Who is the FTX Hacker and Why? On-Chain Clues shed light on the Situation
It appears that the majority of the funds taken from the bankrupt exchange weren’t transferred under the control of the Bahamian government.
Key TakeawaysFTX was hacked after the bankruptcy filing of the exchange on November 12.
The Securities Commission of The Bahamas claimed responsibility and said it ordered the transfer of funds to an external wallet.
According to data from the chain, the bulk of the haul was taken by a nefarious party and not a government agency.
Share this article. The address that transferred $372 million from FTX to an unknown recipient is likely to be a black hat hacker. Who Hacked FTX?Debate rages over who hacked FTX. The hacking occurred just hours after the company filed for Chapter 11 voluntary bankruptcy. John J. Ray III, CEO of FTX, stated that an unknown entity transferred at most $372 million from FTX into an external wallet. “FTX has been hacked. Rey, an admin who is logged on to FTX’s Telegram channel, wrote that all funds seemed gone. A second wallet connected to a Kraken know-your-customer account was created in response to the hack and funds were transferred from FTX. A later filing by the Securities Commission of The Bahamas shows that Sam Bankman-Fried, former CEO of FTX, was operating the wallet and transferring funds out of FTX. It is likely that the attacker did this to stop their ill-gotten gains being frozen. It is a less-known fact that stablecoins like USDC and USDT have freeze or blacklist functions built into them. This allows their respective issuers the ability to halt transactions and take funds manually. The hacker lost thousands of dollars and suffered a lot of slippage as he swapped large amounts of tokens quickly. This alone suggests that the wallet is not controlled by the Bahamian regulators or government. They would want to protect assets for the benefit of FTX’s creditors. Only a malicious actor would deliberately cause slippage in trades to prevent assets being seized. The hacker also transferred 3,168 Bitcoin to an address linked to a small Russian crypto-exchange called Laslobit, before sending the funds on to the Huobi exchange. The rest of the loot was sent to the Huobi exchange by the hacker on November 20, after it had been dormant for a few more days. To break the chain of traceability, the hacker will likely use a Bitcoin mix service. The hacker also started selling ETH on the cryptocurrency market, causing it to drop in value. On November 21, they began moving more ETH in batches containing 15,000 tokens, sparking fears that they might be preparing to sell another part of their stash. According to a November 17 court filing, Crypto Briefing reported that Bankman-Fried was the first FTX hacker. He was working under the direction the Bahamian government. This theory has been questioned by more substantial on-chain evidence as well as clues found in court filings from John J. Ray III, Bahamian regulators. It now appears that the second address that transferred funds out of FTX was doing so to protect its remaining assets. It is worth noting that the behavior between these wallets is quite different. The first wallet has swapped, bridged and begun to launder assets. The second wallet has just transferred tokens to a multisignature wallet. The details surrounding the hack of FTX are still not clear. Some believe the hacker could have been a former employee who had gained access to FTX’s accounts due to the timing of the attack. It’s equally possible that someone not connected to FTX could have used the disruption to attack the company, possibly gaining access by tricking employees into opening malware-ridden email during bankruptcy chaos. This technique has been used in high-profile hacks previously attributed to North Korean state hacker Lazarus Group. As FTX’s bankruptcy case proceeds, it is likely that more information about how the exchange was hacked will be revealed. Disclosure: The author was a owner of ETH, BTC and other crypto assets at the time this article was written. Share this article. The information found on this website or accessed through it is obtained from independent sources that we believe are accurate and reliable. However, Decentral Media, Inc. does not make any representations or warranties as to the timeliness, completeness, accuracy or timeliness of any information found on this website or accessed via it. Decentral Media, Inc. does not act as an investment advisor. We do not provide personalized investment advice or any other financial advice. This website’s information is subject to change at any time. The information on this website could become obsolete or incorrect. You may not be able to update any information that is outdated, incomplete or inaccurate. We also reserve the right to change any information that is incorrect, incomplete or outdated. If you need investment advice about an ICO, IEO or other investment, we strongly recommend that you consult a licensed financial advisor or other qualified financial professional. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.See full terms and conditions.Recommended News