FTX Hacked: Hacker Identity Revealed by Kraken

FTX Advises Users to Delete App and Avoid Website

On the same day FTX, FTX US, and Alameda Research filed for bankruptcy, more than $600 million was reportedly drained from the cryptocurrency exchange. Many FTX users reported that their wallet balance showed $0. Shortly afterwards, FTX officials confirmed on Telegram that a hack was ongoing, warning all users to delete the app and avoid visiting the website due to a possible malware attack.

Source: FTX_Official (Telegram)

See also: SBF vs CZ War: What’s Happening with FTX and Binance?

Tether Blacklists Stolen USDT of the FTX Hack

A sizeable portion of the stolen funds contained USDT. After FTX’s announcement, Tether immediately blacklisted $31.4 million worth of USDT linked to the transactions. According to ZachXBT, a blockchain investigator widely trusted by the DeFi community, the blacklisted USDT were made up of $3.9 million USDT on Avalanche and $27.5 million USDT on Solana.

By blacklisting the stolen USDT, hackers will not be able to move them to other accounts or exchange them for other crypto. To compensate victims of the hack, Tether will burn the blacklisted USDT and reissue equal amounts of tokens to the original owner(s).

FTX Hack Speculated to be an Inside Job

Suspicions circulated on Twitter that the “hack” was a smokescreen for FTX insiders (possibly Sam Bankman-Fried himself) to run off with the funds. The timing of it all was too much of a coincidence to suggest an external attacker taking advantage of the situation.

A former senior FTX employee, quoted by Autism Capital, believed that it was impossible for someone outside of FTX to have so much root access so quickly, suggesting an inside job is highly likely. To corroborate this, FTX CTO Gary Wang was seen making major changes to FTX’s GitHub code, which implies that the source of the “hack” began there.

Dyma Budorin, co-founder and CEO of Hacken, also concurred that it was an inside job, albeit the “hacker” was inexperienced and sloppy.

Kraken Reveals Hacker Identity to be FTX Insider

The crypto community kept a close eye on the movement of the stolen funds, and discovered that one of the wallet addresses was linked to a Kraken exchange, where the hacker offloaded funds to a Tron wallet. This was a huge blunder for the hacker as Kraken holds know-your-customer (KYC) information of all registered accounts, allowing them to track down the wallet user.

As a result, Kraken CSO Nick Percoco announced on Twitter than they know the identity of the hacker, and are assisting law enforcement agencies with the investigation. Percoco later confirmed that the wallet indeed belongs to a verified account registered by FTX. Sam Bankman-Fried and FTX will be making a public statement regarding this issue.

To follow up on the investigation, Kraken has frozen accounts associated with the FTX Group and Alameda Research. They assured that they maintain full reserves and other Kraken clients are not affected.

The information provided in this article is intended for general guidance and information purposes only. Contents of this article are under no circumstances intended to be considered as investment, business, legal or tax advice. We do not accept any responsibility for individual decisions made based on this article and we strongly encourage you to do your own research before taking any action. Although best efforts are made to ensure that all information provided herein is accurate and up to date, omissions, errors, or mistakes may occur. 
Disclosure: Authors are invested in cryptocurrency projects and have cryptocurrency holdings - including those covered on this website. 

Stay Connected

15,500FollowersFollow
156,684FollowersFollow
268,000SubscribersSubscribe

Latest Articles