Bankman-Fried's FTX Could Have Lost Over $1B Due to Lax Security Practices: Report

Attackers were able to steal nearly $400 million worth of various tokens after FTX was hacked in November 2022. But it could have been worse.

AccessTimeIconOct 10, 2023 at 7:26 a.m. UTC
Updated Oct 10, 2023 at 11:49 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Lax security practices and the opaque nature of how business was conducted at crypto exchange FTX could have resulted in billions of dollars in losses when the platform was hacked last year, a new report by Wired claims.

Executives scrambled to move over $1 billion worth of various assets to different storage devices as the exchange was getting drained of funds, ultimately managing to save the majority of the money. This means a majority of the exchange’s entire balance was at risk of getting stolen, as per the report.

Accounts tied to FTX and FTX.US were drained on Nov. 11, 2022, mere hours after the company filed for bankruptcy and founder Sam Bankman-Fried resigned from the crypto empire he ran.

John J. Ray III, the CEO and Chief Restructuring Officer of the FTX Debtors, which handles the FTX bankruptcy proceedings, later said that $323 million in various tokens were hacked from its international exchange and $90 million from its U.S. platform.

As per an April filing, most funds held on FTX were held on hot wallets - or crypto storage that’s directly connected to public computers that access the internet, creating an attack vector.

The attackers, whose identity remains unknown, were likely able to gain access to the private keys – or a password that gives their holders access to that wallet – of FTX’s wallets and started to drain the funds.

But, after the bankruptcy, few in the team knew the exact number of wallets owned by FTX or where their private keys were located, per Wired.

The team watched accounts getting drained in real-time before Gary Wang, an FTX co-founder who is currently facing allegations of fraud alongside Bankman-Fried, was able to access some wallets and started to transfer funds out.

Wang managed to send Kumanan Ramanathan, an adviser to FTX from legal consultancy Alvarez & Marsall, some $500 million to a wallet on Ramanathan’s Ledger Nano, a hardware wallet. The draining of FTX funds stopped after this transfer.

The next day, Wang and Bankman-Friend transferred another tranche of $500 million to wallets supplied by crypto custodian BitGo. These steps ultimately helped the firm save over $1 billion that could have otherwise been lost.

Meanwhile, the entirety of stolen funds have been on the move in the past week, deepening one of the ongoing mysteries around the exchange's collapse last year.

Edited by Parikshit Mishra.



Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.