FTX loses funds! Multiple Twitter personalities warn that FTX App has been hacked, funds have been liquidated: Delete the app for security reasons.
Currently, it is unclear about the actual situation at FTX, updates will continue.
Table of Contents
Large Amount of Suspicious Outbound Transactions, Hackers Traced and Marked with Traceable Tweet Thread
Starting from 10:47 on 11/12, @0xfoobar discovered millions of dollars' worth of assets flowing out of the FTX wallet in a fast and frequent manner, which was highly unusual; some withdrawn funds were even converted from USDT to DAI on decentralized exchanges. He suspected that these events were due to a hacker incident or internal misconduct. Some transactions even left behind messages of hatred.
The Ethereum address 0x59AB...32b, marked as "Heist," has assets worth $158 million. Looking at all on-chain assets, this address has accumulated $368 million in assets.
Additionally, some coins were transferred from 0xd801...969 to 0x97f9...E5c. Security firm PeckShield stated that the address 0xd801...969 appears to have received funds from Binance US, while 0x97f9...E5c is controlled by a multi-signature smart contract requiring multiple addresses to sign for execution, indicating a possible behavior of sheltering some funds.
On-chain data company @lookonchain has compiled a list of hacked funds here.
Community Urges Against App Updates, Avoiding Websites: Delete Apps Quickly
@0xfoobar warned that accepting app updates may trigger malicious code leading to losses, urging for immediate app deletion and to avoid visiting websites, suspecting that developer accounts may have been compromised.
Furthermore, Rey, an administrator on FTX's official Telegram channel, indicated that FTX was hacked, all funds seem to be gone, and these apps are harmful, advising to delete them and not to visit FTX's website.
Conspiracy Theories: Shifting Blame to Hackers, Internal Theft
VC Adam Cochran believes that due to the need for "private keys, website root level, and app release keys," this might be an internal hacker incident:
This has to be an insider hack.
Private key, root level on website, and publisher key access to the apps?
There is no way that was sitting on one connected hot system?
— Adam Cochran (adamscochran.eth) (@adamscochran) November 12, 2022
Some even speculate that this is to shift part of the blame to hackers to evade legal and public scrutiny:
Translation:
Legally speaking, half of @SBF_FTX’s burden would be on this “hacker” now, implying he has every reason to orchestrate this final rug pull to save himself https://t.co/JnrllQhcKu
— Jason Choi (@mrjasonchoi) November 12, 2022
FTX Only Retweets Tweets from Legal Advisors
Regarding this incident, FTX official only retweeted a post from FTX legal advisor Ryne Miller stating:
"Investigating abnormal activities in these wallets, information will be disclosed soon."
Investigating abnormalities with wallet movements related to consolidation of ftx balances across exchanges – unclear facts as other movements not clear. Will share more info as soon as we have it. @FTX_Official
— Ryne Miller (@_Ryne_Miller) November 12, 2022
Subsequently, FTX legal advisor Ryne Miller acknowledged unauthorized transactions:
"In accordance with Chapter 11 bankruptcy procedures, funds from FTX US and FTX com have started moving to cold storage as a precautionary measure.
This process is now accelerating to mitigate the damage caused by unauthorized transactions."
As Ryne Miller described it as unauthorized transactions, it is unclear whether they were external or internal actions.
Following the Chapter 11 bankruptcy filings – FTX US and FTX [dot] com initiated precautionary steps to move all digital assets to cold storage. Process was expedited this evening – to mitigate damage upon observing unauthorized transactions.
— Ryne Miller (@_Ryne_Miller) November 12, 2022
Several former FTX employees have stated that they are unaware of these fund movements:
Multiple former FTX employees confirmed to me they do not recognize these transfers for ~$383m https://t.co/YcqT0jrqIQ
— ZachXBT (@zachxbt) November 12, 2022
Related
- Beware of Dogecoin Scams! Stolen before doubling, cybersecurity experts warn of security issues on Dogecoin websites
- TON loses assets? Telegram Wallet rumored to lock funds with 50% annualized coin earning, customer service only responds with canned messages
- Security Alert: Many phishing scams on Telegram, accounts may also disappear directly