FTX 'Hacker' Moved 15K ETH This Weekend
The moving funds, coming soon before FTX founder and former chief executive Sam Bankman-Fried goes on trial, deepens one of the ongoing mysteries around the exchange's collapse last year.
Oct 2, 2023 at 7:47 a.m. UTC
/arc-photo-coindesk/arc2-prod/public/LXF2COBSKBCNHNRE3WTK2BZ7GE.png)
All 15,000 ether (ETH) sitting in a wallet associated with last year's $600 million attack on FTX's wallets have now moved through privacy tools and bridges.
In November 2022, hours after FTX and its related companies filed for bankruptcy, an unknown party managed to drain various wallets of as much as $600 million. About $26 million worth of ETH – 15,000 ether – sat in a single wallet until earlier this weekend, when a first tranche of 2,500 ETH ($4 million) began moving, ultimately ending up at the Thorchain bridge, the Railgun privacy wallet, or intermediary addresses.
The remainder of these funds have now moved, with many of them similarly landing up at the Thorchain router. Some of these funds also went to a contract labeled "Metamask: Swap Router."
Railgun is a privacy wallet that lets users store tokens and use funds for decentralized financial services, such as lending and borrowing. These transactions are shielded, meaning the exact use of such funds is not known. On the other hand, Thorchain is a bridge that lets users freely swap tokens between different blockchains without the fear of getting their transfers blocked.
As such, addresses associated with the exploit may have moved over $32 million worth of ether using THORChain, as per estimates.
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/Y6LMCHNOAFCCXKQN7R5CUNQMWE.jpg)
The moving funds, coming soon before FTX founder and former chief executive Sam Bankman-Fried goes on trial, deepens one of the ongoing mysteries around the exchange's collapse last year. The identity of the party or parties behind the attack was never identified.
After the exploit, several addresses amassed various tokens, such as ETH and the dai (DAI) stablecoin, and swapped it all into 37,000 ether. The address held more than 288,000 ether at peak and was once the 35th-largest owner of the cryptocurrency, as previously reported.
Bankman-Fried was charged with two counts of wire fraud and five counts of conspiracy to commit various forms of fraud by federal prosecutors last year, weeks after stepping down from his role at FTX. He resigned the same day FTX filed for bankruptcy.
With reporting by Bradley Keoun.
:format(webp)/www.coindesk.com/resizer/BETd9o0r2OHtd2vT2ZqY9QPrJps=/arc-photo-coindesk/arc2-prod/public/ODFQHDRZFJG7XNVO7P6PUYMWS4.png)
Nikhilesh De is CoinDesk's managing editor for global policy and regulation. He owns marginal amounts of bitcoin and ether.
:format(webp)/s3.amazonaws.com/arc-authors/coindesk/6c6bb5af-692c-4fcf-9f8b-a75d0549effd.png)
Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.