October 10, 2023 at 09:31 GMTModified date: October 10, 2023 at 09:31 GMT
October 10, 2023 at 09:31 GMT

Weak security put FTX at risk of losing over $1bn

The FTX exchange is claimed to have had weak and neglected security practices that could have easily led to billion-dollar losses, according to Wired.

Weak security put FTX at risk of losing over $1bn

The now-defunct FTX exchange is claimed to have had weak and neglected security practices. This could have easily led to losses of over billion dollars, according to a new report by Wired.

In November 2022, accounts tied to FTX and FTX.US were drained of funds in an attack that ensued just a few hours after the company declared bankruptcy.

The CEO and chief restructuring officer of the FTX Debtors back then was John J. Ray III who later confirmed that $323million in various tokens were hacked from its international exchange and $90m from its US platform.

As revealed in an April filing, a majority of the funds on FTX were held on hot wallets. These are crypto storage that is directly connected to public computers that access the internet. While this has the advantage of easy instant deposits, withdrawals and transactions, they have a weak level of security.

It is believed that the hacker was able to gain access to the private keys or a password that gives their holders access to that of FTX’s wallets, allowing them to drain the funds.

Following the bankruptcy, there weren’t many in the team that knew about the exact number of wallets owned by FTX or where their private keys were located in order to tackle the attack.

Top executives were then involved as the team failed to do anything. The exchange continued losing funds until FTX co-founder Gary Wang was able to access some wallets and started to transfer funds out. He then tried to move various assets to different storage devices.

The draining of the FTX funds stopped only after Wang made a transfer to Kumanan Ramanathan some $500m to a wallet on Ramanathan’s Ledger Nano. The latter is an adviser to FTX from legal consultancy Alvarez & Marsall.

Another chunk of $500 was sent to wallets supplied by crypto custodian BitGo, after which, the firm was able to save over $1bn that could have otherwise been lost. As illustrated in the report, a majority of the exchange’s entire balance was at risk of getting stolen during this hack.

Interestingly, the wallet associated with this 2022 hack of the bankrupt FTX exchange shifted a lump sum in $ETH ahead of the SBF trial. The entirety of the stolen funds have been on the move in the past week.

On the other side of the story, former FTX CEO Sam Bankman-Fried (SBF) continues to plead not guilty as his trial wraps up its first week. The latest testimony given by Gary Wang revealed that a Python code was used to misrepresent the value of FTX’s insurance fund. The executive, who is also facing allegations of fraud alongside Bankman-Fried, has already pleaded guilty to committing financial fraud.

Further questioning by the prosecutors exposed the fact that the amount contained within the fund, which was proclaimed to be over $100m, was insufficient to cover the exchange’s losses. The real number was lower than the fake number that was advertised.

According to him, SBF’s repeatedly-made public claims about the exchange doing “fine” were not true too. “FTX was not fine. Assets were not fine, because FTX did not have enough assets for customer withdrawals”, said Wang.

The co-founder’s testimony also made clear the special treatment that Alameda Research received in many ways. While other companies with a line of credit couldn’t withdraw off the platform and the credit had to be used for collateral, the same was not true for FTX. Over time, the line of credit extended to Alameda also grew significantly, from $1m to $1bn, to finally, $65bn.