There's a Lot of Thefts Happening

Regulators don’t need more excuses to look suspiciously at the crypto industry, but a recent wave of hacks and thefts provide one anyway.

AccessTimeIconOct 3, 2023 at 1:30 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

There's been a lot of hacks or other types of theft in the crypto industry recently, which seems likely to continue harming the industry’s reputation (not to mention all the victims losing their money).

You’re reading State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here to sign up for future editions.

Hacks and thefts and exploits, oh my

The narrative

Some $212.5 million in crypto-related funds were hacked or stolen over the past few weeks, the vast majority from a single platform.

Why it matters

It’s hard to imagine regulators being super jazzed about the ongoing plethora of hacks and other thefts. It is a bit harder to imagine how the industry can try and rectify this situation.

Breaking it down

Want to know something wild? A few hours past midnight last Saturday, my colleague Shaurya and I saw that around $4 million worth of ether – 2,500 ETH – had moved out of a wallet associated with last year's account draining exploit of FTX, which happened a mere few hours after the exchange filed for bankruptcy.

By the end of the weekend, more than $26 million (15,000 ETH) in funds had been moved, mostly into tools and services that will make it more difficult, if not impossible, to track them moving forward. This comes a few days or weeks after a number of crypto platforms, like HTX (formerly Huobi), Mixin and Fortress, all announced they lost funds due to hacks.

Hacks of centralized and decentralized platforms is nothing new. But the fact that they’re continuing to proliferate in these extremely highly-public ways can do nothing but hurt the overall crypto industry’s reputation at a time when, to be quite frank, it already isn’t great.

Maybe one lesson from the last few weeks is that people in crypto – investors and users, yes, but especially builders and funders – need to rethink their attack vectors. For an industry built on "not your keys," there is an awful lot of reliance on third-party tools and providers, any one of which could be compromised.

Recall that CoinDesk revealed it was one such provider that ultimately led to last month's $15 million Fortress theft.

Mixin hasn't, as of earlier this week, revealed who the database provider is. What we do know is there's an increasing number of service providers of all stripes being attacked. There's multi-factor authentication providers, cloud tool providers, Slack and so on.

Attackers are becoming increasingly sophisticated. We know this too after Google, Apple and Microsoft have all announced patching zero day bugs (referring to vulnerabilities that can be exploited immediately) in recent weeks.

Bringing this back to regulators, we know that lawmakers in the U.S. at least are looking at bills to try and enforce more know-your-customer rules on the crypto industry. While it’s unclear whether any of the bills may have genuine legs at this point – Sen. Sherrod Brown (D-Ohio) threw cold water on an effort by Sen. Elizabeth Warren (D-Mass.) just yesterday, for example – these efforts are ongoing.

However regulators ultimately choose to react, it does seem incumbent on industry participants to find ways of mitigating these issues first.

Stories you may have missed

Sam Bankman-Fried goes to trial

FTX founder Sam Bankman-Fried’s trial begins today. You may recall that CoinDesk has a daily newsletter covering the estimated six-week judicial proceedings. Here’s an excerpt from today’s issue, penned by Danny Nelson. Sign up here if you want updates every morning.

We may not know for weeks whether Sam Bankman-Fried will take the stand at his own trial. He may want the chance to explain himself to the jury, but his lawyers are surely wary of the withering cross-examination such a tactic would invite. No matter: the unconventional former crypto executive has already said – publicly – plenty about what went down in FTX’s final days.

What follows are a series of excerpts from interviews that SBF gave in the month between FTX’s collapse and his arrest in the Bahamas. They provide a picture into the mind of the man prosecutors allege was behind one of the greatest financial frauds in history. According to the man himself, he was a well-meaning altruist whose heady risk-taking got him in over his head.

In early December, a Wall Street Journal interviewer pressed SBF on his knowledge of operations at Alameda, the crypto hedge fund accused of borrowing billions of dollars in crypto from FTX and its unknowing customers. According to SBF, who had a 90% ownership stake in Alameda and lived with its CEO, Caroline Ellison, he, too, didn’t fully know what was going on there, a refrain he later echoed in documents shared with the New York Times.

“FTX was a full-time job,” he told the Journal. “It was more than a full-time job. And I didn't have enough brain cycles left to understand everything going on at Alameda if I wanted to. I also didn't want to because I was concerned about conflicts of interest. And I felt like it would be inappropriate for me to be looped into, certainly to details of what was going on there.”

Prosecutors are almost certainly keen on demonstrating the opposite to the jury.

This week

SoC 100223

Monday

  • 18:00 UTC (2:00 p.m. EDT) There was a hearing in the Celsius bankruptcy case to discuss and “consider confirmation” of the company’s proposed chapter 11 plan.

Tuesday

  • 13:30 UTC (9:30 a.m. EDT) Sam Bankman-Fried’s trial officially kicks off.
  • 14:00 UTC (10:00 a.m. EDT) Alex Mashinsky will have a status conference in his ongoing case.
  • Today is also the deadline for the SEC to file its opposition brief to Coinbase’s motion to dismiss the regulator’s lawsuit.

Wednesday

  • 9:00 UTC (10:00 a.m. BST) The U.K.’s Financial Conduct Authority is having its annual meeting.

Elsewhere:

  • (Forbes) Chainalysis laid off around 150 employees.
  • (The Washington Post) The Post has an excerpt from Michael Lewis’ book about Sam Bankman-Fried, which is for sale today.
  • (Reuters) A Spanish court has confirmed an autopsy ruling that former crypto entrepreneur John McAfee’s 2021 death was a suicide.
  • (NBC) The U.S. government didn’t shut down!
SoC twt 100223

If you’ve got thoughts or questions on what I should discuss next week or any other feedback you’d like to share, feel free to email me at nik@coindesk.com or find me on Twitter @nikhileshde.

You can also join the group conversation on Telegram.

See ya’ll next week!

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Nikhilesh De

Nikhilesh De is CoinDesk's managing editor for global policy and regulation. He owns marginal amounts of bitcoin and ether.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.