Cheyenne Ligon is a CoinDesk news reporter with a focus on crypto regulation and policy. She has no significant crypto holdings.

Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.

Nikhilesh De is CoinDesk's managing editor for global policy and regulation. He owns marginal amounts of bitcoin and ether.

The collapse of FTX, already one of the most spectacular disasters in financial history, worsened as hundreds of millions of dollars were drained from the cryptocurrency exchange hours after it filed for bankruptcy.

More than $600 million was siphoned from FTX's crypto wallets late Friday. Soon after, FTX stated in its official Telegram channel that it had been compromised, instructing users not to install any new upgrades and to delete all FTX apps.

"FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don't go on FTX site as it might download Trojans," wrote an account administrator in the FTX Support Telegram chat. The message was pinned by FTX General Counsel Ryne Miller.

Hours later, Miller disclosed in a tweet that FTX US and FTX.com had been moving all their digital assets to cold storage because of the Friday bankruptcy. "Process was expedited this evening – to mitigate damage upon observing unauthorized transactions," he said.

Many FTX wallet holders reported $0 balances in their FTX.com and FTX US wallets. FTX’s API appeared to be down, which could account for this. According to on-chain data, various Ethereum tokens as well as Solana and Binance Smart Chain tokens exited FTX's official wallets and moved to decentralized exchanges like 1inch. Both FTX and FTX US appear to be affected.

The transfers occurred on the same day that the firm filed for Chapter 11 bankruptcy protection in the U.S. after apparently losing – or misappropriating – billions of dollars in user funds. Suspicions – which are conjecture at this point – circulated online about whether, rather than an outside attack, someone inside the company might've been responsible.

On Twitter, members of the cryptocurrency community quickly began to speculate that the outflows could have been coordinated by a member of Bankman-Fried's inner circle, pointing out that the simultaneous and sophisticated hacks of FTX and FTX US are indicative of a potential inside job. Twitter sleuth ZachXBT tweeted Friday night that "multiple former FTX employees confirmed to me that they do not recognize these transfers."

Around midnight Eastern time, FTX's login portal was unavailable (though the site was still online) giving users a 503 error when they attempted to log in. A 503 error happens when the server is unavailable, commonly because it's down for maintenance or unavailable for access.

UPDATE (Nov. 12, 2022, 06:00 UTC): Adds updates and details throughout.

UPDATE (Nov. 12, 2022, 14:21 UTC): Hours after the publication of this article, FTX said it had expedited the move of its remaining funds to cold wallets. Click here for more.

UPDATE (Nov. 12, 2022, 15:25 UTC): Adds context in first paragraph and revisions throughout.


DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Cheyenne Ligon is a CoinDesk news reporter with a focus on crypto regulation and policy. She has no significant crypto holdings.

CoinDesk - Unknown

Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.

CoinDesk - Unknown

Nikhilesh De is CoinDesk's managing editor for global policy and regulation. He owns marginal amounts of bitcoin and ether.

CoinDesk - Unknown

Cheyenne Ligon is a CoinDesk news reporter with a focus on crypto regulation and policy. She has no significant crypto holdings.

CoinDesk - Unknown

Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.

CoinDesk - Unknown

Nikhilesh De is CoinDesk's managing editor for global policy and regulation. He owns marginal amounts of bitcoin and ether.