FTX says it’s removing trading and withdrawals, moving digital assets to a cold wallet after a $477 million suspected hack
In this photo illustration, the FTX website is seen on a computer on November 10, 2022 in Atlanta, Georgia. Binance, the world’s largest cryptocurrency firm, agreed to acquire FTX, another large cryptocurrency exchange, in a rushed sale in order to prevent a liquidity crisis, which is known as the “Lehman Moment” in the crypto industry.
Michael M. Santiago | Getty Images
John Ray, FTX’s new CEO and chief restructuring officer, said the bankrupt crypto exchange is “in the process of removing trading and withdrawal functionality” and it is “moving as many digital assets as can be identified to a new cold wallet custodian,” according to a statement tweeted by the company’s general counsel, Ryne Miller.
The announcement comes as the failed exchange investigates what it’s calling “unauthorized transactions” that began within hours of FTX filing for Chapter 11 bankruptcy protection in the U.S.
The suspected hack was announced by an admin in FTX’s Telegram Channel, according to blockchain analytics firm Elliptic and was followed by a tweet from Miller indicating that the wallet movements were abnormal.
Figures from Singapore-based analytics firm Nansen published overnight show more than $2 billion in net outflows from the FTX global exchange and its U.S. arm over the past seven days, of which $659 million happened in the preceding 24 hours.
Elliptic found that $663 million in various tokens were drained from FTX’s crypto wallets. Of that amount, $477 million was taken in the suspected theft, while the remainder is believed to have been moved into secure storage by FTX.
Elliptic found that stablecoins and other tokens are being rapidly converted to ether and dai on decentralized exchanges, a technique the firm says is commonly used by hackers in order to prevent their haul from being seized.
“The way that these assets have been moved is highly suspicious,” said Tom Robinson, Elliptic’s chief scientist. “Very similar transaction patterns have been seen with large-scale thefts in the past — whereby the stolen assets are quickly swapped at decentralized exchanges, in order to avoid seizure.”
The new FTX chief said the exchange is coordinating with law enforcement and relevant regulators about the breach and that it was making “every effort” to secure all assets globally.
Miller, FTX’s general counsel, said the decision to push digital assets into cold storage was meant “to mitigate damage upon observing unauthorized transactions.”
People who choose to hold their own cryptocurrency can store it “hot,” “cold,” or some combination of the two. A hot wallet is connected to the internet and allows owners relatively easy access to their coins so that they can access and spend their crypto, whereas cold storage generally refers to crypto stored on wallets whose private keys are not connected to the internet. The trade-off for convenience with hot storage is potential exposure to bad actors.
— CNBC’s Rohan Goswami contributed to this report.