The FTX twists and turns are far from over. After last year’s FTX hack, consultant Kumanan Ramanathan played a crucial role in safeguarding vulnerable assets. When the exchange’s staff detected unusual outflows on November 11, 2022, Ramanathan volunteered to utilize his personal Ledger Nano hardware wallet to secure the assets. While exchange ultimately reported losses exceeding $400 million, the combined efforts of Ramanathan and the FTX team managed to protect a substantial portion of the assets from being compromised.
FTX’s advisor Ramanathan prevented further loss
Ramanathan, affiliated with the consulting and restructuring firm Alvarez & Marsall, took the initiative to authorize the transfer of a significant portion of FTX’s assets to his device, effectively safeguarding an estimated $400 to $500 million worth of the company’s cryptocurrency. This strategic move, prompted by former CTO Gary Wang, was crucial in mitigating further losses.
Ramanathan retained custody of the assets on his device until the exchange’s crypto custodian provider, BitGo, had cold storage wallets prepared. Following this, the exchange and BitGo collaborated to secure over $1.1 billion. An additional $400 million was sent to the Securities Commission of the Bahamas for protective measures. This development occurred shortly after former CEO Sam Bankman-Fried filed for Chapter 11 bankruptcy protection.
During the hack, the exchange’s staff expressed concerns about potential delays in setting up BitGo’s cold storage wallets, underlining the urgent need for a swift resolution. Consequently, Ramanathan volunteered to utilize his Ledger wallet as a temporary security measure during an emergency meeting.
Nearly 11 months have passed, and the identity of the FTX hacker remains a mystery. In a subsequent interview, Bankman-Fried hinted at the possibility of an insider, potentially a “former employee,” gaining access to FTX’s crypto wallet keys. During an interview, Zane Tackett, the former head of institutional sales at the exchange, recently echoed this perspective.
Recent reports indicate significant movements of assets by the FTX hacker, as stolen funds were transferred from Ethereum to Bitcoin through cross-chain exchange services on Thorchain and Railgun. This technique, known as chain hopping, is utilized to obscure the origin of the funds.
FTX’s disorganization came back to haunt it
In the aftermath of the harrowing hack, the new administration overseeing exchange’s bankruptcy process has publicly pointed out significant security lapses that facilitated the theft. An April report, released as part of FTX’s bankruptcy proceedings, detailed instances of this alleged negligence: the prior FTX leadership lacked an independent chief information security officer and a dedicated security team; it stored almost all of its cryptocurrency in hot wallets (wallets connected to the internet).
Despite public claims that only a small fraction was stored this way, keys to these wallets were left unencrypted, and security systems requiring multiple keys for fund access were not properly implemented. Additionally, the company lacked adequate logging systems to track fund movements, among other issues.
The same report vividly describes the formidable challenge the new FTX administration faced. On their first day in control, they discovered they had inherited a network deeply compromised by security flaws. The report underscores the precarious situation, stating that due to the FTX Group’s deficient controls to secure crypto assets, the Debtors faced the threat that billions of dollars of additional assets could be lost at any moment.
Notably, the term “debtors” refers to the new FTX administration led by Ray. They had to devise technological solutions to transfer various types of assets to cold storage without a clear roadmap to guide them.Given the apparent lack of security measures and organizational disarray, it’s perhaps unsurprising that the exchange became the target of one of the most costly crypto heists in history.