Blockchain analytics platform Lookonchain recently reported alleged insider trading involving the meme coin MAGA. However, another analyst believes these claims are not true and suggested that the transactions were actually due to MEV bot activity, not insider trading. Meanwhile, the hacker behind the Kronos Research exploit moved an additional $2.6 million in ETH to Tornado Cash, and Gala Games recovered $22 million in ETH from their own recent security incident.
MEV Bots or Insiders?
According to blockchain analytics platform Lookonchain, an insider has been selling off the politically themed meme coin, MAGA. Almost 80 billion tokens were sold for 320 ETH worth $1.05 million.
The alleged insider initially bought 140.4 billion MAGA tokens, which accounted for 33.37% of the total supply by using 22 wallets for just 5.35 ETH, worth around $20,000. Out of the 140.4 billion MAGA tokens, the insider still holds close to 60 billion, valued at over $9 million.
However, new information suggests that these transactions were the result of maximal extractable value (MEV) bot activity rather than insider trading. An X user called Dominium pointed out that the transactions identified by Lookonchain have some of the characteristics of MEV bot operations. These bots exploit arbitrage opportunities to generate big profit margins with MAGA.
Dominium challenged Lookonchain's allegations by very publicly pointing out the evident MEV bot involvement in the transactions. He also criticized Lookonchain for creating FUD even though he thinks it is very obvious that the transactions were from MEV bots.
After the initial X post, Lookonchain faced a lot of backlash from the community. Some people are even questioning the credibility of the blockchain analysis account. Naturally, there is now doubt that the initial insider trading allegations were true to begin with.
The meme coin MAGA, which is an acronym for Donald Trump’s “Make America Great Again” slogan, recently saw its price rally after Trump made some pro-crypto comments. When asked if people could donate to his campaign using cryptocurrencies, Trump responded by stating, “I believe the answer is yes. If you can’t, I’ll make sure you can.”
What is Insider Trading?
Insider trading involves the buying or selling of a public company's stock or other securities by someone who has non-public, material information about the company. While insider trading can actually be legal if the insider reports their transactions to the Securities and Exchange Commission (SEC), it becomes illegal when the material information has not been made public.
The Securities Exchange Act of 1934 mandates the disclosure of company stock transactions. Insiders, which is defined by the SEC as directors, executives, or anyone holding more than 10% of a company’s securities, have to file SEC Form 3, which is the Initial Statement of Beneficial Ownership of Securities, within 10 days of becoming an insider.
When an insider conducts a transaction, they then have to file SEC Form 4 within two business days to notify the public. Additionally, SEC Form 5 is required annually within 45 days after the company’s fiscal year ends for transactions not reported on Form 4.
Illegal insider trading happens when an insider does not submit the required forms after making a transaction or when someone shares material non-public information before it is made public.
For example, if an employee learns about their company's impending losses and informs a friend who then sells their shares before the information becomes public, both the employee and the friend could be guilty of insider trading. This is because they acted on information that could impact other investors, who were not privy to the same information.
Kronos Hacker Moves More Funds
Although the questionable MAGA transactions were probably just due to a MEV bot, there are still crypto criminals making moves. The hacker that was responsible for the $25 million exploit of Kronos Research has transferred an additional $2.6 million worth of ETH to the crypto mixing service Tornado Cash.
This recent transfer included 700 ETH and took place from the Kronos exploiter wallet “0x3" on May 21, according to on-chain security firm PeckShield. On May 20, the exploiter made three transactions of 100 Ether each, followed by seven more 100 Ether transactions on May 21, totaling 1,000 Ether which is valued at more than $3.7 million.
Even after these latest transfers, the hacker's wallet still holds over 60 ETH that is worth more than $223,000. At its peak, the wallet's value exceeded $6.4 million on May 19, according to CoinStats data.
The decision to move these funds is very likely linked to the recent surge in ETH’s price. In just the past week, the price of ETH jumped by almost 30%, which left the altcoin trading hands at $3,740.42 at press time.
The ETH price rally happened after reports that the SEC changed its stance on spot Ether ETFs, possibly because of political pressure. Senior Bloomberg ETF analyst Eric Balchunas even increased the likelihood of approval for these ETFs from 25% to 75%.
Crypto mixing protocols like Tornado Cash are very often used to obscure the transaction history of crypto assets, which makes it very difficult to trace the origins of the funds. These services are often used by people laundering crypto from illicit activities.
The Kronos Research hacker has not moved funds since May 7, when 1,314 ETH that were worth over $4 million were transferred to the same mixing service.
Kronos suffered the exploit in November of 2023 when attackers were able to gain access to the firm's application programming interface keys. At first, the firm denied any loss of funds. But on-chain investigator ZachXBT later revealed that approximately 12,800 ETH was stolen and dispersed into six different crypto wallets. Kronos Capital then decided to suspend its trading services to investigate the incident.
Gala Games Recovers $22M
Meanwhile, Gala Games received around $22 million in ETH from the person responsible for a security incident on May 20 where $200 million worth of Gala tokens were minted and partially sold before the wallet was frozen. On May 21, the attacker's wallet returned 5,913.2 ETH, equivalent to $22.3 million.
Gala Games firmly believes the return of the ETH is due to their swift response and the involvement of federal law enforcement agencies. Gala Games used a new blocklist protocol feature on GalaChain to freeze 4.4 billion of the 5 billion minted GALA tokens within just 45 minutes.
Co-founder and CEO Eric Schiermeyer revealed on May 20 that the attacker has been identified, including their home address. The identity and method of the exploit has not been made public just yet, but some community members believe the attack was carried out by a security contractor who made a mistake by connecting to the wallet without using a VPN.
Schiermeyer mentioned that the team plans to use the returned ETH to buy back and burn an equivalent amount of GALA tokens on GalaSwap. A governance vote is also being conducted to decide whether the 4.4 billion blocklisted GALA tokens should be considered burned.
DWF Labs announced that it bought 28 million GALA tokens on the open market to stabilize the token’s value.