Cryptic Moves: FTX Hack Saga

Martin Walker
Oct 13, 2023 at 07:52 am

Unknown cyber activists, possibly affiliated with an enigmatic group, have initiated substantial transfers of pilfered assets from the now-defunct FTX exchange. Interestingly, these transactions seem to have been timed to coincide with the commencement of the trial of FTX founder Sam Bankman-Fried, adding an intriguing layer of drama to the unfolding events.

The stolen assets, a staggering sum of 72,500 Ether (ETH), each valued at approximately $1,547, have suddenly become active once more, stirring from a prolonged slumber since the infamous hacking incident that took place in November 2022. This revelation comes to light thanks to the diligent investigation conducted by the esteemed blockchain analytics firm, Elliptic, on October 12.

Elliptic sheds light on the subsequent actions of the elusive hacker, who has meticulously converted a significant portion of the stolen ETH, approximately $120 million in value, into Bitcoin (BTC), each BTC valued at $26,877, through the utilization of the multichain decentralized exchange THORSwap since the last day of September in the year 2023. Intriguingly, the hacker then artfully navigated the labyrinth of the cryptocurrency world, directing the ill-gotten gains to the sanctioned cryptocurrency mixer Sinbad, previously known by the moniker Blender, as outlined in their meticulously detailed report.

Notably, these initial conversion transactions were deftly executed in the days immediately preceding the commencement of Bankman-Fried's trial on the third day of October. This curious timing adds a layer of mystique to an already complex narrative. At the time of the initial cyber onslaught, the converted amount was valued at a significant $87 million, constituting a noteworthy 18% of the overall stolen funds, a total amounting to an eye-watering $477 million.

In a curious twist, the FTX hacker has seemingly employed a comparable money laundering tactic to the one utilized during the harrowing events of November 2022. Back then, the perpetrator adroitly converted 65,000 ETH, an equivalent of $100 million, to BTC through the sophisticated cross-chain bridge RenBridge. Interestingly, THORSwap, the very platform that facilitated the recent and notable ETH-BTC conversion, abruptly halted swaps on the sixth day of October, ostensibly taking a proactive stance to seek a sustainable solution, perhaps to deter any future illicit transactions on its platform.

"The 180,000 ETH that remained untouched and unconverted to Bitcoin through RenBridge lay dormant, undisturbed until the early hours of September 30, 2023, at which point its value had surged significantly to an astonishing $300 million," elaborated Elliptic in their comprehensive and insightful report.

Daily number of transactions involving FTX stolen assets. Source: EllipticDaily number of transactions involving FTX stolen assets. Source: Elliptic

Additionally, Elliptic underscored the financial loss incurred by the FTX hacker, amounting to a staggering $94 million, in the frenetic days that followed the initial hack. The attacker, evidently in a rush to legitimize the stolen funds, resorted to utilizing various decentralized exchanges, cross-chain bridges, and mixers, employing an elaborate strategy to cover their tracks.

As we approach the anniversary of this audacious cyber attack, the identity of the FTX thief remains an enigma, adding an air of suspense and intrigue to the narrative, as meticulously outlined by Elliptic. The blockchain analytics firm has put forth three plausible entities that could be intertwined with the FTX theft: the possibility of an inside job involving FTX personnel, the ominous presence of the Lazarus Group hailing from North Korea, or the involvement of shadowy criminal organizations with apparent ties to Russia.

"Amidst the chaos that enveloped the company, plunging it into a state of bankruptcy and eventual collapse, certain FTX employees held the keys to the kingdom, so to speak, with access to the business's crypto assets for operational necessities. In this turbulent and uncertain environment, it is conceivable that an internal actor could have exploited this access and made off with these valuable assets," underscored the report from Elliptic, providing a compelling backdrop to this ongoing saga.

You might also like: Bitcoin's Price Dynamics and Market Speculations

Related News

Sign up for daily crypto news in your inbox

Get crypto analysis, news and updates right to your inbox! Sign up here so you don't miss a single newsletter.