In a recent development concerning the FTX hack, Hugh Brooks, the director of security operations at CertiK, has raised concerns that the hacker responsible for stealing over $400 million from FTX and FTX US in November might be using the media attention around Sam Bankman-Fried’s trial to hide the movement of stolen funds. The hacker, known as “FTX Drainer,” has been observed transferring millions in Ether acquired from the hack, even as the trial unfolds.
The FTX hacker, operating under the alias “FTX Drainer,” initiated a series of transfers involving stolen Ether shortly before the start of Sam Bankman-Fried’s criminal trial. These movements have continued throughout the trial, with the hacker moving around 15,000 ETH (approximately $24 million) to three new wallet addresses in the past three days.
Hugh Brooks of CertiK suggests that the increased public scrutiny and media coverage surrounding the FTX trial may be motivating the hacker to expedite efforts to conceal the illicitly acquired assets. Brooks speculates that the hacker may have anticipated that the trial’s prominence in the Web3 industry would divert attention away from tracking the stolen funds, providing a convenient smokescreen.
FTX’s high-stakes battle against a mysterious hacker: FTX, once valued at $32 billion, filed for bankruptcy on November 11th, the same day when the extent of the hacker’s actions became clear. On that day, substantial withdrawals from FTX’s wallets were noticed by employees. In response, the team quickly transferred an estimated $400 to $500 million into a privately owned Ledger cold wallet while awaiting a response from BitGo, the company responsible for taking custody of the exchange’s assets post-bankruptcy. This decision likely prevented the hacker from walking away with a full $1 billion.
During the investigation, it appears that the FTX hacker has changed their strategy for concealing the stolen funds. Initially, on November 21st, they attempted to launder the assets using a “peel chain” method, involving sequential transfers of decreasing amounts of funds to new wallets while “peeling” off smaller sums to newer wallets.
However, Brooks notes that the hacker has since adopted a more sophisticated technique. The stolen funds have been fragmented and spread across multiple wallets, with smaller portions being transferred to various additional wallets. This method significantly complicates the efforts to trace and recover the assets, prolonging the investigative process.
Despite extensive efforts, investigators have yet to identify the individuals or groups responsible for the FTX hack. CertiK’s Hugh Brooks confirmed that the investigations are ongoing as they work diligently to uncover the culprits behind this substantial cryptocurrency theft.
By FCCT Editorial Team