Unfolding the Wormhole Exploit
Learn about the hack on Wormhole and how the team counter-exploited the attacker.
Playing the video that you've selected below in an iframe
Over $477 million was reportedly stolen from FTX and FTX US in a suspected black hat theft.
On November 12, 2022, over $477 million was reportedly stolen from FTX and FTX US in a suspected black hat theft, while approximately $175 million is believed to have been moved into secure storage by FTX.
FTX is the cryptocurrency exchange, which filed for bankruptcy on November 11, 2022.
The root cause of this heist is unknown at the moment. On the FTX support channel in Telegram, one of the FTX account administrators said that FTX applications were malware and that the FTX site could download Trojans.
Ryne Miller, the General Counsel for FTX stated that FTX was looking into unusual wallet movements related to the consolidation of FTX balances across exchanges.
He further mentioned that the company took precautionary measures and moved all of its digital assets to cold storage, which meant that the cryptocurrency wallet was no longer connected to the internet.
One of the withdrawals to the drainer’s address revealed that approximately $26 million were swapped from Tether to DAI.
After exchanging USDT for DAI, the perpetrator further swapped $44 million worth of stETH for ETH.
The compromised assets include $278 million on Ethereum, $106 million on Solana, $89 million on BSC and $4 million on Avalanche totaling $477 million.
At the time of this writing, the drainer’s address holds around $314,809,774 worth of assets across multiple networks.
During this event, it is speculated that a portion of the funds were sent to a multisig address as part of a white-hat rescue operation.
On the Tron network, the alleged hacker also transferred funds to a newly created account where all FTX.US funds were also transferred.
It remains unclear whether all of the operations, including the transfer of funds, were done out by a hacker, an internal team member, or it could just be a part of the FTX's bankruptcy proceedings to relocate the funds to a safer location.
The transfers took place on the same day the company filed for Chapter 11 bankruptcy protection in the United States after misappropriating billions of dollars in user funds. At this time, online rumors have circulated that an insider may have been responsible for the event, as opposed to an outsider.
Our security team at Neptune Mutual can validate your platform for DNS and web-based security, smart contract reviews, as well as frontend and backend security. We can offer you a solution to scan your platform and safeguard your protocol for known and unknown vulnerabilities that have the potential to have catastrophic long-term effects. Contact us on social media if you are serious about security and have the budget, desire, and feeling of responsibility to do so.
Reference Sources Elliptic, Ryne Miller