FTX Hack

    In November 2022, FTX was hacked, and nearly 300 million US dollars worth of various cryptocurrencies were stolen. The hack occurred after FTX's collapse, and the stolen money could have saved users' funds. The hacker's activities were tracked following the hack.

    Introduction

    Here is an analysis of one of the biggest hacks of 2022. A couple of major events took place in November 2022. In one case, FTX collapsed. On the other, the company was hacked after it collapsed. After the collapse of FTX, that money could have saved users' funds, but a few days later, a huge amount of money was stolen from FTX. This dashboard shows the wallet hacked from FTX for nearly 300M US dollars. As part of my analysis, I followed the hacker activities following the FTX hack.

    About FTX Hack

    The U.S. Department of Justice has reportedly launched a criminal probe into the alleged hack that drained nearly $400 million out of FTX-controlled wallets the night the Bahamas-based exchange filed for bankruptcy. Bloomberg first reported the news on Tuesday, citing persons familiar with the case. Between November 11 and the early hours of November 12, massive outflows of cryptocurrencies began moving out of FTX and FTX US’s wallets. Multiple FTX employees told Twitter sleuth ZachXBT that they didn't recognize the transfers.

    Over an hour after the suspected hack began, FTX General Counsel Ryne Miller tweeted that his company was “investigating abnormalities with wallet movements” and later pinned a message in FTX’s official Telegram support channel: “FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don’t go on FTX site as it might download Trojans.”

    Source

    db_img
    db_img

    Method

    I followed a transaction hash that showed 9500 ETH transferred from the FTX wallet to the FTX hacker address. Tx hash: 0x6580bf69c1ee28a1d8a4dec9b949272a449b1c58d91e6692ef34d9ea40fd9653. I extracted the hacker's address from the EZ ETH transfer and EZ token transfer tables and tracked its activities.

    All hacker addresses were labeled by Etherscan. On Etherescan, you can find 'FTX Accounts Drainer'. It appears that the hacker had more than one wallet, but all FTX transfers were to one wallet, and the main wallet distributed the funds to other wallets.

    Hack Overview

    Loading...
    Loading...
    Loading...
    Loading...
    Loading...
    Loading...
    Loading...
    Loading...
    Loading...
    Loading...

    FTX Hack

    The hacker, known as the FTX hacker, has stolen approximately 300 million US dollars worth of multiple tokens. The hacker began by stealing 12 million US dollars worth of ETH tokens, which were transferred to its wallet, and after that, All other tokens were transferred in less than 20 minutes. As a result of the stolen ETH and stETH, the hacker's wallet became one of the top 50 Ethereum wallet addresses.

    It is important to note that the theft of digital assets, including cryptocurrencies, is a significant concern for individuals, organizations, and the broader crypto community. Such incidents can result in financial losses for victims and harm the reputation and trustworthiness of the cryptocurrency ecosystem.

    In this case, the tokens stolen include ETH, BTC, stETH, USDT, PAXG, and others. The impact of the theft on the value of these tokens and the broader cryptocurrency market remains to be seen.

    Hacked Tokens

    At around 23%, ETH and stETH make up a significant portion of the stolen volume from the FTX hacker. Over 65 million US dollars worth of ETH and stETH were stolen by the hacker. PAXG made up the highest percentage of stolen tokens at 20% of the total volume, with 2 million PAXG tokens worth 62 million US dollars.

    The fact that the hacker targeted popular tokens like Matic, Link, WBTC, and AAVE is also notable. This could impact the market prices of these tokens if the hacker decides to sell them in large volumes. It's important to note that rumors suggesting the hacker may be familiar with FTX and potentially a member of the FTX team could have significant implications for the exchange and the broader cryptocurrency industry, as it raises concerns about internal security and trust.

    Overall, the FTX hack highlights the importance of implementing robust security measures to protect cryptocurrency assets and the need for increased regulation to prevent criminal activity in the industry.

    Hacker Transfers

    The hacker responsible for the FTX hack has multiple wallets labeled as FTX accounts drainer. These wallets have been involved in numerous transfers of various tokens, which could suggest an attempt to move the stolen assets to different addresses to avoid detection or blockage by specific platforms.

    While it's unclear what the hacker's ultimate motive is, the transfers could potentially be an attempt to sell the stolen tokens on other exchanges or through over-the-counter (OTC) trades. The fact that the hacker has multiple wallets indicates that they may be taking steps to conceal their activity and avoid detection.

    Top Platforms

    The FTX hacker has been selling stolen tokens on various decentralized platforms. The first platform used by the hacker was 1inch, where they sold a combined total of 70 million US dollars worth of Ldo, USDT, and stETH. The second platform used was Kyberswap, where the hacker sold 37 million US dollars worth of PAXG.

    It's important to note that the data only represents one of the hacker's wallets, and it's possible that they used other wallets to sell additional tokens on other platforms. The token amount sold by the hacker may not be known, but the data provides some insight into the hacker's strategy for liquidating the stolen tokens.

    The sale of stolen tokens on decentralized platforms can pose a challenge for regulators and law enforcement agencies, as the decentralized nature of these platforms can make it difficult to trace and recover stolen assets.

    Conclusion

    In summary, the FTX exchange was hacked, and the hacker stole multiple tokens, including ETH, BTC, stETH, USDT, and PAXG, with a total value of around 300 million US dollars. The hacker used 11 wallets to transfer the stolen assets, possibly bypassing blocked addresses and selling the tokens on different platforms. The hacker primarily sold tokens on 1inch and Kyber Swap, selling 107 million US dollars worth of tokens. The stolen tokens' significant value and potential impact on the market price emphasize the importance of security measures in the cryptocurrency industry.

    THANK YOU FOR READING

    Twitter: 0xhess

    Discord: hess#0890

    Publish Date: 2023/MAR/01

    db_img