FTX Hacker Panicked, Still Holds $339M in Ether, Cryptos
The mysterious looter of bankrupt crypto exchange FTX, who
is likely an insider according to a blockchain expert, holds $339 million of
digital assets that they drained from the exchange late Friday, according to
crypto intelligence platform Arkham Intelligence.
Arkham found that the wallets associated with the exploiter
hold $215 million in ETH, the native token of the Ethereum blockchain, $48
million in Maker’s stablecoin DAI, $44 million in BNB, the Binance ecosystem’s
native token, $4 million in Tether’s USDT stablecoin on the Avalanche
blockchain and $3.8 million of MATIC on Polygon’s Matic bridge.
Some $20 million in PAXG, a Paxos stablecoin linked to the
price of gold, was frozen when Paxos was ordered to blacklist the accounts by
U.S. authorities, preventing the holder from moving or cashing out the tokens.
Late Friday night, the insolvent crypto exchange FTX of Sam
Bankman-Fried, suffered suspicious outflows exceeding $600 million, as CoinDesk
reported. One entity at the center of the exploit siphoned off about $400
million from the exchange’s crypto wallets. The attack came after FTX, and the
other 137 firms of Bankman-Fried’s crypto conglomerate, filed for bankruptcy
protection the same day.
The hacker acted hastily based on their behavior on the
blockchain, according to Arkham’s report. They used various decentralized
exchanges to convert tokens, including UniSwap, 1inch and CowSwap, and
struggled to dump coins such as MATIC, LINK and PAXG divided into smaller
amounts to prevent losses from slippage.
After tracing the attacker’s blockchain transactions, Arkham
found that they “appeared to be in panic” and “lost a large amount of their
token holdings” when they moved assets across different chains to avoid getting
caught. In a likely attempt to consolidate their holdings, they also converted
tokens to ETH and DAI on the Ethereum network, movements that cannot be easily
sanctioned by authorities.
“It is becoming clearer by the day that the FTX exploiter is
not very sophisticated,” Miguel Morel, chief executive of Arkham Intelligence,
told CoinDesk. “They've hastily tried to do whatever they can with the funds,
seemingly without much of a plan.”
The attacker also seemingly committed at least one amateur
misstep. They flippantly tapped their verified personal account on crypto
exchange Kraken to send enough TRX tokens to cover transaction fees, according
to Dyma Budorin, CEO of blockchain security audit firm Hacken.
The unsophisticated maneuvers imply that there may be some
hope to reclaim the funds the hacker took.
“I think it's only a matter of time before they're
discovered due to their use of various off-ramps, and at that point it will
just be about recovering the funds,” Morel said.
Comments
Post a Comment