As MarketWatch reports, the suspected theft of almost a half a billion dollars may have turned out to be a government asset seizure. The Securities Commission of the Bahamas has announced that it was responsible for transferring $477 million in crypto assets from the bankrupt exchange, “for safekeeping.”
FTX’s U.S. bankruptcy administrators led by attorney John Ray III, who worked on Enron, said in court documents they had “credible evidence” that authorities in the Bahamas had instructed FTX founder Sam Bankman-Fried to obtain debtors’ digital assets after the Chapter 11 filing.
However, as Crypto Briefing reports, blockchain data suggests that a threat actor, not a government authority, seized the lion’s share of the transferred crypto.
Whatever results from the bankruptcy system, as eSecurityPlanet reports, FTX’s implosion underscores the cybersecurity risks of crypto. Indeed, Ray has hired an unspecified cybersecurity forensics team.
Binance, Axie Infinity and other major crypto enterprises have suffered costly data breaches going back to 2014. Brittany Allen, trust and safety architect at fraud prevention firm Sift, called crypto “an optimal target” for cybercriminals “because the transactions are quick and irreversible.” Bad actors also hack computers to use them surreptitiously for cryptocurrency mining.
In light of the risks of crypto, cybersecurity practices in this area need to be even more proactive, Allen suggested. Machine learning, she told the website, helps cryptocurrency companies “automatically stop fake account creations, defend against account takeover attacks and secure every transaction on their platform to mitigate cyberattacks and ensure bad actors aren’t sowing distrust in their platforms.”
Others highlight the potential for regulation, noting that FTX, organized as it was in the Bahamas, wasn’t subject to U.S. financial watchdogs. Josephine Wolff, an associate professor of cybersecurity policy at Tufts University who has studied crypto, told NBC News that the U.S. regulatory regime wasn’t designed to guarantee crypto investments, unlike traditional bank deposits.
Hugh Brooks, director of security operations at web3 security firm CertiK, told BankInfoSecurity that better crypto regulations could prevent similar events in the future. Brooks also shared his view on best practices for setting up a “cybersecurity-first” cryptocurrency exchange.
Phil Venables, chief information security officer on Google Cloud, and Tom Robinson, founder and chief scientist at blockchain analytics firm Elliptic, told The Washington Post that despite short-term turbulence, a digital economy may be more secure in the long run.