Taking a Closer Look at the FTX Hack

TL;DR

On November 12, 2022, over $477 million was reportedly stolen from FTX and FTX US in a suspected black hat theft, while approximately $175 million is believed to have been moved into secure storage by FTX.

Introduction to FTX

FTX is the cryptocurrency exchange, which filed for bankruptcy on November 11, 2022.

Vulnerability Assessment

The root cause of this heist is unknown at the moment. On the FTX support channel in Telegram, one of the FTX account administrators said that FTX applications were malware and that the FTX site could download Trojans.

Ryne Miller, the General Counsel for FTX stated that FTX was looking into unusual wallet movements related to the consolidation of FTX balances across exchanges.

He further mentioned that the company took precautionary measures and moved all of its digital assets to cold storage, which meant that the cryptocurrency wallet was no longer connected to the internet.

Steps

One of the withdrawals to the drainer’s address revealed that approximately $26 million were swapped from Tether to DAI.

2. After exchanging USDT for DAI, the perpetrator further swapped $44 million worth of stETH for ETH.

3. The compromised assets include $278 million on Ethereum, $106 million on Solana, $89 million on BSC and $4 million on Avalanche totaling $477 million.

4. At the time of this writing, the drainer’s address holds around $314,809,774 worth of assets across multiple networks.

5. During this event, it is speculated that a portion of the funds were sent to a multisig address as part of a white-hat rescue operation.

6. On the Tron network, the alleged hacker also transferred funds to a newly created account where all FTX.US funds were also transferred.

Aftermath

It remains unclear whether all of the operations, including the transfer of funds, were done out by a hacker, an internal team member, or it could just be a part of the FTX’s bankruptcy proceedings to relocate the funds to a safer location.

The transfers took place on the same day the company filed for Chapter 11 bankruptcy protection in the United States after misappropriating billions of dollars in user funds. At this time, online rumors have circulated that an insider may have been responsible for the event, as opposed to an outsider.

Why did FTX collapsed

Alameda pledged to borrow money against illiquid collateral to fund itself, and as the market fell this year, those deposits were recovered, leading to the theft of FTX user funds. This means that FTX’s liquid reserves may be lower than user deposits. Of course, this vulnerability may be manageable given enough time, but CZ disclosed this fact, triggering the FTX run.

Why CZ disclosed this fact? There may be two reasons:

CZ feels threatened:

FTX is snowballing: FTX is way ahead of Binance regarding legalization, with FTX headquarters having been inaugurated as an entity in the Bahamas and FTX.us having been issued a photo op by the U.S. government. At the same time, Binance has yet to publish information about its headquarters, C.Z. cannot usually enter and exit the United States, which was once also ridiculed by the SBF.
- IMPACT OF IRAN: Blockchain data shows that cryptocurrency giant Coin has processed $8 billion worth of Iranian transactions since 2018, even though the U.S. aims to cut Iran out of the global financial system, according to Reuters.
Investment competition failed: Binance failed to compete for the most essential investments in the crypto world in 2022 over FTX Ventures, both Aptos, SUI, and others, which was unable to lead.