That means it will be very difficult for the thieves to go into hiding with their profits in a disposable form without being identified, said Michelle Lai, a cryptocurrency privacy advocate, investor and consultant who says they can trace the movements of the stolen FTX funds follows with “morbid fascination.” But the real question, Lai says, is whether identifying the thieves will provide any recourse: After all, many of the most prolific cryptocurrency thieves are Russians or North Koreans operating in non-extradition countries, beyond the reach of Western law enforcement. . “It’s not about whether they will know who did it. It’s about whether it will be doable,” Lai says. “Whether they’re ashore.”
In the meantime, Lai and many other crypto watchers have been closely monitoring an Ethereum address that currently holds approximately $192 million in funds. The account has sent small amounts of Ethereum-based tokens — some of which appear to have little to no value — to various exchange accounts, as well as Ethereum inventor Vitalik Buterin and Ukrainian cryptocurrency fundraiser accounts. But Lai suspects these transactions are likely intended to simply complicate the picture for law enforcement or other observers before any real attempt is made to launder or cash in the money.
Stealing FTX – whether the theft is $338 million or $477 million – hardly represents an unprecedented amount in the world of cryptocurrency crime. In the late March hack of the Ronin Bridge, a gaming cryptocurrency exchange, North Korean thieves stole $540 million. And earlier this year, cryptocurrency tracing led to the bust of a New York couple accused of $4.5 laundering billion in cryptography.
But in the case of the high-profile FTX theft and the general collapse of the stock market, tracking down the errant funds could help dispel the swirling suspicions or confirm that someone within FTX was responsible for the theft. Bahamas-based CEO Sam Bankman-Fried, who stepped down Friday, lost virtually his entire $16 billion fortune in the collapse. According to an unconfirmed report from CoinTelegraph, he and two other FTX executives are “under surveillance” in the Bahamas, preventing them from leaving the country. Reuters also reported late last week that Bankman-Fried possessed a “backdoor” built into FTX’s compliance system, allowing him to withdraw funds without alerting others at the company.
Despite those suspicions, Janczewski of TRM Labs points out that the chaos of the FTX collapse would have allowed hackers to exploit panicked employees and trick them into clicking on a phishing email, for example. Or, as Michelle Lai points out, bankrupt insider employees may have teamed up with hackers to recover some of their own lost assets.
As the question grows whether – and to what extent – FTX’s own management is responsible for the theft, the case is starting to resemble a very old one more than any recent crypto heist: the theft of half a billion dollars’ worth of bitcoins, discovered in 2014, from Mount Gox, the first cryptocurrency exchange. In that case, blockchain analysis conducted by cryptocurrency tracking firm Chainalysis, along with law enforcement, helped pin the theft to third-party hackers rather than Mount Gox’s own staff. Finally, Alexander Vinnik, a Russian man, was arrested in Greece in 2017 and later convicted of laundering the stolen funds from Mount Gox, thus acquitting the controversial executives of Mount Gox.
Whether history will repeat itself and cryptocurrency tracing will prove the innocence of FTX’s staff remains far from clear. But as more eyes than ever are scouring the blockchains of the cryptocurrency economy, it’s a good bet that the whodunit behind the FTX theft will yield an answer sooner or later.