There's been a lot of hacks or other types of theft in the crypto industry recently, which seems likely to continue harming the industry’s reputation (not to mention all the victims losing their money).
You’re reading State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here to sign up for future editions.
Hacks and thefts and exploits, oh my
Some $212.5 million in crypto-related funds were hacked or stolen over the past few weeks, the vast majority from a single platform.
Why it matters
It’s hard to imagine regulators being super jazzed about the ongoing plethora of hacks and other thefts. It is a bit harder to imagine how the industry can try and rectify this situation.
Breaking it down
Want to know something wild? A few hours past midnight last Saturday, my colleague Shaurya and I saw that around $4 million worth of ether – 2,500 ETH – had moved out of a wallet associated with last year's account draining exploit of FTX, which happened a mere few hours after the exchange filed for bankruptcy.
By the end of the weekend, more than $26 million (15,000 ETH) in funds had been moved, mostly into tools and services that will make it more difficult, if not impossible, to track them moving forward. This comes a few days or weeks after a number of crypto platforms, like HTX (formerly Huobi), Mixin and Fortress, all announced they lost funds due to hacks.
Hacks of centralized and decentralized platforms is nothing new. But the fact that they’re continuing to proliferate in these extremely highly-public ways can do nothing but hurt the overall crypto industry’s reputation at a time when, to be quite frank, it already isn’t great.
Maybe one lesson from the last few weeks is that people in crypto – investors and users, yes, but especially builders and funders – need to rethink their attack vectors. For an industry built on "not your keys," there is an awful lot of reliance on third-party tools and providers, any one of which could be compromised.
Recall that CoinDesk revealed it was one such provider that ultimately led to last month's $15 million Fortress theft.
Mixin hasn't, as of earlier this week, revealed who the database provider is. What we do know is there's an increasing number of service providers of all stripes being attacked. There's multi-factor authentication providers, cloud tool providers, Slack and so on.
Attackers are becoming increasingly sophisticated. We know this too after Google, Apple and Microsoft have all announced patching zero day bugs (referring to vulnerabilities that can be exploited immediately) in recent weeks.
Bringing this back to regulators, we know that lawmakers in the U.S. at least are looking at bills to try and enforce more know-your-customer rules on the crypto industry. While it’s unclear whether any of the bills may have genuine legs at this point – Sen. Sherrod Brown (D-Ohio) threw cold water on an effort by Sen. Elizabeth Warren (D-Mass.) just yesterday, for example – these efforts are ongoing.
However regulators ultimately choose to react, it does seem incumbent on industry participants to find ways of mitigating these issues first.
Stories you may have missed
- FTX's Former Auditor Prager Metis Sued by SEC: For non-FTX related issues.
- Fed Report: Silvergate Bank Got Fatally Ensnared in Crypto While Examiners Shrugged: The Federal Reserve’s Office of the Inspector General published a report on Silvergate Bank’s collapse. The OIG was not impressed by the Fed’s supervision.
- UK Regulator Saw 'Poor' Engagement From Some Overseas Crypto Firms on Upcoming Ad Rules: Officials with the U.K.’s Financial Conduct Authority weighed in on the response to its forthcoming promotions rules.
- JPEX Crypto Exchange Probe Sees 4 More Arrests: SCMP: Speaking of crypto collapses, this exchange seems to have lost over another $100 million, with nearly 1,500 complaints and employees maybe disappearing.
- Circle Intervenes in Binance’s SEC Case, Argues Stablecoins Aren't Securities: Circle is arguing that the SEC regulations it’s charging Binance under shouldn’t apply to stablecoins.
Sam Bankman-Fried goes to trial
FTX founder Sam Bankman-Fried’s trial begins today. You may recall that CoinDesk has a daily newsletter covering the estimated six-week judicial proceedings. Here’s an excerpt from today’s issue, penned by Danny Nelson. Sign up here if you want updates every morning.
We may not know for weeks whether Sam Bankman-Fried will take the stand at his own trial. He may want the chance to explain himself to the jury, but his lawyers are surely wary of the withering cross-examination such a tactic would invite. No matter: the unconventional former crypto executive has already said – publicly – plenty about what went down in FTX’s final days.
What follows are a series of excerpts from interviews that SBF gave in the month between FTX’s collapse and his arrest in the Bahamas. They provide a picture into the mind of the man prosecutors allege was behind one of the greatest financial frauds in history. According to the man himself, he was a well-meaning altruist whose heady risk-taking got him in over his head.
In early December, a Wall Street Journal interviewer pressed SBF on his knowledge of operations at Alameda, the crypto hedge fund accused of borrowing billions of dollars in crypto from FTX and its unknowing customers. According to SBF, who had a 90% ownership stake in Alameda and lived with its CEO, Caroline Ellison, he, too, didn’t fully know what was going on there, a refrain he later echoed in documents shared with the New York Times.
“FTX was a full-time job,” he told the Journal. “It was more than a full-time job. And I didn't have enough brain cycles left to understand everything going on at Alameda if I wanted to. I also didn't want to because I was concerned about conflicts of interest. And I felt like it would be inappropriate for me to be looped into, certainly to details of what was going on there.”
Prosecutors are almost certainly keen on demonstrating the opposite to the jury.
- 18:00 UTC (2:00 p.m. EDT) There was a hearing in the Celsius bankruptcy case to discuss and “consider confirmation” of the company’s proposed chapter 11 plan.
- 13:30 UTC (9:30 a.m. EDT) Sam Bankman-Fried’s trial officially kicks off.
- 14:00 UTC (10:00 a.m. EDT) Alex Mashinsky will have a status conference in his ongoing case.
- Today is also the deadline for the SEC to file its opposition brief to Coinbase’s motion to dismiss the regulator’s lawsuit.
- 9:00 UTC (10:00 a.m. BST) The U.K.’s Financial Conduct Authority is having its annual meeting.
- (Forbes) Chainalysis laid off around 150 employees.
- (The Washington Post) The Post has an excerpt from Michael Lewis’ book about Sam Bankman-Fried, which is for sale today.
- (Reuters) A Spanish court has confirmed an autopsy ruling that former crypto entrepreneur John McAfee’s 2021 death was a suicide.
You can also join the group conversation on Telegram.
See ya’ll next week!