The hacking incident that took place in November, resulting in the theft of over $400 million from FTX and FTX US, may have a new twist. CertiK’s director of security operations, Hugh Brooks, suggests that the hacker, known as “FTX Drainer,” is capitalizing on the attention surrounding Sam Bankman-Fried’s fraud trial in order to further obscure the stolen funds.
The hacker began moving millions in Ether, acquired from the November attack, just days before the start of Bankman-Fried’s trial. This movement has continued throughout the trial, with the hacker transferring approximately 15,000 ETH (worth about $24 million) to three new wallet addresses over the past three days. Brooks speculates that the hacker may feel an increased urgency to conceal the assets due to the trial’s publicity.
According to Brooks, it is also possible that the hacker believed the trial would monopolize the attention of the Web3 industry, making it difficult to trace all the stolen funds while the trial was ongoing. This assumption could have given the hacker the confidence to carry out the movements.
FTX, once valued at $32 billion, declared bankruptcy on November 11, coinciding with the discovery of massive fund withdrawals from the exchange’s wallets. A report from Wired sheds light on the events of the attack. After realizing that the attacker had complete access to a series of wallets, FTX employees referred to the hacker as “the fox in the hen house” and immediately took action to protect the remaining funds.
Related Post
In an attempt to prevent the attacker from gaining the full amount stolen, the FTX team made the decision to transfer a substantial portion of the remaining funds, between $400 and $500 million, to a privately owned Ledger cold wallet. They also reached out to BitGo, the company responsible for custody of the exchange’s assets after bankruptcy. This move played a crucial role in thwarting the hacker’s attempt to seize a full $1 billion.
In recent times, the hacker has changed its method for obscuring the stolen funds. On November 21, they attempted to launder the funds using a “peel chain” technique. This involved sending decreasing amounts of funds to new wallets and “peeling” off smaller amounts to additional new wallets. However, the hacker has now adopted a more advanced approach to obscure the transfer of the illicit assets, as outlined by Brooks.
The funds stored in the original Bitcoin wallet are now distributed across multiple wallets, with smaller divisions of funds being transferred to a series of additional wallets. This tactic significantly prolongs the tracing process, making it more challenging for investigators to identify the ultimate destination of the funds.
Brooks acknowledges that they have yet to identify any individuals or groups responsible for the FTX hack, and investigations are still ongoing. The complexity and sophistication of the hacking operation require thorough examination to uncover any leads that could lead to the culprits behind the attack.
As the FTX hacker continues to exploit the hype around Sam Bankman-Fried’s fraud trial, the challenge to track and recover the stolen funds intensifies. The movements of the hacker in recent days reveal a concerted effort to obfuscate the assets further. It remains crucial for law enforcement agencies and cybersecurity experts to collaborate and employ advanced technologies to counter these criminal activities in the cryptocurrency space.
