FTX Arena Miami showing stolen crypto

FTX Claims $415 Million of Stolen Crypto Taken in Hacks on Its Exchanges Since Nov 11

With disgraced former leader Sam Bankman-Fried now separated from the company, the current leadership of FTX say that it has been able to recover over $5 billion in assets but that there is a total of about $415 million in stolen crypto that appears to have been lost to hacks on its exchanges.

After Bankman-Fried stepped down in November 2022, recovery specialist John J. Ray III (who also oversaw the Enron recovery) was put in charge of a team of bankruptcy attorneys tasked primarily with cleaning up the mess left by the previous administration and recovering whatever assets possible. Ray has testified to Congress that FTX was in the worst shape he had ever seen in his long career and that its prior executives were incompetent in management of finances at best and were likely compromised.

Stolen crypto accounts for some of remaining FTX shortfall

FTX is estimated to be short about $8 billion in funds belonging to its clients. The recovery team says that it has recovered about $5 billion of that at this point, but that a significant portion of the remaining shortfall is due to almost half a billion in stolen crypto thought to have been taken from various exchanges by hackers since the bankruptcy was filed and the recovery effort began in November. FTX says that most of this, about $323 million, had been stolen from the company’s international exchange but that an additional $90 million had been taken from the United States exchange.

There is some optimism about making FTX’s former clients whole at some point in the near future, as the company says that in addition to the recovered funds it has plans drawn up to sell $4.6 billion in nonstrategic investments and has received approval to explore the sale of its affiliates such as Embed and LedgerX. However, the full amount of damage to customers is not yet clear as internal records are still being investigated; the $8 billion total is an initial estimate. Bankman-Fried, who has not had access to company records since he stepped down in November, claims that the recovery team is overestimating the amount owed to clients and that his “best guess” is that the company owes clients between $181 million and $497 million.

Bankman-Fried was indicted in Manhattan federal court in December on two counts of wire fraud and six counts of conspiracy, and has a trial slated for October 2023. After returning to the US in December following a brief period of initial custody in the Bahamas, Bankman-Fried was released on $250 million bond to his parents and confined to their Palo Alto residence for the time being. When he goes to trial, he will face charges that his company knowingly used customer funds on deposit to pay off associated hedge fund Alameda Research’s debts and concealed its true financial condition from investors.

Stolen crypto likely lost in November data breach

At the same time that Bankman-Fried was stepping down and the company was filing for bankruptcy, some FTX customers began to notice unauthorized transactions posting in their accounts. This turned out to be a breach that resulted in hundreds of millions in stolen crypto, which was traced to crypto mixing services on November 20. About $280 million of the stolen crypto was successfully converted to ether by the thieves, but about $477 million was initially taken in total. Alameda Research also saw about $2 million in crypto taken during this period.

In addition to the moves being made to sell off company assets, the FTX executives have indicated that Bankman-Fried’s mansion in the Bahamas might be sold specifically to cover a portion of the stolen crypto losses. The mansion has been valued at about $253 million. Founded in May 2019, FTX rocketed to the top of the crypto world by 2021 and was valued at $32 billion at its peak. Bankman-Fried’s personal net worth shot to $26 billion at its peak, which temporarily made him the 60th richest person in the world; after the FTX bankruptcy was declared he was considered to have no material wealth whatsoever.

The argument that Bankman-Fried has tried to advance in a series of public interviews has basically been that he was well-intentioned but in over his head, not fully aware of what was happening and what the implications were. That argument suffered a severe blow when former Alameda Research CEO Caroline Ellison pled guilty to assorted related charges and agreed to cooperate with federal investigators, with courtroom testimony unsealed in late December indicating that she and Bankman-Fried were aware that what they were doing was fraud.

Given the general shaky circumstances of the whole case, and the fact that the stolen crypto has yet to be attributed to an attacker, some security researchers are raising natural questions about whether the supposed “hack” was actually a last-minute attempt by insiders to embezzle some wealth before the company was closed up to them. Dr. Ilia Kolochenko, Founder/CEO and Chief Architect at ImmuniWeb, feels that this is absolutely a rational possibility: “Whilst an external intrusion is theoretically possible, I would be prudent when relying on such claims. In view of the notorious context, we may actually have at least three interrelated hypothesis: (i) a genuine data breach by unknown cyber threat actors, (ii) a sophisticated embezzlement of funds disguised as an external data breach, (iii) an external data breach facilitated by malicious insiders not necessary affiliated with the FTX management. Therefore, a scrupulous investigation by a competent and independent cybersecurity company is required prior to making any conclusions.”