Feds seized eXch infrastructure and stole 34 million euros : Monero | Torhoo darknet markets

Following the recent incident involving a North Korean-affiliated hacker group stealing funds from Bybit, several DEX and swapping services faced significant pressure.
As a result, everyone's favorite swapping service eXch announced a change in ownership. Subsequently, after receiving an anonymous tip, on April 17th they revealed plans to shut down, ultimately ceasing operations on April 30th. Read more here https://torhoo.cc/go.php?u=TDNCdmMzUXZOakF5WVRjMk9EWTVZMlk0WXpjeU9EWTVZVE09#

Today, 10 days after the shutdown, German and Dutch authorities (BKA/FIOD) announced the seizure of eXch infrastructure and most of its funds. However, there are no strong indications that they have identified the operators or gained access to off-chain transaction data.

The web page eXch [.] pw is still accessible, while the .onion displays a seizure banner. It seems that the .onion has been seized, but not the clearnet?

The following is pure speculation:

The key question now is how they managed to steal the 34 million euros, which constitutes the majority of eXch's reserves? A few possibilities come to mind:
a) It's likely that the funds were taken from eXch wallets associated with centralized exch.anges like Kraken. The eXch operators may have made a mistake by using these centralized exch.anges to convert their reserves into Monero. A more effective strategy could have been to exch.ange all their customers' Monero for traceable currencies at a discount, which might have helped avoid the loss of 34 million euros. Were they perhaps too rushed? Why attempt to exch.ange so much at once?
b) It seems likely that they also seized the backend infrastructure along with all associated wallets. This suggests they gained access not only to open blockchain data but also to wallet data, which could lead to user transactions being linked. However, why would the eXch operators keep their coins in the same wallets after the shutdown?
c) It's possible that they arrested the operators and gained access to all data. I find this unlikely, as such information would typically be included in press releases, and it doesn't make sense for the operators to give up access to the encryption keys so quickly.

Now the pigs resort to their typical fear-mongering tactics on BitcoinTalk, just as they did here on Dread before:

To users of the recently dismantled cryptocurrency exch.ange,

*****This message is issued by the Dutch Fiscal Information and Investigation Service (FIOD) and the Bundeskriminalambt (BKA).

The service has been taken offline as part of our enforcement action.

We are actively investigating individuals involved in money laundering and other illegal activities through this swap service.

Some question actions from law enforcement regarding crypto services. We want to make one thing clear: this action is not an attack on privacy. We respect the right to privacy and recognize its importance in the digital age. However, when services are heavily abused to commit crime, we will act.

We urge everyone involved in illicit activity to cease immediately. The legal consequences can be serious. Our mission is to protect the integrity of the financial system and hold those who exploit it accountable.

Privacy is not the problem - criminal misuse is.

Sincerely,

FIOD and BKA

I find this part particularly funny: "Our mission is to protect the integrity of the financial system [...]"
They are surprisingly honest about their role in defending the corrupt and exploitative financial system.
Remember boys, "Privacy is not the problem - criminal misuse is."

Full press releases here:
https://www.bka.de/SharedDocs/Kurzmeldungen/DE/Kurzmeldungen/250509_eXch_abgeschaltet.html
https://www.fiod.nl/bka-and-fiod-shut-down-cryptocurrency-swap-service-exch-e-34-million-in-cryptocurrency-has-been-seized-during-the-operation/
By the way, it is filled with misinformation, including the claim that eXch has been operating since 2014.