Cybersecurity Analysis of the FTX Crypto Heist: Part OneHow Millions of Dollars Went Missing and Where They Are Now
The recent FTX financial meltdown marked the biggest scandal in cryptocurrency this year, possibly in all of global fintech. It began when one of the world's biggest crypto exchange platforms, considered an industry stalwart even at the beginning of this month and backed by top venture capitalists, filed for bankruptcy, citing a "liquidation crisis."
The company also paused all transactions on its platform, leaving thousands of customers and millions of dollars in the lurch. FTX founder Sam Bankman-Fried faces allegations of fund misappropriation and a failed acquisition by Binance (see: Unauthorized Transactions' Lead to Missing Funds at FTX).
To add to this series of unfortunate events, hours after the company filed for bankruptcy protection in the United States, the company's new CEO, John Ray, says an attacker gained unauthorized access to "certain assets" and that the company was "moving as many digital assets as can be identified to a new cold wallet custodian."
In the first installment of a two-part interview with Information Security Media Group, Hugh Brooks, director of security operations at web3 security firm CertiK, discusses:
- How hundreds of millions of dollars in cryptocurrency were drained from the bankrupt trading platform;
- Where the funds currently are;
- Why it may be tough to off-ramp the stolen funds and how law enforcement can intervene.
Brooks also shares how this incident reflects on the overall security of the web3 industry, what it means for the cybersecurity of exchanges that were exposed to FTX, how new regulations could help curb such cases in the future, the role of decentralization for cybersecurity and best practices for crypto exchanges.
In Part 2 of the interview, Brooks discusses what happened to FTX data and how authorities can untangle this heist.
Brooks, who leads security operations at CertiK, is a product director, senior manager and consultant on technology development and deployment for cryptocurrency, data, social media and cybersecurity.