulent documents, source: ZachXBT on X, Aug 13, 2025. According to @zachxbt, additional DPRK IT workers were identified at projects linked to the 0x78e1 address, heightening sanctions and compliance risk for counterparties interacting with related wallets, source: ZachXBT on X, Aug 13, 2025. According to @zachxbt, traders should watch for movements from 0x78e1 and linked addresses to manage exposure to tainted funds and potential liquidity disruptions on affected venues, source: ZachXBT on X, Aug 13, 2025.

According to @zachxbt, one of the wallet addresses used by them to send and receive multiple payments was 0x78e1a4781d184e7ce6a124dd96e765e2bea96f2c (source: @zachxbt).

According to @zachxbt, BlackRock did not invest in or back the XRP Ledger (XRPL), and claims suggesting BlackRock support for XRP (XRP) are misleading (source: @zachxbt on X, Aug 11, 2025). According to @zachxbt, Ondo Finance’s Ondo Short-Term U.S. Government Treasuries (OUSG) is an Ondo product, and Ondo is simply leveraging BlackRock’s tokenized products for exposure, which does not imply any BlackRock investment in or backing of XRPL (source: @zachxbt on X, Aug 11, 2025). For trading decisions, narratives linking XRP (XRP) to direct BlackRock backing should be treated as false per this clarification when assessing catalysts and flows (source: @zachxbt on X, Aug 11, 2025).

According to @zachxbt, an affidavit has officially confirmed the victims from his prior investigation into a series of high-profile NFT hacks. The identified victims include prominent figures and organizations in the NFT space: Beeple, DeeKay, Zeneca, Nouns DAO, and JRNY Club. This confirmation underscores the ongoing security risks faced by major NFT creators and DAOs. Traders and collectors should closely monitor security developments and project announcements related to these entities, as such incidents can impact NFT market sentiment, liquidity, and the valuation of affected collections. Source: @zachxbt

According to @zachxbt, Redman deposited funds from the panel sale into Tornado Cash, then withdrew and sent the proceeds to a Stake account that was verified with his real KYC information. Onchain analysis further connects the Stake deposit address to multiple X ATOs for which the panel was used, directly tying the transaction flow to Redman's identity and specific onchain activities. This transparency in fund movement may influence trading sentiment regarding Tornado Cash (TORN) and related privacy coins, as it demonstrates traceability even through obfuscated channels. Source: @zachxbt

According to ZachXBT, Redman attempted to sell panel access on the SWAPD platform and initially tried to submit fake KYC documentation before later providing legitimate identification. ZachXBT further reported that Redman linked his personal crypto wallet address to the SWAPD account after withdrawing proceeds from the sale via Tornado Cash, a privacy-focused crypto mixer. This chain of actions reveals a traceable link between illicit panel sales and Tornado Cash withdrawals, providing actionable intelligence for traders monitoring wallet movements and regulatory compliance. Source: ZachXBT on Twitter.

According to ZachXBT, Cameron Redman was convicted and ordered to pay restitution following an investigation into the June 2022 incident where X (Twitter) panel access was sold for 250 ETH. This breach led to the compromise of over 10 high-profile accounts, including JRNY, Beeple, Nouns, Zeneca, and DeeKay, resulting in significant financial losses in the crypto market. The conviction is seen as a critical development in crypto security, highlighting the ongoing risks of social engineering attacks targeting digital asset holders (source: ZachXBT).