Blockchain investigator ZachXBT has accused a senior employee at trading platform Axiom of abusing internal tools to access private user wallet data and potentially profit from it
In a detailed thread, he alleged that the employee used internal dashboards to look up wallet addresses tied to specific users and shared that information with a small group tracking high profile traders, particularly those active in memecoins.
According to the report, screenshots of internal data were circulated and several individuals named in the material confirmed that the wallet details were accurate. ZachXBT said he was retained to independently investigate the claims, though he did not disclose by whom. He cautioned that proving specific insider trades would require access to Axiom’s internal logs.
This story is an excerpt from the Unchained Daily newsletter.
Subscribe here to get these updates in your email for free
Axiom said it was surprised and disappointed by the allegations, removed employee access to the tools in question and pledged a full investigation.
The episode adds to growing scrutiny around data access and trading ethics in crypto, where transparency onchain does not always extend to internal platform controls.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Aethir Successfully Thwarts an ATH Token Cross-Chain Bridge Attack, with User Losses Below $90k
Aethir issued a security advisory on April 10, confirming that it successfully blocked a malicious attack on the ATH token cross-chain bridge contract, with losses under $90k. All affected contracts have been disconnected, and the core circulating supply remains intact. Aethir will work with trading platforms and law enforcement agencies to support the freezing of funds and the identification and tracking of the attacker, and it will publish investigation updates and a compensation plan in its Discord community.
GateNews35m ago
Claude code leak sparks an LLM crisis, hackers have stolen researchers’ ETH
Security research reveals that in the LLM agent ecosystem, over 20% of free API routers actively inject malicious code, leading to asset theft and credential crises. In addition, the Claude code-leak incident has enabled attackers to spread malware by exploiting developers’ curiosity. The research team proposes a three-layer defense mechanism to address supply-chain security risks.
MarketWhisper1h ago
Solayer founder issues a warning: AI agent routers face malicious injection risks, and ETH is being stolen
Solayer’s founder exposes a security vulnerability in large language model (LLM) routers; in 428 routers, more than 20% exhibit malicious behavior, such as private keys being stolen. The research recommends that developers implement a separate end-to-end integrity verification mechanism on the client side and provides three defense options to mitigate supply-chain attacks.
MarketWhisper1h ago
The U.S. Department of the Treasury expands financial-grade cybersecurity intelligence to the crypto industry, and digital asset companies are receiving, for the first time, treatment on par with traditional finance.
The U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection announced that it will expand free cyber threat intelligence to eligible digital asset companies—marking the first time the cryptocurrency industry has been included in the country’s national financial cybersecurity information-sharing framework. This initiative is intended to help digital asset companies respond to cyber threats more effectively and to align with relevant policy recommendations to strengthen the resilience and security of the financial system.
ChainNewsAbmedia1h ago
Solayer’s founder releases research on LLM supply chain security; more than 2% of free routers have been exposed as having been maliciously injected
Solayer’s founder reveals safety risks of large language models, pointing out that LLM agents relying on third-party API routers face a risk of being attacked by malicious code. Testing shows that multiple routers have security vulnerabilities, and can even leak sensitive credentials. In addition, research demonstrates feasible attack methods and defense measures.
GateNews2h ago
