The Fiji Times » Cryptocurrency woes and robberies
In recent months, cryptocurrencies have suffered massive swings in value as the usually stable leader Bitcoin’s value has fallen below US$17,000 (US$37,836) from an all-time high of US$68,000 (US$151,345) just over a year ago. .
Part of this is attributed to the war in Ukraine and other geopolitics as major countries such as China, India and others have moved to regulate, limit and even ban the use of Bitcoin and Bitcoin mining.
This seems like typical government knee-jerk reaction to things you can’t monitor, control or more importantly tax! As a Wired.com article recently reported, cryptocurrency, with its aura of anonymity, has always offered a strange mix of temptations and challenges for anyone trying to steal it.
As digital cash, held in multi-billion dollar amounts on hackable, internet-connected networks, they make a lucrative target. But once stolen, the blockchains on which almost every cryptocurrency is built make it possible to track the money’s every move and, very often, to identify the thieves.
So after a massive heist pulled nearly half a billion dollars worth of funds out of the already collapsing FTX cryptocurrency exchange recently, the world’s crypto trackers are now closely tracking the thief’s whereabouts – looking for any clues that reveal the thief is an FTX insider or just an opportunist hacker.
Last week, just hours after major cryptocurrency exchange FTX filed for bankruptcy in the wake of its epic 10-figure collapse, FTX’s remaining funds were drained of more than $US663 million ($F1.4b) in cryptocurrency, much of which appears to be stolen.
“FTX has been hacked,” wrote an administrator in FTX’s Telegram channel.
“FTX apps are malware. Delete them.” Exactly how FTX may have been breached – and whether its apps are indeed compromised – is far from clear, and FTX has not officially announced any theft.
But the company’s US general counsel wrote in a tweet that “unauthorized access to certain assets has occurred”.
Soon, crypto tracking and blockchain analytics firm Elliptic revealed that the $663 million outflow appeared to be a combination of FTX’s movement of coins into its own storage wallets and a mysterious theft.
According to Elliptic, as much as $477 million ($1.06 billion) of the funds appear to have been stolen, although another crypto-tracking firm, TRM Labs, puts the figure at $338 million.
24 hours after the theft, most of the money had moved to just a handful of cryptocurrency addresses – where the entire crypto racing industry, a large community of amateur crypto scouts, and no doubt law enforcement agencies around the world are now watching. with an unblinking gaze.
This observability, for the FTX funds and for other repositories of stolen crypto, poses a serious challenge to any thief trying to cash out their catch in traditional (fiat) currency.
In this case, with regulators and an army of aggrieved creditors looking for signs that FTX’s employees or owners themselves may be to blame, it could ultimately help confirm that insiders were responsible for the theft — or instead show that outside hackers took advantage the chaos at FTX to pull off a break-in.
“We definitely monitor the movement of these funds,” said Chris Janczewski, director of investigations at TRM Labs and a former special agent in the IRS’s Criminal Investigation Division.
“This would-be thief has hundreds of millions of dollars. But it’s like they went into a bank, took out as much money as they could carry, and then the color packs went off. They have all this money, but now everyone knows they are connected to this bank robbery. What can you actually do about it?”
According to Elliptic’s analysis, at least $220 million was stolen in the form of a variety of cryptocurrencies quickly traded through decentralized exchanges – trading platforms that allow users to exchange coins without providing identifying information – to convert them into the cryptocurrencies ether and dai.
But cashing out those coins and the rest of the stolen loot will likely require trading it on a centralized exchange, which almost always requires users to hand over identifying information.
The thieves may try to put the money through a “mixing service” that launders the coins by mixing them with other users’. But crypto racing blockchain analysts have proven that they can often defeat these mixers – especially when users feed very large sums into them.
And some mixers, like the Tornado Cash service that was sanctioned by the US Treasury Department in August, make cryptocurrency untouchable on many exchanges or vulnerable to seizure.
That means it will be very difficult for the thieves to make off with the profits in a usable form without being identified, says Michelle Lai, a cryptocurrency privacy advocate, investor and consultant who says she has tracked the movements of the stolen FTX funds with “ morbid fascination.”
But the real question, Lai says, is whether identifying the thieves will offer any recourse: After all, many of the most prolific cryptocurrency thieves are Russians or North Koreans operating in non-extradition countries, beyond the reach of Western law enforcement.
“It’s not a question of whether they want to know who did it. It is whether it will be actionable, says Lai.
“If they are on land.”
The looting of FTX – whether the theft amounts to $338 million or $477 million – hardly represents an unprecedented move in the world of cryptocurrency crime.
In the late March hack of Ronin Bridge, a gaming cryptocurrency exchange, North Korean thieves took $US540 million ($1.2 billion).
And earlier this year, cryptocurrency tracking led to the bust of a New York couple accused of laundering $4.5 billion ($10 billion) in cryptocurrency!
But in the event of the high-profile FTX theft and the stock market’s overall collapse, tracking the misplaced funds could help dispel — or confirm — swirling suspicions that someone within FTX was responsible for the theft.
The company’s Bahamas-based chief executive, Sam Bankman-Fried, who resigned last Friday, lost virtually all of his $US16 billion ($35.6 billion) fortune in the collapse.
According to an unconfirmed report by Coin-Telegraph, he and two other FTX executives are “under surveillance” in the Bahamas, preventing them from leaving the country.
Reuters also reported late last week that Bankman-Fried had a “backdoor” built into FTX’s compliance system that allowed him to withdraw money without notifying others at the company.
Despite these suspicions, TRM Labs’ Janczewski points out that the chaos after FTX’s meltdown may have given hackers an opportunity to exploit panicked employees and trick them into clicking on a phishing email, for example.
Or, as Michelle Lai notes, bankrupt insiders may have collaborated with hackers as a means of recovering some of their own lost assets.
As questions mount about whether—or to what extent—FTX’s own management may be responsible for the theft, the case has begun to resemble, more than any recent crypto heist, a very old one: the heist of half a billion dollars. of Bitcoins, discovered in 2014, from Mt. Gox, the first cryptocurrency exchange.
If so, blockchain analysis by cryptocurrency tracking firm Chainalysis, along with law enforcement, helped pin the theft on external hackers rather than Mt. Gox’s own employees.
Finally, Alexander Vinnik, a Russian man, was arrested in Greece in 2017 and later convicted of laundering the stolen Mt. Gox funds, and acquitted Mt. Gox’s embattled leaders. Whether history will repeat itself, and cryptocurrency tracking will prove the innocence of FTX’s employees, is still far from clear.
But as more eyes than ever scan the cryptocurrency economy’s blockchains, it’s a safer bet that the whodunit behind the FTX theft will sooner or later provide an answer. It certainly provides all the spicy ingredients of a big Hollywood movie!
As one financial expert said: “At its core, Bitcoin is a smart currency, designed by very forward-thinking engineers. It eliminates the need for banks, gets rid of credit card fees, currency exchange fees, money transfer fees, and reduces the need for lawyers in transitions… all good things.” God bless and stay safe in both digital and physical worlds this weekend.
• ILAITIA B. TUISAWAU is a private cyber security consultant. The views expressed in this article are his and are not necessarily shared by this newspaper. Mr Tuisawau can be contacted at [email protected]