common for etherscan to label malicious wallets

the fact that it has been executed so poorly to me seems like it is an insider who woke up and thought they could get away with it because they hd access to the keys

Probably SBF himself. Even if he can’t use this funds directly he can use them as collateral with a more skilled group to fund his eventual escape from the authorities

I would be more inclined to think insider, but I suppose it could also be an external player. Maybe they have had access for awhile and been waiting for the right time, whenever that would have been. Either way, their hand would have been forced as of the last few days as they seem to be acting hastily.

almost surely an insider.

I believe that is the white hat group. It helps to identify the exact txns & addresses they are referring to here.

The harmony bridge hack by Lazarus group (north korean actor) is a good example:

The first address used is 0x0d043128146654c7683fbf30ac98d7b2285ded00

It's a bit harder to trace using public tools because they immediately start splitting off the various coins to other addresses, but looking at just the USDC:

They split it off into a single purpose address that is just responsible for converting it to ETH. They do this via private transactions utilizing uniswap v3 and a set amount just about every minute (they settled on ~2M). If you scan through them their slippage is very good here. If you wait a bit of time you let the arbitrage bots move funds from wherever is available so your slippage isn't so bad.

account responsible for USDC conversion: https://debank.com/profile/0x58f4baccb411acef70a5f6dd174af78...

This account was also responsible for a number of liquidations: https://debank.com/profile/0x9e91ae672e7f7330fc6b9bab9c259bd...

They again show good slippage and also show that they use 3 different exchanges

After they've converted everything to ETH with good slippage they then fan out to multiple accounts that then do a series of deposits into tornado cash at 100 ETH each.

They were done with the liquidation within 2 hours. This attacker is still liquidating as far as I can tell

Bulk bridge swap service IMO. Avalanche or Fantom would be your best bet right now.

Asking for a friend? :)

What if its a frame job?

A hacker who got in from the outside would probably be sophisticated enough to at least 1. automate transfers 2. launder through monero or a tumbler or something

This looks like someone who barely understands crypto because all of the transfers can be traced, and since they're apparently working manually and slowly, the audit-surface is huge.

They're largely ERC-20 tokens, which can be swapped for ETH on DEXes. Monero is a whole separate blockchain, and cross-chain swaps are still in their infancy and don't have markets to convert ERC-20 tokens to Monero, or definitely not with any sort of volume.

The ETH will probably eventually be laundered and some of the cleaned coins sent places they could eventually be traded for XMR and eventually cashed out, but there's no way to do that quickly, and this needs to be done quickly.

no hurry. it's not like he needs the money now

> Once again almost everything in cryptocurrency proves to be a scam.

Once again people on HN hate on cryptocurrencies for no good reason.

This isn't a cryptocurrency problem, it's a fractional reserve banking problem. These centralized exchanges are unregulated banks in disguise. It's no surprise to anyone that they exhibit all of the problems of unregulated banks. Problems such as "we used customer deposits to gamble, lost everything and are now insolvent".

To think one of the reasons cryptocurrency was invented was to end the need for such things...

> seems to be fleeing to Argentina?

That could only work before 1997.[1]

[1] https://www.congress.gov/treaty-document/105th-congress/18/d...

"Once again almost everything in cryptocurrency proves to be a scam."

This is like saying "once again almost everything in US dollars proves to be a scam" after Lehman fell.

The sentence makes no sense at all to me.

Both are centrally managed and are semi-regularly frozen at the request of authorities.

The smart contract has an array of frozen addresses that will not be permitted to move funds, which can be edited by Centre and Tether respectively.

The smart contacts have a blacklist that the companies can add to, that would disable transfers.

I think he tries any avenue available. Even if 50% is lost it's still a good trade.

Dai cannot be censored by

When you say "corporate theft" are you referring to theft from corporations or theft by corporations? I'm not sure it's clear which is relevant here.

I reworded things to separate the first hand information (FTX_Official indicating they don't know what's going on) from speculation (app hacker rumors).

Greed drives all of us to do things we normally wouldn’t. Given the nature of crypto, unless there’s a good reason to have the FTX app (say as opposed to using their website), then uninstalling it seems like very sound advice.

> It’s unfortunate that what started out with altruistic motives

Are you actually buying into SBF’s pathetic ideologies? Or are you more referring to Satoshi’s white paper when you refer to “altruistic motives”.

I can’t understand how anyone would take SBF seriously. He’s a smug charlatan who converted funny money to real money so that he could dump it into politics for his own aims, all while calling his actions “altruism”. Biggest false virtue signaler of all time.

Most of the rules of civilization are centered around preventing the 20% predators from devouring the 80% normal people.

In times like this I often find comfort in the expression "The Purpose of a System is What It Does"

https://en.wikipedia.org/wiki/The_purpose_of_a_system_is_wha...

> what started out with altruistic motives, [...] is being derailed by opportunists.

See: all human history.

The essential trust anchor will always be transparency that directly affects a person in society. Anonymous money and anonymous power will be exploited.

honestly, the vulnerability was probably already there and there was a symbiosis with the person. Rules for rulers, there are various keyholders in your empire. This company wasn't following any best practices, so no reason to think they have crypto security best practices internally.

this person absolutely knows that they can kick leadership when they're down and that all blame will go to the leadership

it doesn't require being an "apologist" for leadership to see this vulnerability. Council and compliance all resigned, the ceo resigned. Any semblance of checks are gone and any rogue developer can use their keys on anything, rumor now is that an app update went out turning them into malware.

its equally as plausible as just a cringeworthy vendetta of spiraling founders, dumber things have happened in crypto. smart things have too, I’m leaving towards a smart thing

SBF takes "full responsibility".

In unrelated news SBF just found he had a bunch of crypto in his personal wallet. Totally not at all the pile of crypto that was last seen in the FTX wallet.

I'm as sceptical as the next person but I don't think "coder writes code" is anything.

How do you know it's him and not somebody else with the same name? I don't see any crypto projects.

It’s pretty common for apps to load some external content from a server to show to the user. This is useful in part because it allows you to update the content without going through the slow app review process. Potentially, if your backend got hacked, the hackers could change this content.

Lots of apps these days are merely shells for web content that is hosted elsewhere.

A couple quick searches for “ftx app react native” makes me believe at least part of their app, if not the entire thing, is react native (it’s possible to have a hybrid native/react native app). It’s totally possible and quite common to be able to load the JavaScript bundle from a remote server. Microsoft has a service to do exactly that called Codepush. Expo also has a service and it’s not very complex to roll your own. How a react native app works is all the native code is compiled into a “shell” of an app and then a JavaScript bundle is loaded (it can be shipped in the binary or loaded from a server) and that’s where all the layout and logic lives. Not only is it possible to make small changes, you could conceivably ship an entirely new app this way as long as you don’t need to add any new native dependencies. Of course the App Store/Play Store don’t allow “major” changes, but they have no real way of knowing. In Apple’s case, you need to provide them with a login for them to review the app (not sure about the play store, but possibly them too). It would be trivially to load one bundle for Apple and another for everyone else. If you had control of the backend you could even target specific accounts and load a compromised bundle with no one else the wiser. It’s fairly easy to strip out the JS bundle to examen, so I’d say targeted attacks would be the smart way to do it. It would give you a lot of time before people caught on vs compromising everyone. I’m sure there’s folks out there already tearing into the js bundle looking for shenanigans.

Indeed. But JPM is at least regulated so it shouldn’t happen (post GFC…).

I suppose in this case it's probably a negative sum game. The assets in question are the FTT token that Alameda mined and gave to FTX as collateral, in return for real customer assets from FTX that Alameda used to gamb... er trade with. But FTT then went to zero, tanked the whole market, and the customer assets Alameda holds lost value too. Everybody loses.

At this point it wouldn't surprise me if they siphoned off the money by being on the other side of those trades via different entities...

Supposedly from what I'm hearing from /r/buttcoin rumors, Alameda was very bad at trading, so the billions have gone to the people doing the opposite trades from Alameda, which were being funded by FTX to try to gamble back the amounts lost.

Luna was quite bad, but it was pretty straight-forward path to death that everyone saw from a mile away. Not many people predicted that FTX and SBF will fall from grace within a timespan of 48hrs. The whole thing is also so full of scandals, theft and corruption we will be reading about this in the news for weeks to come.

mtGox was so early in crypto, there wasn't any institutional capital or major players, mostly retail/regular folks experimenting with shiny new tech. FTX is an intermingled web of retail, institutions and big name investors as well as having their own investments, huge donations to politicians, lobbying arm, etc. The fallout from this will set us back for years.

SBF was hailed as a crypto savior just a few weeks ago after the Luna fallout. He was viewed as Warren Buffett during the financial crisis. Perhaps Coinbase will be the ultimate winner here if crypto somehow survives. I imagine more than 75-80% of the assets tied to crypto will liquidate in coming weeks. I don’t think this will be “just another” crypto blow up. It’s end game time.

I think MTGox was actually worse just due to the small size of the market then and how much of a joke their security was. FTX just seems like a fleecing job that tons of crypto exchanges and businesses have pulled off. MTGox was sheer incompetence.

I've been in cryptocurrencies/blockchain since 2012. I "missed" the BTC boat and got into ETH early. I'm of the thought that CeFi services like Ftx, Nexo, Coinbase and similar are stupid. The only thing that should exist is simple Exchanges between Fiat and cryptocurrency. But everything else is just a scam IMHO. Why would you do a CeFi in crypto , when theres more TAM in doing it normal FIAT? Because you want to Avoid regulation and scrutiny.

Anyways, through all this saga, I see ETH is still at $1200, which has held pretty well. I think the right price is around $600, how it was on Nov 2020, before all speculation. The rest of the price is just people playing around. But that's not what ETH is for, and these high prices are hurting it's real goal.

I'm definitely still holding crypto. Mostly ETH, because I believe in the core technology. I've done some smart contracts and have a couple ideas for the future.

But man, I surely hope all cryptos crash and burn this time, so that speculators stop polluting the technology.

Personally I liquidated all remaining crypto. I think these are the end of days for crypto and before the end of this year anyone still holding crypto assets will find them significantly less valued. There is no path to increasing value.

I'm all in fiat right now, and will stay like that until things calm down a bit.

It's shorting time!

Get out, man. Learn investment theory. All you need is a couple of index funds and bonds. Investing isn't supposed to be exciting or make you rich quick.

"at some point, you are the greater fool"

"If you look around the table and can't see the chump, you are the chump"

> Coinbase reassuring me that they’re not gonna use customer funds without permission

"Not gonna" is wildly different from "cannot". So are you sure they physically cannot use your funds? If that's not the case, their promise is worth just the price of sending that email to you.