Blockchain investigator ZachXBT has brought renewed scrutiny to Axiom Exchange after publishing findings that detail an alleged insider trading scheme involving employees with access to sensitive user data.
The investigation claims that several staff members used an internal dashboard to retrieve private information, including wallet addresses, transaction histories, and tracked accounts, which was then used to identify profitable trading opportunities.
According to the report, the misconduct came to light after the investigator was retained to independently examine complaints of suspicious activity. The findings suggest the platform’s internal tooling provided unusually broad access, allowing employees to query users via referral codes, wallet addresses, or account identifiers.
1/ Meet @WheresBroox (Broox Bauer), one of the multiple @AxiomExchange employees allegedly abusing the lack of access controls for internal tools to lookup sensitive user details to insider trade by tracking private wallet activity since early 2025. pic.twitter.com/KwICQMJL1q
— ZachXBT (@zachxbt) February 26, 2026
These revelations have ignited debate about governance and internal controls at crypto platforms, particularly as the industry increasingly faces calls for stronger compliance standards.
Employees Allegedly Tracked Influencers And Bundlers
Central to the allegations is a scheme in which employees compiled a Google Sheet tracking wallets belonging to influencers and “bundlers”, traders known for accumulating large positions in memecoins before publicly promoting them. By monitoring these wallets, the group allegedly front-ran trades, buying tokens early, waiting for retail-driven price surges, and selling for profit.
One of the individuals named in the investigation is Broox Bauer, known online as WheresBroox, a senior business development employee based in New York. Recordings cited in the report show him claiming he could track any user and “find out anything” about their activity. He allegedly described starting with small numbers of wallets and gradually expanding surveillance to avoid detection.
Screenshots shared in the investigation indicate that he accessed dashboards showing private wallet lists for specific traders in April and August 2025, including users identified as “Jerry” and “Monix.” In another instance, he reportedly discussed tracking accounts trading the memecoin AURA.
Multiple influencers listed in the leaked spreadsheet were contacted and confirmed that the wallet data attributed to them appeared accurate, strengthening claims that the information originated from internal systems rather than public sources.
Targeting High-Profile Traders For Profit
Among the reported targets was a trader known as Marcell, described as frequently accumulating large portions of token supply before promoting projects to followers. Such traders were allegedly considered high-value targets because their private wallets are rarely public, making insider access particularly lucrative.
The investigation also traced wallets linked to Broox through private chat messages, mapping related addresses and identifying flows to several centralized exchange deposit accounts. While a high volume of memecoin activity made it difficult to isolate definitive examples of insider trading without internal logs, the transaction patterns were described as consistent with the alleged strategy.
The report further claims that during a February 2026 recorded call, Broox outlined plans to help a colleague generate $200,000 quickly by leveraging access to user data, suggesting the scheme had been ongoing since early 2025. Screenshots of exchange balances shared privately were cited as evidence that profits may already have been realized.
Wider Network Of Employees Implicated
The allegations extend beyond a single individual. The investigation references a moderator named Seb, also known as Gowno, who was present during recorded conversations discussing how his responsibilities could expand to include conducting data lookups. Broox allegedly stated that another employee, Ryan (Ryucio), had previously performed similar searches for others, and that a friend known as Mystery was hired with his assistance.
Neither Ryan nor Mystery appeared in the recordings, but their alleged involvement underscores concerns that the misuse of internal tools may not have been isolated. The report suggests that weak access controls and minimal monitoring created an environment where such activity could occur without immediate detection.
Particularly notable is the breadth of information reportedly available through the dashboard, including complete wallet lists, timestamps, transaction histories, tracked addresses, nicknames, and linked accounts, levels of visibility described as unusual for business development roles.
Axiom Responds And Promises Investigation
In response to the allegations, Axiom issued a public statement acknowledging the claims and confirming that access to the relevant internal tools had been removed. The company said it was “shocked and disappointed” to learn that a team member may have abused customer support systems and pledged to continue investigating.
We are shocked and disappointed to hear that someone on our team abused internal customer support tools to look up user wallets.
We have removed access to these tools and will continue to investigate and hold the offending parties responsible.
This does not represent us as a…
— Axiom (@AxiomExchange) February 26, 2026
The statement emphasized that the behavior did not reflect the company’s values and that further updates would be shared as the internal review progresses.
Founded in 2024 by Mist and Cal, Axiom quickly rose to prominence after participating in Y Combinator’s Winter 2025 batch, generating more than $390 million in revenue to date. The platform’s rapid growth has made the allegations particularly significant, as they raise questions about whether governance frameworks kept pace with expansion.
Regulatory And Industry Implications
Because the primary individual named in the investigation is based in New York, the report suggests the case could potentially fall within the jurisdiction of federal prosecutors in the Southern District of New York, depending on whether authorities pursue charges. Even if no criminal action materializes, the situation highlights the regulatory risks facing crypto companies that handle sensitive customer data without robust oversight.
The incident also underscores a broader industry challenge: balancing transparency and data accessibility with user privacy. As trading platforms increasingly integrate analytics and support tools, the potential for misuse grows unless strict permission controls and monitoring systems are in place.
For the crypto sector, the fallout could extend beyond a single company. High-profile allegations of insider trading risk eroding user trust, particularly at a time when the industry is seeking greater institutional adoption and regulatory legitimacy.
Whether the investigation ultimately leads to enforcement actions or internal reforms, the episode serves as a reminder that operational governance is becoming as critical as technological innovation. As digital asset platforms scale, the ability to safeguard user data, and prevent its misuse, may prove decisive in determining which firms maintain credibility in an increasingly competitive market.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!
