1. Home
  2. FTX Hack

FTX Hack

FTX hacker could be using SBF trial as a smokescreen: CertiK

Coin Telegraph
FTX hacker could be using SBF trial as a smokescreen: CertiK
Coin Telegraph

The still-unidentified FTX hackers started ramping up their movement of stolen funds in recent weeks, potentially using media attention of the trial as a cover to hide the illicit activity.

The hacker responsible for stealing over $400 million from FTX and FTX US in November could be using the hype around Sam Bankman-Fried’s fraud trial to further obfuscate the funds, says CertiK’s director of security operations Hugh Brooks.

Only days before the start of Bankman-Fried's criminal trial, the FTX hacker, known as “FTX Drainer," began moving millions in Ether it had gained from the November attack.

The movements have continued throughout the trial. In the last three days, the hacker transferred approximately 15,000 ETH (worth roughly $24 million) to three new wallet addresses.

“With the onset of the FTX trial and the substantial public attention and media coverage it is receiving, the individual accountable for draining the funds might be feeling an increased urgency to conceal the assets,” said Brooks.

“It's also plausible that the FTX drainer harbored an assumption that the trial would monopolize so much attention from the Web3 industry that there would be insufficient bandwidth to trace all stolen funds while also covering the trial concurrently.”

FTX, which had once been valued at $32 billion, declared bankruptcy on Nov. 11. That same day, employees at FTX began noticing massive withdrawals of funds from the exchange’s wallets.

An Oct. 9 report from Wired has provided fresh insight into how events transpired during the night of the attack.

After FTX employees realized that the attacker had complete access to a series of wallets, the team declared that "the fox [was] in the hen house” and scrambled to keep the remaining funds out of the hacker’s hands.

The team reportedly made the decision to transfer a staggering amount of the remaining funds — between $400 and $500 million — to a privately owned Ledger cold wallet, while waiting to hear back from BitGo, the company tasked with taking custody of the exchange’s assets post-bankruptcy.

The move likely prevented the attacker from gaining a full $1 billion in the raid.

Related: FTX hacker’s wallet stirs as Ethereum ETFs prepare for US debut

Meanwhile, Brooks explained that the hacker appears to have changed its method for obscuring funds.

On Nov. 21, the FTX hacker was observed attempting to launder funds by using a “peel chain” method, which involves sending decreasing amounts of funds to new wallets and “peeling” off smaller amounts to new wallets.

However, the hacker has recently been using a more sophisticated method to obscure the transfer of the illicit assets, said Brooks.

The new laundering method being employed by the FTX hacker as recorded on Oct. 2. Source: CertiK

The funds stored in the original Bitcoin wallet are distributed through multiple wallets, transferring smaller divisions of funds to a series of additional wallets, a tactic that “considerably prolongs” the tracing process.

Brooks said they have yet to identify any individuals or groups that could be behind the FTX hack, and that investigations are continuing.

Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis

Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

Crypto Incidents Involving Exit Scams, Hacks, and Code Exploits Reach Record Low in December 2022 According to Certik

Bitcoin.com
Crypto Incidents Involving Exit Scams, Hacks, and Code Exploits Reach Record Low in December 2022 According to Certik
binance smart chain
Crypto Incidents Involving Exit Scams, Hacks, and Code Exploits Reach Record Low in December 2022 According to CertikAccording to blockchain security company Certik, the number of cryptocurrency incidents involving exit scams, hacks, and code exploits in Dec. 2022 was the lowest monthly figure of the year. Certik noted that the combined incidents amounted to $62.2 million “lost to exploits, hacks, and scams.” Record Low Cyber Attacks in December 2022 Result in $62.2 […]
Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

On the move: FTX hacker splits nearly $200M in ETH across 12 wallets

Coin Telegraph
On the move: FTX hacker splits nearly 0M in ETH across 12 wallets
attacker

Meanwhile, Ethereum users are sending encoded messages to the FTX hacker pleading for a share of funds.

The hacker behind the theft of more than $447 million of crypto from the crypto exchange FTX has been again spotted moving their ill-gotten funds. 

According to Etherscan data, between 4:11 to 4:17 pm UTC on November 21, the attacker moved a total of 180,000 Ether (ETH) across 12 newly created wallets — each receiving 15,000 ETH. The total amount moved totaled $199.3 million at current prices.

Recent transactions from wallet labeled "FTX Accounts Drainer" — Source: Etherscan

At the time of publication, the ETH has not moved from any of the 12 wallets.

Some in the crypto community suggest the attacker may be planning to subdivide it into smaller and smaller amounts in order to confuse investigators, a process known as “peel chaining,” or they may be planning to use a mixing service at some point to obscure which coins are theirs.

Meanwhile, some Ethereum users appear to have sent coded messages to the hacker asking for a share of the loot.

One user registered the Ethereum Name Service (ENS) domain name, “ftx-rekt200k-pls-help.eth” to express that they have lost money from the FTX collapse and to ask for a reimbursement from the hacker.

They sent 21 transactions of 0.000001 Ether to the hacker’s address in an attempt to get noticed.

Another user was even more creative. They registered the ENS domain, “pleasecheckutf8data.eth” and sent 12 transactions of 0.0001 ETH or less to the hacker’s wallet address.

An encoded message asking the FTX Accounts Drainer for a share of funds. Source: Etherscan

Inside each transaction was a UTF8 encoded message that said “Please send me 100k~, I have medical bills to pay and visit the USA this coming December. I can't walk properly, and have aggressive muscle issues. Please help! I lost most of my money on FTX.”

The message also contained a link to an Imgur post which the user claimed was proof of their medical appointment.

Related: FTX hacker dumps 50,000 ETH, still among top 40 Ether holders

The hack occurred on Nov. 11, the same day that FTX filed for chapter 11 bankruptcy protection.

On November 20, the attacker transferred 50,000 ETH to a separate wallet and then converted it to Bitcoin using two separate renBTC bridges.

As of today, the hacker is the 40th largest holder of ETH.

Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

Elliptic Analysis Says $477 Million Stolen From FTX, ‘Accounts Drainer’ Becomes 35th Largest ETH Holder

Bitcoin.com
Elliptic Analysis Says 7 Million Stolen From FTX, ‘Accounts Drainer’ Becomes 35th Largest ETH Holder
35th largest ethereum
Elliptic Analysis Says 7 Million Stolen From FTX, ‘Accounts Drainer’ Becomes 35th Largest ETH HolderThree days ago, on Nov. 11, 2022, it was reported that FTX’s wallets saw unusual activities and FTX Telegram channel admins stressed that FTX was “hacked.” The same day, the new FTX CEO John Ray confirmed there were “unauthorized transactions.” A report by the blockchain intelligence firm Elliptic explains that out of “more than $663 […]
Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

Onchain Data Reveals Alameda Acquired Specific Tokens a Month Before FTX Listings

Bitcoin.com
Onchain Data Reveals Alameda Acquired Specific Tokens a Month Before FTX Listings
Alameda
Onchain Data Reveals Alameda Acquired Specific Tokens a Month Before FTX ListingsAccording to a report stemming from the blockchain analytics firm Argus, Sam Bankman-Fried’s trading firm Alameda Research obtained tokens ahead of FTX.com listings. The report claims that Alameda acquired roughly $60 million worth of tokens before the digital assets were scheduled to be listed on FTX. Blockchain Analytics Firm Says Alameda Had an Insider’s Edge […]
Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

FTX CEO Confirms Reports of ‘Unauthorized Access to Certain Assets,’ Team Is ‘Coordinating With Law Enforcement’

Bitcoin.com
FTX CEO Confirms Reports of ‘Unauthorized Access to Certain Assets,’ Team Is ‘Coordinating With Law Enforcement’
Bankruptcy
FTX CEO Confirms Reports of ‘Unauthorized Access to Certain Assets,’ Team Is ‘Coordinating With Law Enforcement’Following the reports that said FTX wallets were being drained and the FTX Telegram channel’s admins that detailed its possible malware might be present in FTX-related apps and websites, the company’s new CEO John Ray confirmed there were “unauthorized transactions.” The news was shared by FTX US’s general counsel Ryne Miller and retweeted by FTX’s […]
Read more
Velar and Bitlayer introduce Bitcoin's first perpetual DEX

Velar and Bitlayer introduce Bitcoin’s first perpetual DEX

WordPress Theme by cactus.com
Close

Share this video