The troubled virtual currency exchange FTX $400 million hack At least one blockchain expert says the clue points to a high-level insider who made amateur mistakes who may have inadvertently revealed his identity.
Dima Budrin, co-founder and CEO of blockchain security audit firm Hacken, said in an interview with CoinDesk TV on Monday that the attackers “can’t access all the cold wallet storage they exploited.” It seems that
Hacken investigated blockchain transactions and discovered that looters attempted to send tethers (USDT) failed multiple times due to lack of stablecoins on the Tron blockchain. TRXIt is the native token of the Tron network in the wallet and is used to pay transaction fees. As such, the looters used a verified personal account on cryptocurrency exchange Kraken to send her 500 TRX to the compromised wallet address to cover the transaction.
“He made a silly mistake,” Budrin said.
Due to Kraken’s “know-your-customer” or KYC measures (part of its anti-money laundering compliance requirements) and verification process, the exchange has information about the owner of the personal wallet from which the TRX was sent and is behind it. has been identified in exploit.
Hacken immediately contacted Kraken’s security team about the transaction, Budorin said.
“We know who our users are,” said Nick Percoco, chief security officer at crypto exchange Kraken. Tweet Saturday. Percoco added that he heard Sam Bankman-Fried, the founder and former chief executive of FTX or the exchange, would make an official statement.
Budorin said the exploit shows that FTX is “extremely poor” in how it manages its cold wallets.
New details about the exploit have led to speculation on crypto twitter Given FTX’s access to cold wallets, it’s possible that FTX owner Sam Bankman-Fried or someone in his close circle was behind the exploit.
Asked if Bankman-Fried was the owner of the compromised wallet that the breach originated from, Budorin said, “This is confidential information,” but said the wallet owner was a US citizen. Budrin did not respond to CoinDesk’s request for additional comment on how it obtained information about the hacker’s citizenship and whether Kraken shared personal data with account holder Hacken.
According to an emailed statement, a Kraken spokesperson said the exchange “has been in contact with law enforcement and believes it may be related to ‘fraud, negligence, or misconduct'” related to FTX. We have frozen access to Kraken accounts to certain funds.”
Of course, blockchain-savvy criminals can be sophisticated, so this mistake could have been a predator deliberately served to mislead the investigation by creating confusion. .
“It is very common for fraudsters to use fake KYC (Know Your Customer) accounts to help authorities track down the wrong person,” blockchain detective Cryptogle told CoinDesk.
Top exchange FTX and its corporate sibling trading firm, Alameda Research, are the jewels in the crown of Bankman-Fried’s crypto empire, and a bank run on FTX deposits has led to billions of dollars in digital assets belonging to FTX. went bankrupt in a spectacular way after it was revealed that it had lost the to the customer.