SBF - MASK OFF: FTX Collapse and Hack Post-Mortem
What Happened
Sam Bankman-Fried's FTX and Alameda Research collapsed, revealing fraudulent practices and misappropriation of customer funds. Following the collapse, approximately $633 million was removed from FTX wallets on November 12, 2022.
Root Cause & Operational Failures
According to newly-appointed CEO John J. Ray III:
> "Never in my career have I seen such a complete failure of corporate controls"
Critical failures included:
• No accounting department at FTX or Alameda
• Unsecured group email accounts used as root access to private keys
• No daily blockchain reconciliation
• Software concealing customer fund misuse
• Alameda exempt from FTX's auto-liquidation protocols
• Concentrated control among inexperienced individuals
Attack Vector & Financial Impact
The $633M Drain:
• $477 million attributed to "unauthorized access" (SBF claimed ex-employee compromise or malware)
• Bahamian authorities claimed responsibility for instructing wallet drainage
• Remaining $156 million moved to secure multisig pending bankruptcy
Additional Losses Revealed:
• Crypto assets valued at only $659K (versus claimed $5B)
• $3.3B in loans from Alameda to SBF and Paper Bird Inc.
The FTX Accounts Drainer address subsequently became the 30th largest ETH holder.
Additional Context (from search)
Later investigations revealed the $477M was carried out by a SIM-swap gang. Emily Hernandez walked into a Texas AT&T store and used a fake ID to take over an FTX employee's phone account. SMS-based 2FA was bypassed. Funds were laundered via DEXs, RenBridge ($74M), and mixers (likely with Russian criminal gangs).
Fund Recovery
Approximately $100 million in frozen assets; Tether froze portions of stolen USDT.