Former engineer exposes Alameda's mishap: DeFi play rug pulled, loses $100 million to fake website
Aditya Baradwaj Adi, a former engineer at Alameda Research, a trading firm under FTX, has released the third article "The Hacks" after previously hinting at gradually revealing Alameda's story. In this article, he mentions an incident where Alameda made a mistake in the DeFi sector.
Looking back at Adi: Revealing the true face of SBF: A real experience of an Alameda engineer, what irresponsible behaviors did FTX exhibit in the past?
Table of Contents
The Key to Alameda's Rapid Growth: Ignoring Security and Accounting Standards
Adi pointed out that since the collapse of FTX/Alameda, there have been numerous reports of poor risk management by the two institutions, with current CEO John Ray describing it as "unprecedentedly bad."
Just how bad was it?
SBF believed that for Alameda and FTX, rapid growth was the top priority, leading them to overlook engineering codes and accounting standards typical of fintech companies.
While this approach did propel them forward at an astonishing speed, the downside was that they experienced major security incidents every few months. Adi cited three incidents as examples.
1. Trader Clicks on Fake URL on Google Search Page
Cost: $100 million
Post-analysis: Implement additional checks on internal wallet software
An Alameda trader accidentally clicked on a fake URL listed at the top of a Google search page while executing a DeFi trade, falling victim to a phishing attack.
2. Rug Pull in Liquidity Mining
Cost: $40 million
Post-analysis: Exercise more caution in selecting public chains and protocols
Alameda engaged in liquidity mining on a new public chain whose legality was in question, only to have the development team freeze their funds, leading to prolonged negotiations lasting several months.
3. API Key Breach
Cost: $50 million
Post-analysis: Move keys to a more secure storage system
Attackers forced withdrawals from the exchange to steal assets using leaked API keys and placed bad trade orders.
Adi believes it was likely a former employee who leaked the keys.
More Incidents at Alameda
Adi noted that there were numerous incidents at Alameda before he joined, such as with MobileCoin, and FTX had similar issues.
Insider: FTX traders leveraged MobileCoin trades, resulting in FTX losses of up to $1 billion
SBF seems unwilling to change the internal operations despite sacrificing risk management for rapid growth, even with frequent cybersecurity incidents.
Adi concluded at the end of the article:
This risky approach seems effective until proven otherwise.
Related
- Unable to withstand strict regulations! Bybit announces its exit from the French market, users must withdraw funds by August 13th.
- Coinbase Payments fined $4.5 million by the UK FCA for failing to prevent money laundering
- Unable to withstand regulatory pressure! OKX exits Nigerian market, users must withdraw funds by August 16th.