FTX to give a 'one-time' $6M compensation to phishing victims

Cryptocurrency exchange FTX will provide around $6 million in compensation to victims of a phishing scam that allowed hackers to conduct unauthorized trades on certain FTX users’ accounts. 

FTX founder and CEO Sam Bankman-Fried posted in a Twitter thread on Oct. 23 that the exchange generally doesn’t award compensation to its users “phished by fake versions of other companies in the space” but in this case, it would compensate users.

Bankman-Fried said that this was a “one-time thing” and FTX would “not do this going forward.”

“THIS IS NOT A PRECEDENT,” he wrote, clarifying it was only the accounts of FTX users that would be reimbursed.

14) But this once, we'll do it; roughly $6m total.(To be clear, only for FTX accounts! Hopefully other exchanges will comp theirs.)BUT AGAIN NOT A PRECEDENT, WE WILL NOT GOING FORWARD.

— SBF (@SBF_FTX) October 23, 2022

The recent phishing attack saw attackers gaining user account application programming interface (API) keys which allowed them to conduct unauthorized trades with their crypto exchange accounts.

The attack came to light on Oct. 21 after 3Commas said it was alerted that some of its users had unauthorized trading activity.

After an initial investigation, FTX and 3Commas then suspended the suspicious accounts to avoid further losses and disabled all compromised API keys.

Related: Mango Market exploiter brags after rug pulling Mango Inu 'shitcoin'

On Oct.19 Bankman-Fried published a blog post detailing his thoughts on crypto regulation that included a proposal he dubbed the “5-5 standard” where hackers keep either $5 million or 5% of the amount they’ve stolen, whatever is smaller.

In his most recent tweet thread, he thought it time to try his newly thought-up standard, imploring the hacker to send back 95%, around $5.7 million, of the stolen funds within 24 hours, saying “we’ll absolve them.”

October has been dubbed “hacktober” by the crypto community as Chainalysis revealed on Oct. 13 that October 2022 has been the “biggest month” ever for hacking activity, despite the report coming out not even halfway through the month.

At the time of the report around $3 billion had been exploited through over 125 separate incidents since the start of the month.

4 tips to avoid phishing attacks   Nov. 23, 2020
5 sneaky tricks crypto phishing scammers used last year: SlowMist   Jan. 10, 2023
'Haunts me to this day' — Crypto project hacked for $4M in a hotel lobby   Feb. 7, 2023
MetaMask issues scam alert as NameCheap hacker sends unauthorized emails   Feb. 13, 2023
Top 7 cybersecurity jobs in high demand   Feb. 26, 2023