The crypto assets appear to have disappeared from FTX, according to Elliptic. The tokens were quickly converted to ether, the second-largest cryptocurrency, a popular technique used by hackers to prevent their funds from being seized.
“They certainly moved, we don’t know whether that was with permission or not — that’s not something we can determine from the blockchain alone,” Tom Robinson, co-founder of Elliptic, said in an email.
On Saturday afternoon, the chief security officer at another major exchange, Kraken, said that a verified account on its platform had been used in the breach.
“We know the identity of the user,” Kraken’s Nick Percoco tweeted. He said that a statement from FTX was expected soon.
Meanwhile, a prominent crypto investigator, known online as ZachXBT, said he had tracked two accounts that were moving funds — the hacker and one at FTX that tried to stem the damage.
“The attacker withdrew assets from FTX/FTX U.S. and began selling them for assets that can’t be frozen,” ZachXBT wrote in a message to The Washington Post. “It appears FTX employees then began to save the remaining assets.”
Some crypto entities were able to freeze the hacked assets, making them unusable, he added. Tether, the coin pegged to the U.S. dollar, was able to freeze about $31 million.
In his view, it remains unclear whether the attacker was a person with inside knowledge of FTX’s systems. The blockchain — the digital ledger used in the analysis — does not on its own offer clearly identifying data. Some experts have noted that when a company winds down operations quickly, security can be left weakened, aiding opportunistic hackers.
While FTX did not directly respond to The Post for comment right away, Miller later tweeted a statement on behalf of new chief executive John J. Ray III that the company’s executives “continue to make every effort to secure all assets, wherever located.”
“We have been in contact with, and are coordinating with law enforcement and relevant regulators,” Ray added.
Miller had tweeted earlier Saturday that the exchange had “initiated precautionary steps to move all digital assets to cold storage.” Cold storage refers to crypto wallets that are not connected to the internet to guard against hackers. The firm is “investigating abnormalities with wallet movements,” but the facts remain “unclear” and FTX will “share more info as soon as we have it,” he wrote.
FTX appeared to have verified rumors of a potential hack on the exchange’s Telegram channel and has asked customers to stay off the firm’s website and delete FTX apps, CoinDesk reported.
The Post could not confirm the details of message in the firm’s private Telegram channel.
Sam Bankman-Fried, the co-founder and chief executive of FTX, resigned Friday after the exchange he founded had gone from being an industry giant valued at $32 billion to facing collapse.
Amid the crisis, some critics have called for tighter government scrutiny on crypto companies, which have largely avoided regulation. They say that could have helped prevent situations like that at FTX, which is now the subject of a slew of questions about a lack of separation between the exchange and Bankman-Fried’s trading firm, Alameda Research.
On Saturday, Treasury Secretary Janet L. Yellen said she agreed with the criticism.
“In other regulated exchanges, you would have segregation of customer assets,” she told Bloomberg News. “The notion you could use the deposits of customers of an exchange and lend them to a separate enterprise that you control to do leveraged, risky investments — that wouldn’t be something that’s allowed.”
Go to Publisher: Technology
Author: Lauren Kaori Gurley