Mysterious robbers stole hundreds of millions of dollars from FTX just before the company was about to collapse. Blockchain study of cryptocurrency may give a solution.
Cryptocurrency has always provided an interesting mix of temptations and difficulties for those trying to steal it. It is an attractive target since it is digital cash housed in multibillion-dollar quantities on hackable, internet-connected networks. However, once taken, the blockchains on which practically every cryptocurrency is based allow for tracking the money’s every step and, in many cases, identifying the culprits. So, after a massive heist pulled nearly $500 million in funds from the already collapsing FTX cryptocurrency exchange yesterday, the world’s crypto tracers are now closely tracking where that loot ends up—and looking for any clues that reveal the thief was an FTX insider or simply an opportunistic hacker.
FTX’s remaining reserves were drained of more than $663 million in cryptocurrency, much of which appears to have been stolen, hours after the big cryptocurrency exchange filed for bankruptcy in the aftermath of its dramatic, 10-figure collapse. “FTX has been hacked,” an administrator posted on the FTX Telegram channel. “FTX applications are malicious. Remove them.” It’s unclear how FTX was stolen or whether its applications were affected, and the company hasn’t formally reported any theft. However, in a tweet, the company’s US general counsel stated that “unauthorized access to some assets has happened.”
Elliptic, a crypto-tracing and blockchain research service, soon showed that the $663 million outflow appeared to be a mix of FTX’s moving of coins into its own storage wallets and an unknown theft. According to Elliptic, all $477 million of the assets appear to have been taken, however TRM Labs, another cryptocurrency-tracing outfit, estimates the figure at $338 million. Twenty-four hours after the heist, most of the money had been transferred to a handful of cryptocurrency addresses, where the whole crypto-tracing business, a wide community of amateur crypto sleuths, and no doubt law enforcement organizations all over the world are now keeping a close eye.
That observability, for the FTX monies and other stolen crypto stashes, provides a significant obstacle for any crook attempting to pay out their hoard into traditional currency. In this case, where regulators and an army of enraged creditors are looking for any indication that FTX’s employees or owners were the perpetrators, it could eventually help confirm that insiders were responsible for the theft—or show that external hackers took advantage of the chaos at FTX to commit a burglary.
At least $220 million in stolen cash in the form of several cryptocurrencies were immediately converted into the cryptocurrencies ether and dai using decentralized exchanges—trading systems that let users can shift coins without providing identifying information. However, paying out those coins and the remainder of the stolen treasure will almost certainly need exchanging it on a controlled exchange, which nearly usually necessitates users providing identifying information. The criminals may attempt to launder the money by mingling it with coins from other users via a “mixing” service. However, crypto tracing blockchain experts have demonstrated that they can frequently overcome such mixers, especially when consumers pour extremely significant quantities into them.
Meanwhile, many other cryptocurrency enthusiasts have been keeping a close eye on one Ethereum address, which is now holding roughly $192 million in money. The account has been transferring modest amounts of Ethereum-based tokens, some of which appear to be worthless, to a number of exchange accounts, as well as Ethereum founder Vitalik Buterin and Ukrainian cryptocurrency fundraiser accounts. However, crypto experts believe that these transactions are more likely intended to confuse law authorities or other observers before any actual attempt to launder or cash out the money.
The theft of FTX, whether it totals $338 million or $477 million, is hardly an unusual haul in the realm of cryptocurrency crime. Cryptocurrencies tracking led to the arrest earlier this year of a New York couple suspected of laundering $4.5 billion in cryptocurrency.
However, in the instance of the high-profile FTX robbery and the exchange’s general demise, tracing the misdirected cash might help lay to rest—or confirm—swirling suspicions that someone within FTX was responsible for the theft. Sam Bankman-Fried, the company’s Bahamas-based CEO who resigned Friday, lost nearly his entire $16 billion fortune in the collapse. According to an unsubstantiated claim, he and two other FTX officials are “under surveillance” in the Bahamas and are not permitted to leave.
As speculation mounts about whether—or to what extent—own FTX’s management was responsible for the theft, the case has begun to resemble, more than any recent crypto heist, a very old one: the theft of a half billion dollars’ worth of bitcoins from Mt. Gox, the first cryptocurrency exchange, discovered in 2014. In that case, blockchain research performed by cryptocurrency tracing startup Chainalysis, in collaboration with law enforcement, assisted in pinning the theft on external hackers rather than Mt. Gox’s own employees. Eventually, in 2017, a Russian man named Alexander Vinnik was caught in Greece and convicted of laundering the stolen Mt. Gox assets, exonerating Mt. Gox’s troubled leaders.
It is unclear whether history will repeat itself and bitcoin tracking will reveal the innocence of FTX’s workers. But, with more eyes than ever scouring the blockchains of the cryptocurrency economy, it’s a safer bet that the mystery behind the FTX heist will be solved sooner or later.
