Over the weekend, FTX was hacked, and at least one blockchain specialist claims that the evidence points to a high-level insider who made a rookie error that may have unintentionally revealed their identity.
John Ray, the new CEO of FTX, admitted that the exchange had been "compromised," and stated that preventative measures were being taken to minimize harm after discovering fraudulent transactions.
Dyma Budorin, co-founder and CEO of blockchain security auditing company Hacken, stated in an interview with CoinDesk TV on Monday that the attacker "had access to all the cold wallet storages which he exploited."
Hacken studied blockchain transactions and discovered that the looter attempted to transmit tether (USDT) stablecoin on the Tron blockchain many times but failed due to a lack of TRX, the Tron network's native currency, in the wallet to pay transaction fees. To hide the transaction, the looter utilized their verified personal account on cryptocurrency exchange Kraken to send 500 TRX to the compromised wallet address.
"He made a stupid mistake," Budorin commented.
The exchange had knowledge of the owner of the personal wallet the TRX was received from thanks to Kraken's "know-your-customer" or KYC standards, which are a component of the anti-money-laundering compliance requirements. This information allowed the exchange to identify the person who used the exploit.
According to Budorin, Hacken promptly informed Kraken's security team about the transaction.
"We know the identity of the user," Nick Percoco, chief security officer of crypto exchange Kraken, said in a tweet Saturday.
Percoco also stated that FTX or the exchange's founder and former CEO, Sam Bankman-Fried, will issue an official statement.
According to Budorin, the hack proved that FTX's cold wallet management was "very poor."
Late Friday night, FTX was hacked, resulting in over $600 million in digital assets exiting the exchange's wallets in a frenzy of withdrawals.
Hacken discovered that one entity, who Budovin assumes is an insider, stole approximately $400 million from the exchange.
Given the access to FTX's cold wallets, new information regarding the exploit sparked suspicions on crypto Twitter that perhaps FTX owner Sam Bankman-Fried or someone in his inner circle may have been responsible.
When asked if Bankman-Fried was the owner of the exploit's compromised wallet, Budorin responded, "This is confidential information," although he added that the wallet's owner is a U.S. citizen.
Last week, FTX and its corporate-sibling trading firm Alameda Research collapsed after a bank run on FTX's deposits revealed that it had lost billions of dollars in customer-owned digital assets.
Following the failure of rescue attempts, the entire group, 138 entities in total, filed for bankruptcy protection on Friday, initiating various investigations.
