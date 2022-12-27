By Ava Benny-Morrison | Bloomberg

Federal prosecutors are investigating an alleged cybercrime that siphoned off more than $370 million from FTX just hours after the cryptocurrency exchange filed for bankruptcy last month.

The Justice Department has launched a criminal investigation into the stolen assets that is separate from the fraud case against FTX co-founder Sam Bankman-Fried, according to a person familiar with the case. US authorities managed to freeze some of the stolen funds, the person confirmed. However, the frozen assets only make up a fraction of all the loot.

It’s unclear whether the infiltration was an inside job, as Bankman-Fried suggested in interviews before his arrest, or the work of an opportunistic hacker eager to exploit vulnerabilities in a failing company. The conduct could constitute a charge related to computer fraud, which carries a maximum penalty of 10 years in prison.

The amount stolen is considerably less than the billions of dollars Bankman-Fried is accused of embezzling while he ran FTX. Authorities say the 30-year-old founder, who is currently on bail and lives in California, fraudulently raised $1.8 billion from investors and used FTX funds to place high-risk bets on the Alameda Research hedge fund and to hedge personal expenses.

Spokesmen for the Department of Justice and the Manhattan US Attorney’s office declined to comment.

FTX’s new CEO, John J Ray III, revealed on November 12 that there was “unauthorized access” to FTX’s assets a day earlier, the same day the estate filed for bankruptcy.

The investigation is led by the Justice Department’s National Crypto Enforcement Team, a network of prosecutors focused on investigations of digital assets, a person familiar with the case said. The team is working with Manhattan federal prosecutors in charge of the sweeping criminal investigation that led to Bankman-Fried’s arrest this month.

The amount withdrawn from FTX by the unknown actor was about $372 million, according to the bankruptcy filings. Authorities managed to freeze funds on certain platforms because those outlets cooperated with law enforcement, the person confirmed. That is not always the case, especially with foreign exchanges.

In an analysis of the path of the stolen funds last month, blockchain analysis firm Elliptic stated that tokens drained from FTX wallets were exchanged for ETH, another cryptocurrency, via decentralized exchanges. That was “a tactic commonly seen in large hacks,” the firm said at the time.

On November 20, Chainalysis, another company, tweeted that the stolen funds were “on the move” and had been connected from ETH to Bitcoin. The group warned exchanges to be vigilant in case the hacker tried to cash out. Some of the funds had also been deposited into a mixer, which combines different types of cryptocurrencies to obfuscate origins, according to ZachXBT, a Twitter user who tracks cryptocurrency hacks.

More stories like this are available at bloomberg.com

©2022 Bloomberg L.P.