Attacker needs to send stolen BTC to this address: bc1qaum44keua0rw7g2wh2akjah4n7rj66vzhm94js
Tech info below to validate that the address is valid / belongs to NEAR:
Address generation command: https://nearblocks.io/txns/Hq5U6a3f6ynptEG4McN9jVdGEKDBo5rsogfQfxDDV95g?tab=execution
The final destination is rainbow bridge / omni bridge dao rainbowbridge.sputnik-dao.near
Test deposit transaction:
Finalisation: https://nearblocks.io/txns/HCTns8CGvpAjYv5PsJHgaiUCCRcPNNicPNQpuxXPZgDD