Suspected Russian connection to FTX cryptocurrency worth $477 million Cryptocurrency scrgruppen

As the drama of FTX and its disgraced founder, Sam Bankman Fried, continues in a Manhattan courtroom, revealing startling details that led to the breakup of the cryptocurrency giant, elsewhere, a trail of money stolen from the exchange has emerged with a Russian connection.

FTX filed for bankruptcy on November 11, 2022. Later that day, the exchange was hacked for $477 million.

Russian actor linked behind FTX theft?

The majority of funds, especially Ethereum (ETH), remained inactive for five days. After that, a large sum of 65,000 Ethereum (equivalent to $100 million) was transferred to the Bitcoin blockchain using the RenBridge service.

The perpetrators then used a blender. Of the 4,536 bitcoins transferred from ether via RenBridge, approximately 2,849 bitcoins were sent through mixers, mostly a service called ChipMixer. At least $4 million found its way to cryptocurrency exchanges, where it was likely converted into cash.

There is speculation that the perpetrators could have walked away with a larger sum had it not been for the quick action taken by FTX employees and bankruptcy advisors. They successfully protected over $300 million worth of assets before a thief had a chance to access them.

Blockchain intelligence company Elliptic advertiser That an actor linked to Russia appears to be a stronger possibility behind the theft. It is worth noting that a large portion of the stolen assets, which can be traced through ChipMixer, appear to have been mixed with funds from Russian-affiliated criminal organizations, such as ransomware groups and darknet markets, before eventually being transferred to cryptocurrency exchanges.

This suggests the possible involvement of an intermediary, perhaps an intermediary, with ties to Russia.

It is also worth noting that a large portion of the stolen funds remained inactive for several months, only becoming active shortly before the start of the Bankman-Fried trial. This contradicts the typical norm where crypto launderers are known to wait years to transfer and liquidate their assets once public interest wanes.

Possible suspects

In its latest research, Elliptic also raised suspicions about FTX employees who could have accessed the company’s cryptocurrency assets to transfer them for operational reasons. Given the chaotic circumstances surrounding FTX’s bankruptcy and downfall, it was possible that an insider could have stolen these assets.

Bankman-Fried is another suspect, but Elliptic acknowledged that its limited access to the Internet would hinder any money laundering attempts.

Elliptic also noted that FTX’s lax security practices may have facilitated the theft by a third party. FTX’s new CEO revealed that private keys granting access to the company’s cryptocurrency assets were stored without encryption, and a former employee revealed that more than $150 million was taken from Alameda Research due to inadequate security measures.

Furthermore, the use of the Sinbad Blender could point to the involvement of North Korea’s Lazarus Group, known for some of the largest digital asset thefts. However, the methods used to launder stolen assets appear distinct and less sophisticated compared to the typical tactics followed by the Lazarus Group.