FTX Stored Private Keys Without Encryption; Left Funds Vulnerable

The Pandora’s Box that is the FTX debacle continues to churn out one astonishing revelation after another about the leadup to the exchange’s dramatic collapse, as it emerged that the exchange stored private keys without encryption. 

The revelation was made as part of the prepared testimony by FTX’s new Chief Executive, John Ray III. 

Private Keys Stored Without Encryption 

FTX’s new Chief Executive, John Ray III, has made some damning revelations during his testimony to the US House Financials Committee, which is conducting a hearing into the exchange’s unprecedented collapse. One of the most concerning statements made by Ray during the testimony was that FTX stored private keys to crypto wallets without encryption, leaving customer funds worth millions vulnerable to theft and other malicious activities. 

The revelations were part of a prepared testimony to the House Financial Committee. However, he added that the new management had taken concrete steps to secure over $1 billion worth of digital assets since taking over. Private keys allow users to access their funds held in crypto wallets and must be stored securely on systems that leverage encryption. According to security analysts, storing these keys in an unencrypted mechanism leaves them vulnerable to hackers or unauthorized transfers. CEO of non-custodial wallet provider Casa, Nick Neuman, stated, 

“FTX storing private keys unencrypted would allow any employee with internal systems access, or any external actor who is able to obtain systems access, to move, and/or steal, customer funds relatively trivially.” 

These unsecured funds could have been stolen in a number of ways, where hackers could obtain the private keys through phishing or simply hacking the system. 

FTX’s November Hack 

FTX exchange wallets had, in November, faced a significant hack, with estimates by security firms Peckshield and Halborn stating that the exchange was compromised, losing an estimated $400 million. While the hacker’s identity is still unknown, Bankman-Fried spoke of “disgruntled employees and other bad actors” who may have stolen the private keys. 

A Damning Congressional Testimony 

Bankman-Fried’s successor, in his testimony, peeled away FTX’s and Bankman-Fried’s carefully constructed image of sophistication. The testimony began with the unsealing of an eight-count indictment against SBF, for which the embattled ex-FTX CEO faces up to 115 years in prison. US Attorney for the Southern District of New York, Damian Williams, called the FTX debacle one of the biggest financial frauds in American history.

Bankman-Fried is accused of using customer funds to cover losses incurred by sister concern Alameda Research; the independent crypto hedge fund also helmed by SBF. Additionally, prosecutors also accused him of violating campaign finance laws by using customer funds to make millions worth of illegal political donations. Ray called these revelations “old-fashioned embezzlement,” stating, 

“This is really just old-fashioned embezzlement. This is just taking money from customers and using it for your own purpose. Not sophisticated at all.”

Ray also stated that the exchange did not have a complete inventory of their crypto wallets nor any record of their location. He further added that the company was using QuickBooks for accounting. 

“They used QuickBooks. Nothing against QuickBooks – very nice tool, just not for a multi-billion dollar company.”

Ray also told the committee that they were actively tracking the $477 million worth of crypto stolen from FTX on the 12th of November.

“We’re relying on forensic and cybersecurity experts who are tracking the crypto. You can ultimately find where the crypto ends up. We’ve got law enforcement involved. So we’re tracking it. I think we got all the help we need on that front.”

Bankman-Fried Sent To Custody 

Meanwhile, a court in the Bahamas directed authorities to take Bankman-Fried into custody, with the ex-CEO likely to be extradited to the United States of America next year. The judge chose to ignore requests that SBF remain free on bail so that he can stick to his vegan diet and also have access to his allergy medicines and prescription Adderall.

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Source: https://cryptodaily.co.uk/2022/12/ftx-stored-private-keys-without-encryption-left-funds-vulnerable