According to a recent WIRED report, former FTX employees have disclosed the terrifying details of how the exchange lost about $400 million as a result of a hack. This incident occurred during a period of financial turmoil for the SBF-owned exchange, making it one of the most significant breaches in the cryptocurrency world.
By November 11 of last year, FTX had already seen better days. What was once a thriving cryptocurrency exchange, valued at $32 billion just ten months prior, had declared bankruptcy. The new CEO, John Ray III, was handed the task of navigating the company through the bankruptcy process and billion-dollar debts.
On that evening, as noted by unnamed former employees, FTX staff observed mysterious outflows of the exchange’s cryptocurrency, with real-time thefts amounting to hundreds of millions of dollars. FTX was on the brink of catastrophe, facing potential losses exceeding a billion dollars.
WIRED Reveals How FTX Exchange Was Hacked
The question that loomed large was who was behind this theft and whether it involved insiders or external hackers. The mystery remained unsolved, with no charges filed against the company’s top executives.
However, WIRED claims to have uncovered the efforts made that night to limit the damage and prevent a colossal heist. The news source pieced together the crisis response from invoices, interviews, and blockchain analysis.
The response began around 10 p.m. on November 11 when Zach Dexter, the CEO of FTX subsidiary LedgerX, sent an urgent Google Meet invite to over 20 staff, bankruptcy lawyers, advisers, and consultants. The situation was dire, with almost no one aware of where FTX stored its cryptocurrency or how it managed the secret keys.
Gary Wang, FTX’s CTO, initially suggested changing the secret keys to protect the wallets. However, this was deemed futile as the hackers could seize the new keys.
As the Google Meet call commenced, Zach Dexter explored a different approach. BitGo, a digital asset trust company, had been in negotiations with the crypto exchange’s law firm to take custody of the remaining cryptocurrency. Dexter contacted BitGo to create secure “cold storage” wallets immediately. The exchange’s staff feared it might still be too slow, with the thieves potentially siphoning off millions more.
Surprisingly, Kumanan Ramanathan, an adviser to the exchange, volunteered to use his Ledger Nano (a USB drive hardware wallet) as a temporary refuge for vulnerable funds, becoming the salvation of close to $500 million in funds. With meticulous care, he set up a new wallet, and FTX’s funds were transferred to it.
Minutes later, BitGo’s wallets were ready, and the transfer of hundreds of millions more in crypto began. FTX staff scoured the systems to locate wallets and moved every coin they could find to BitGo’s secure cold storage.
The funds were eventually transferred to BitGo, bringing FTX’s remaining funds under their safeguard, amounting to $1.1 billion. Additional funds were sent to accounts controlled by the Bahamas government for safekeeping.
Security Failings Contributed to the Exploit
In the aftermath of the November 11 ordeal, FTX’s new management exposed glaring security failings that had made the theft possible. These included the lack of a dedicated security team and other key staff members, the use of hot wallets for most cryptocurrency storage, unencrypted keys, and so on.
Despite the chaos and insecurity that surrounded FTX at that time, quick decisions and daring actions helped prevent what could have been an even more catastrophic outcome.