Sakura Room

1- I used exiftool on the image then got the username from it “sakurasnowangelaiko”

2- I got his name by searching by his user name and got his instagram “Aiko Abe”

3- Then to get his email I checked his github and got pgp and searched it on openpgp and got this email “ sakurasnowangel83@protonmail.com ”

4- Then the attacker had a repo called ETH I searched the commit history and found this address “0xa102397dbeeBeFD8cD2F73A89122fCdB53abB6ef”

5- After investigating the address on arkham intel we got the pool to be “Ethermine”

6- And also the attacker used tether (USDT)

7- I have found the attacker twitter account “SakuraLoverAiko”

8- Just use revers image searched