FTX hacker still draining exchange wallets? Analyst calls it on-chain spoofing

Published at: Nov. 15, 2022

The FTX hacker that drained over $450 million worth of assets just moments after the doomed crypto exchange filed for bankruptcy on Nov. 11, continues to drain assets from the exchange, four days after the hack was first flagged.

Crypto analytic firm Certik in a Tweet noted that the hacker wallet is still draining crypto assets from the wallets associated with the FTX and FTX.US. The FTX hacker wallet currently holds $62 million worth of assets.

Since Nov. 12 the hacker wallet has received and swapped 3.2 billion meme tokens and sent 2.8 billion of these tokens to popular addresses. These meme tokens mostly comprised profanity tokens such as FTX Sucks, F*ck FTX, CRO Next and more.

A crypto analyst who goes by the Twitter name of ZachXBT claimed the recent movement of funds is just on-chain token spoofing. The analyst claimed that Etherscan transfer logs can be spoofed and the recent movement of funds in the FTX hack saga is one example of that.

The ERC-20 standard transfer and transferFrom functions can be modified to allow any arbitrary address to be the sender of tokens, as long as this is specified within the smart contract, resulting in a token being transferred from a different address than the one that initiated the transaction.

These tokens can be sent to any address and then sent out of that address (to any other address), without the address owner having any control of those tokens. If you open the transaction and see “sent from,” it will show a different address.

As Cointelegraph reported on Nov, 12, the hack was flagged right after FTX announced bankruptcy. At the time, out of the $663 million drained, around $477 million were suspected to be stolen, while the remainder is believed to be moved into secure storage by FTX themselves.

The wallet owner was found swapping $26 million Tether (USDT) to Dai (DAI) via 1inclh and approved Pax Dollar (USDP) — a Paxos-issued stablecoin — for trade on CoW Protocol. The wallet also approved transfers and sales of other cryptocurrencies, including Chainlink (LINK), Compound USDT (cUSDT) and Staked Ether (stETH).

The fact that hackers managed to drain assets from FTX global and FTX.US at the same time, despite these two entities being completely independent, became a hot topic of discussion raising speculations about it being an insid job

Certik's director of security operations Hugh Brooks told Cointelegraph that on-chain evidence points strongly toward that possibility:

"Sticking to onchain evidence, unless there was a private key compromise (of which there is no evidence of at current) then we can’t rule out that someone with access to the FTX Exchange and FTX US wallets moved the funds into the black hat wallets”

Kraken’s chief security officer Nick Percoco later Tweeted that they were aware of the user’s identity but did not share any more information publicly. Certik told Cointelegraph that Percoco might be referring to the white hack involved in moving the funds to cold wallets.

Tags
Blockchain
Trading
Business
Cryptocurrencies
Tokens
Sam Bankman-Fried
Ftx
Related Posts
Tribulations and triumphs: The biggest surprises in crypto of 2022
2022 saw the fall of many linchpin crypto and blockchain firms as the May market drawdown shook the industry. It caused many cryptocurrencies to lose value and many investors to pull their money from the market. Furthermore, the unprecedented knock-on effects of the meltdown exposed many blockchain and cryptocurrency firms that were ill-prepared for turbulent times. However, a collective of companies was able to resist negative market forces and grow amidst the turbulence. The crypto market as a whole continues to grow and has now reached 320 million users. As we look back on a year full of surprises, we …
Decentralization / Jan. 3, 2023
What is Avalanche Network (AVAX) and how does it work?
What is Avalanche Network (AVAX)? Launched in 2020 by Ava Labs, Avalanche is a blockchain platform that is smart contract-capable. Avalanche aims to deliver a scalable blockchain solution while maintaining decentralization and security, focusing on lower costs, fast transaction speeds, and eco-friendliness. Avalanche quickly became popular in the cryptocurrency space, with Avalanche TVL currently worth $8.41 billion and still rising across Avalanche decentralized applications (DApps). Avalanche is powered by its native token Avalanche (AVAX) and multiple consensus mechanisms. With Avalanche, users can create an unlimited number of customized and interoperable blockchains. To operate a blockchain on the Avalanche coin, AVAX, …
Technology / Feb. 12, 2022
Bahamian securities regulator ordered the transfer of FTX’s digital assets
The Securities Commission of The Bahamas (SCB) said it had ordered the transfer of all digital assets of FTX Digital Markets (FDM) to a digital wallet owned by the commission on Nov. 12. In a Nov. 17 statement, the SCB said it exercised its power as a regulator acting under the authority of a Supreme Court order — moving the assets to a “digital wallet controlled by the Commission, for safekeeping.” Securities Commission of The Bahamas Assumes Control of Assets of FTX Digital Markets Ltd. pic.twitter.com/IzW4PGZSJm — Securities Commission of The Bahamas (@SCBgov_bs) November 18, 2022 SCB justified last week’s …
Blockchain / Nov. 18, 2022
What is opportunity cost? A definition and examples
Opportunity cost, explained Opportunity cost is a concept in economics that refers to the value of the next best alternative that is forgone when making a choice — i.e., the cost of the best alternative that is not chosen. Consider the scenario when you have a limited budget and are debating between buying a new laptop or going on vacation. The value of the vacation you could have taken with the same amount of money would be the opportunity cost if you decide to buy the laptop. Similarly, if you decide to take the vacation, the opportunity cost would be …
Decentralization / March 1, 2023
FTX presentation shows 'massive shortfall' in firm's assets
Bankrupt cryptocurrency exchange FTX has revealed a "massive shortfall" in its digital asset and fiat currency holdings with billions worth of customer funds missing from both the exchange and its United States-based arm, FTX US. On Mar. 2 the exchange released a presentation showing FTX had $2.2 billion in exchange wallets and fiat accounts of which $694 million consisted of the most liquid "Category A Assets" that include cash, stablecoins, Bitcoin (BTC) and Ether (ETH) priced at the latest spot prices. Only $191 million of total assets were located in the wallets of the accounts associated with FTX US, in …
Blockchain / March 2, 2023