‘Hacked’ FTX scrambles to quarantine whatever crypto is left in it

The husk of the fallen crypto exchange FTX can no longer do much, but it’s trying to get its hands around whatever lingering funds can be scrounged up, and quarantined somewhere where they can’t be randomly transferred elsewhere or siphoned off by a hacker. This comes after a flurry of information that emerged in the past day that painted a picture of a financial institution fraught with unprecedented amounts of chaos at seemingly every possible level. 

FTX’s founder and newly resigned CEO, Sam Bankman-Fried, for his part, is “really sorry.”

On Saturday, Bankman-Fried (who also goes by SBF) hastened to quell rumors circulating on Friday that he had fled to South America. He is still, he claims, in the Bahamas, where FTX is headquartered.

No less than $1 billion worth of customers’ cryptocurrency apparently vanished from FTX. And as a sort of cherry on top, on Friday night, FTX may have been infiltrated by hackers and robbed of $473 million. What remains of the company, according to its own tech support channel, is a largely unusable and potentially unsafe website that might steal users’ money.

Backtracking a bit: According to anonymous sources who spoke to Reuters and The Wall Street Journal yesterday, Bankman-Fried moved the equivalent of $10 billion from FTX to an FTX-affiliated trading house also founded by Bankman-Fried called Alameda Research, which is now down

It now looks like that movement of funds played a part in Binance CEO Changpeng Zhao’s now-notorious anti-FTX tweetstorm, in which he announced to millions that “recent revelations” had led his company to essentially lose all faith in FTX.

But the newly-revealed missing $1 billion appears to be an unaccounted-for chunk of those $10 billion that had been moved to Alameda. Both FTX and Alameda Research were already under investigation by the Securities and Exchange Commission when all this was made public.

Amid those revelations late on Friday night — or, who knows, maybe because of them — came an additional announcement on the company’s tech support Telegram account: “FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don’t go on FTX site as it might download Trojans.”

Lending additional credibility to the Telegram messages was a tweet from FTX general counsel Ryne Miller, saying he was, “Investigating abnormalities with wallet movements related to consolidation of FTX balances across exchanges.”

Pure speculation from high-profile accounts on crypto Twitter has intimated that the hack is actually an FTX insider or insiders, stripping away whatever they can extract from FTX’s corpse on their way out the door.

On Saturday afternoon, ET, Miller tweeted a statement from John Ray, the newly appointed crisis CEO of FTX, tasked with stabilizing the spiraling company.

According to Ray, the company is now seeking to “secure all assets, wherever located” due to “unauthorized access.” FTX, according to Ray, is now going about the work of shutting down trading and fund withdrawals and moving all crypto to a “cold wallet custodian,” where the funds can’t be easily accessed, but at least they won’t suddenly disappear.

Oh, and the cops have been notified, according to Ray’s statement. And in addition to law enforcement, an internal “fact review and mitigation exercise was initiated immediately in response” to the hack, he explained. 

In other words: FTX is trying to find the guy who did this