A well known crypto investigator named ZachXBT has released allegations about an employee at Axiom Exchange. He says this person used internal access to see private user data. The claims are serious and describe possible insider trading inside the exchange. It is important to note that these are allegations. They have not been proven in a court or through official company statements at this time.
Who is making the claims? ZachXBT is famous in the crypto world for tracing crimes and identifying bad actors. He often shares what he finds with the public. In this case, he says he found evidence that an Axiom employee used internal tools to look up private wallet information and watched user activity for trading purposes. He named the employee as Broox Bauer and said the misconduct began in early 2025. He also suggested there was a plan to abuse those tools for profit.
About Axiom Exchange Axiom was started in 2024. The founders are people named Mist and Cal. The company joined a well known startup program called Y Combinator later in 2025 (that is what people mean when they say they took part in Y Combinator’s Winter 2025 batch). ZachXBT says Axiom became very successful, and that the company had more than 390 million dollars in revenue to date. He added that after hearing rumors of problems, he agreed to investigate things independently to confirm what was happening inside the company.
The person behind the claims Broox Bauer is described by ZachXBT as a senior business development employee who lived in New York. In a recording from a private group call, Broox is said to have told others that he could track any Axiom user. He would do this using referral codes, wallet addresses, or user IDs. He allegedly claimed he could “find out anything to do with that person.” This is a strong statement that would mean he could see a lot of private information about users if true.
How the alleged access happened In the same private call recording, Broox supposedly described a method. He said he started by researching 10 to 20 wallets and then increased that number over time to avoid drawing attention. ZachXBT said that Broox also set rules for how others could request lookups and that he would send a full list of wallets when needed. This description suggests there was a process or agreed way to access private wallet information.
Specific examples and screenshots ZachXBT says that in April 2025, Broox shared a screenshot from an internal Axiom dashboard. The image showed private wallets connected to a trader named “Jerry.” In August 2025, Broox allegedly shared another image. This one showed registration details and connected wallets for a trader named “Monix.” In the same month, he reportedly talked about looking up Axiom users who had traded a meme coin called AURA. These details are important because they try to link private data to real trading actions.
Tracking targets with a Google Sheet The investigator says that group members made a Google Sheet. The sheet listed wallet addresses for several well known targets, called key opinion leaders (KOLs). The sheet mapped wallet data that was supposedly pulled from Axiom’s internal dashboard by Broox. Some of these KOLs were named or shown in leaked screenshots. ZachXBT says these people confirmed that the wallet information connected to them was accurate. This part is meant to show that a bigger plan existed, not just a few isolated incidents.
Who was targeted One trader named Marcell is described as a KOL who buys large amounts of meme coin tokens from private wallets before telling his followers to buy them too. ZachXBT said such traders are prime targets for this kind of data access. The reason is simple: their private wallet addresses are rarely public, and address reuse is less common. This makes the information more valuable because it is not easy for others to connect to them easily.
What happened to the money and the data ZachXBT says Broox’s main wallet was found through private chat messages, and related addresses were mapped. Because meme coin trading happens in huge volumes, it is hard to pick out clear insider trading without access to Axiom’s internal logs. He says money from related addresses mostly moved to deposit addresses at centralized exchanges. In other words, the money went to large, well-known trading platforms where it could be turned into other currencies or cashed out.
Plans for profit and a new target The investigator also claims there was a February 2026 call in which Broox talked about helping a recently hired Axiom moderator, who is called Gowno (Seb), to make about 200,000 dollars quickly by abusing internal tools. ZachXBT says Broox shared private chats showing balances on exchange accounts to prove that some activity had already earned money. This is described as a plan to profit from insider access rather than a single mistake.
Where this happened Since Broox is based in New York City, ZachXBT notes that the case could fall under the jurisdiction of the Southern District of New York. This is a federal court district in the United States that covers parts of New York State, including Manhattan. The language here means the investigation could involve U.S. law and U.S. authorities if more evidence is found.
What ZachXBT has done in general Before this Axiom case, ZachXBT has built a strong track record in tracking crypto crime. He has alleged connections between stolen assets and big losses, and has linked criminal activity with other networks in the crypto world. The pages of his investigations have covered topics from stolen funds in hacks to large laundering markets. He often uses public tools and private research to map criminal activity in the crypto world.
How this relates to other crypto crime work In one part of his broader work, ZachXBT linked a group called Lazarus to a large money network. Lazarus Group is a name used for a group suspected of cybercrime activities. The group is often described as a North Korea–linked hacking group. The Lazarus name is widely discussed in security research and news. ZachXBT also linked the theft of funds on other platforms such as Bybit, and he has pointed to schemes involving impersonation of customer support at Coinbase to steal funds. These examples show how complicated crypto crime can be and how investigators try to map who did what and where the money went.
Why this topic matters Insider access to user data could allow a company employee to monitor what users do, and possibly influence trading decisions, at least in theory. It also raises questions about how much a crypto exchange should know about its users, and who inside the company can see sensitive information. If true, the allegations would raise serious questions about security, privacy, and workplace ethics at Axiom. They could also affect how users feel about leaving their data with the platform and how regulators view the company’s practices.
What happens next At the time of these reports, there is no official confirmation from Axiom or a court ruling. The company might respond with its own statements or with an internal investigation. Regulators could examine the evidence if they determine it is necessary. Readers should watch for updates from reliable sources. It is important to wait for verifiable conclusions rather than drawing conclusions from screenshots or private chats alone.
Bottom line The core claim is that a single employee, Broox Bauer, used internal tools to access private wallet data and track users for trading purposes, starting in early 2025. The details include screenshots, a Google Sheet with targeted wallets, and plans to profit using internal tools. The claims also connect to a broader picture of crypto crime investigations that ZachXBT has conducted in the past. Whether this leads to a formal finding of wrongdoing depends on further evidence and official processes. For now, the story highlights the importance of strong data security, careful handling of private information, and fair, transparent practice in crypto markets.
Definitions
- Y Combinator – Y Combinator is an American technology startup accelerator and venture capital firm founded in 2005, known for funding and mentoring many successful startups such as Airbnb, Coinbase, and Stripe. Wikipedia
- Lazarus Group – The Lazarus Group is a state-sponsored North Korea–linked hacking collective, also known as Guardians of Peace, designated as an advanced persistent threat responsible for high-profile cyberattacks since 2009. Wikipedia
- Bybit – Bybit is a Dubai-based cryptocurrency exchange founded in 2018, known for offering crypto trading services and, in 2025, for a major hack attributed to the Lazarus Group by some investigators. Wikipedia
- Coinbase – Coinbase Global, Inc. is an American cryptocurrency exchange founded in 2012 by Brian Armstrong and Fred Ehrsam and described as the largest U.S.-based cryptocurrency exchange by users and assets. Wikipedia
- Southern District of New York – The United States District Court for the Southern District of New York is a federal trial court whose jurisdiction covers parts of New York State, including Manhattan, and is often referred to as the ‘Mother Court’. Wikipedia
Leave a Reply