Neptune Mutual
Published in

Neptune Mutual

Taking a Closer Look at the FTX Hack

TL;DR

On November 12, 2022, over $477 million was reportedly stolen from FTX and FTX US in a suspected black hat theft, while approximately $175 million is believed to have been moved into secure storage by FTX.

Introduction to FTX

FTX is the cryptocurrency exchange, which filed for bankruptcy on November 11, 2022.

Vulnerability Assessment

The root cause of this heist is unknown at the moment. On the FTX support channel in Telegram, one of the FTX account administrators said that FTX applications were malware and that the FTX site could download Trojans.

Ryne Miller, the General Counsel for FTX stated that FTX was looking into unusual wallet movements related to the consolidation of FTX balances across exchanges.

He further mentioned that the company took precautionary measures and moved all of its digital assets to cold storage, which meant that the cryptocurrency wallet was no longer connected to the internet.

Steps

  1. One of the withdrawals to the drainer’s address revealed that approximately $26 million were swapped from Tether to DAI.

2. After exchanging USDT for DAI, the perpetrator further swapped $44 million worth of stETH for ETH.

3. The compromised assets include $278 million on Ethereum, $106 million on Solana, $89 million on BSC and $4 million on Avalanche totaling $477 million.

4. At the time of this writing, the drainer’s address holds around $314,809,774 worth of assets across multiple networks.

5. During this event, it is speculated that a portion of the funds were sent to a multisig address as part of a white-hat rescue operation.

6. On the Tron network, the alleged hacker also transferred funds to a newly created account where all FTX.US funds were also transferred.

Aftermath

It remains unclear whether all of the operations, including the transfer of funds, were done out by a hacker, an internal team member, or it could just be a part of the FTX’s bankruptcy proceedings to relocate the funds to a safer location.

The transfers took place on the same day the company filed for Chapter 11 bankruptcy protection in the United States after misappropriating billions of dollars in user funds. At this time, online rumors have circulated that an insider may have been responsible for the event, as opposed to an outsider.

Protocol, and Platform Security

Our security team at Neptune Mutual can validate your platform for DNS and web-based security, smart contract reviews, as well as frontend and backend security. We can offer you a solution to scan your platform and safeguard your protocol for known and unknown vulnerabilities that have the potential to have catastrophic long-term effects. Contact us on social media if you are serious about security and have the budget, desire, and feeling of responsibility to do so.

Reference Source

About Us

Neptune Mutual project safeguards the Ethereum community from cyber threats. The protocol uses parametric cover as opposed to discretionary insurance. It has an easy and reliable on-chain claim process. This means that when incidents are confirmed by our community, resolution is fast.

Join us in our mission to cover, protect, and secure on-chain digital assets.

Official Website: https://neptunemutual.com
Blog: https://blog.neptunemutual.com/
Twitter: https://twitter.com/neptunemutual
Reddit: https://www.reddit.com/r/NeptuneMutual
Telegram: https://t.me/neptunemutual
Discord: https://discord.gg/2qMGTtJtnW
YouTube: https://www.youtube.com/c/NeptuneMutual
LinkedIn: https://www.linkedin.com/company/neptune-mutual

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Neptune Mutual

Neptune Mutual

Neptune Mutual provides you with guaranteed stablecoin liquidity to reduce risk exposure by hedging against capital risks and smart contract vulnerabilities.