Crypto has brought new ways to store and move value, but it has also opened the door for scams and rug pulls. Many users lost money in fake projects or sudden exits by developers. As millions disappeared, there was little action from regulators or law enforcement.
This created a need for someone who could read blockchain data, spot patterns, and uncover what others missed. That’s where an on-chain investigator became necessary, to follow the money and expose fraud in a space where anonymity often protects criminals.
Who is ZachXBT?
ZachXBT, a faceless individual on X, started as an everyday crypto user in 2017. He bought tokens and joined NFT projects, only to face losses from scams and rug pulls. In 2018, he lost more than $15,000 in ETH. Frustrated and curious, he opened Etherscan to understand what went wrong.
Without a background in tech or finance, he began learning by himself. He tracked wallets through crypto mixers, drew scam maps on paper, and joined online research groups focused on public data. Over time, he built strong investigation skills. By May 2021, he had collected enough evidence to begin exposing fraud publicly. Since then, ZachXBT has become a well-known and trusted figure in crypto investigations.
High-Profile Crypto Investigations: Crypto Sleuth ZachXBT
Pixelmon Diversion
The Pixelmon team raised roughly $70 million through an NFT mint, then diverted part of those funds to purchase high-priced Bored Ape NFTs. Zach uncovered the detour, forcing the founders to admit mismanagement.
Bored Ape Phishing Ring
A phishing campaign drained about $2.5 million from NFT holders. Zach who detailed the investigation in a post “Scammers in Paris” followed the ether, connected the ring to French-based accounts, and provided a dossier that led to five arrests. The officers involved thanked him in court documents.
Jeffrey Huang Fund Movements
Zach released a ten-part report linking 21 wallets to more than $37 million in questionable transfers. Huang, known online as “Machi Big Brother,” sued Zach for defamation, yet the crypto community donated $1 million for legal defense. Huang later withdrew the case.
Lazarus Group Tracking
After the Ronin and Harmony bridge exploits, North Korea’s Lazarus Group shifted nearly $200 million through mixers. Zach mapped the flow, alerted exchanges, and helped freeze a slice of the proceeds.
Genesis Creditor Impersonation
Attackers posed as Gemini staff, coaxed private keys over a screen-share call, and removed $243 million from a single wallet. Zach pieced together the social-engineering script, enabling multiple arrests and partial fund recovery.
Zach never hacks a private database. He relies on open records, time stamps, and stubborn logic. Each case begins with a single wallet address. He checks every hop, notes suspicious clusters, and cross-references exchange logs against Discord screenshots or Telegram chatter. Where a journalist might phone a source, Zach builds a graph.
He also understands narrative. His Twitter threads read like courtroom briefs stripped of legal jargon. Readers see the suspect’s first deposit, the moment funds split across mixers, and the final cash-out at an exchange already under subpoena. Nothing feels abstract. Every arrow on his diagram tells a human story: someone worked, someone stole, someone struggled to hide the evidence.
Impact on the Wider Ecosystem
The crypto market thrives on trust in code. Fraud drains that trust faster than any bear market. Zach’s investigations show that anonymity does not guarantee impunity. Exchanges now freeze assets faster, project founders hesitate before misusing treasury funds, and casual users gain a template for their own research. Regulators cite his threads to explain why on-chain forensics matter.