Was FTX hacked? Deep dive reveals “backdoor” built into accounting software
In the latter hours of Friday evening, FTX founder Sam Bankman-Fried secretly moved $10 billion in funds to Alameda trading firm via software "backdoor."
Late on Friday evening, it has since been confirmed that a total of around $10 billion was moved from FTX to Alameda Research by FTX founder Sam Bankman-Fried (SBF).
Speculation of a hack steadily appeared after several abnormal wallet transactions were highlighted, indicating that between $1-2 billion in client funds were unaccounted for. When SBF was questionedย regarding the missing $1-2 billion, his response was “???”
Crunching the numbers
Upon reviewing blockchain transactions, FTX’s wallet address was shown to have received a total of $105.3 million worth of Ethereum, Solana, and BNB tokens from international and US-based wallets since 9:20 ET on Nov. 11.
Keeping a thoroughly documented Twitter thread of the ongoing transactions at the time, Foobar publicly followed the cash flow as it occurred.
Hundreds of millions of dollars are now flowing out of FTX wallets, some speculate liquidators but it's late on a friday night, not typical times for such rapid heavy movements. Some withdrawals are being swapped from Tether to DAI. Hack or insider actions? $26 million here pic.twitter.com/8wWlaE7na9
— foobar (@0xfoobar) November 12, 2022
The FTX wallet swapped $16 million USDT for DAI through the decentralized exchange, 1inch, after Tether blacklisted their USDT. The address then approved USDT, LINK, and sETH and subsequently sold USDT and sETH.
As the crypto community continued to track wallet transaction outflows and inflows, the wallet was also found to have approved $24 million worth of LINK on CowSwap. In addition, the same wallet also bought millions in LIDO, according to on-chain data.
Hack or insider job?
FTX U.S. General Counsel, Ryne Miller, claimed FTX US And FTX.Com had moved all digital assets to cold storage after filing for Chapter 11 Bankruptcy. Miller added that the process was sped up to mitigate the damage of the unauthorized transactions observed.
Following the Chapter 11 bankruptcy filings – FTX US and FTX [dot] com initiated precautionary steps to move all digital assets to cold storage. Process was expedited this evening – to mitigate damage upon observing unauthorized transactions.
— Ryne Miller (@_Ryne_Miller) November 12, 2022
Just over two hours later, Bitcoin Archive tweeted the breaking news that “FTX had a “backdoor” built into its accounting software by SBF.” This route was used to move assets in the billions of dollars without triggering alerts to staff and external auditors.
BREAKING: FTX had a โbackdoorโ built into its accounting software by SBF, which he used to move billions without triggering alerts to other staff, auditors etc – Reuters
— Bitcoin Archive (@BTC_Archive) November 12, 2022
The “backdoor” was established using bespoke software, granting SBF the ability to execute commands enabling him to alter company financial records without notifying anyone.
Furthermore, using this “backdoor” to move the $10 billion to Alameda avoided triggering both accounting red flags and internal compliance.
Potential legal implications
FTX is under investigation by the U.S Securities and Exchange Commission (SEC) regarding the management and handling of client funds. With this latest development, FTX has more questions to answer as scrutiny builds around the SEC investigation.
FTX announced on Friday evening that the renowned restructuring specialist, John J. Ray III, will be taking over control of the firm. Ray III handled the liquidation of Enron Corp — a company recorded as one of the world’s largest bankruptcies.