The recent case of the identity of a Hyperliquid whale executing hundreds of millions of USD worth of leveraged trades on Bitcoin (BTC) and Ethereum (ETH) has caused a public sensation. Numerous hypotheses have been proposed regarding the individual behind these high-value transactions.
ZachXBT, a reputable on-chain investigator specializing in tracking cryptocurrency-related fraud, has unveiled the truth.
Learn more: The Whale Exited with $9 Billion Profit in Hyperliquid
ZachXBT’s argument
Between January and March 2025, a trader garnered significant attention by executing numerous high-leverage trades on platforms like Hyperliquid and GMX. Their activity reached a peak this month, driven by two particularly notable on-chain transactions. First, operating under the address 0xe4d3, they initiated a substantial long position on both ETH and BTC, utilizing 50x leverage.
Related Wallet Addresses
The aforementioned trade, yielding a $10 million profit, occurred concurrently with Donald Trump’s announcement concerning a cryptocurrency reserve. Subsequently, the same trader, or a linked entity designated as 0xf3F4, exploited market volatility by initiating a substantial short position on BTC with 40x leverage, resulting in an additional $9 million profit.
The activity of wallet address “0xf3F4” demonstrates connections to a series of related wallet addresses associated with Binance, Gamdom, ChangeNOW, and Roobet.
Source: ZachXBT
Activity of Wallet “0xf3F”
This wallet address is confirmed to have signed a message for an X (formerly Twitter) account named @qwatio, boasting about profits achieved on Hyperliquid. Analysis reveals that the X account, used by 0xF3F, likely was purchased at some point and subsequently renamed. This X account also follows and appears to be involved in phishing attacks, where another wallet address, “0x7ab,” served as the drainer fee recipient following a phishing attack on the projection.fi project.
4/ 0xf3f signed a messaged for the X account @qwatio and stated they made $20M on GMX & HL.
This means he would have to control the related wallets in this cluster for the $20M number to be accurate.
I replied to him yesterday on X but the posts were deleted after. pic.twitter.com/aBDRc0HoVm
— ZachXBT (@zachxbt) March 20, 2025
Further Investigation of Wallet Address “0x7ab”
Given that 0x7ab was the initial EVM address used by 0xF3F, ZachXBT traced the withdrawal sources on Solana from four casinos to identify the corresponding Solana wallet address. This allowed ZachXBT to uncover a deleted Telegram account and trace the individual’s presence in a GMX group.
Source: ZachXBT
Real Identity Behind the Hyperliquid Event
A recent payment from this individual’s address revealed a UK phone number associated with the name “William Parker.” This individual is a known criminal. Last year, WP was arrested for stealing approximately $1 million from two casinos in 2023 and was convicted in Finland. In the early 2010s, WP garnered significant news headlines in the UK for fraud charges related to hacking and gambling.
10/ Who is William Parker?
Last year WP was arrested for stealing ~$1M from two casinos in 2023 and was sentenced in Finland.
Prior to this WP was known as Alistair Packover (William Peckover) before later changing his name.
In the early 2010s AP made multiple news headlines… pic.twitter.com/4QxHS5ziXJ
— ZachXBT (@zachxbt) March 20, 2025
