FTX previously maintained private keys without encryption, according to John Ray III, the exchange’s new head.
During Sam Bankman Fried’s rule, FTX maintained private keys to crypto wallets without encryption, leaving “hundreds of millions of dollars” susceptible to theft or other malicious conduct.
The disclosure was included in John Ray III’s prepared testimony to the U.S. House Financial Services Committee, in which he said that he took efforts to safeguard digital assets worth more than $1 billion.
Private keys are used to access and approve funds contained in crypto wallets, and they must be securely maintained on systems using encryption technology at the same time. When private keys are maintained in an unencrypted format, the exchange may have been vulnerable to unwanted transfers, according to security experts.
“FTX keeping private keys unencrypted would enable any employee with internal systems access, or any external actor able to get systems access, to transfer and/or steal client cash with reasonable ease,” Casa CEO Nick Neuman told The Block.
Since keys were previously kept unencrypted on FTX, there are a number of methods for acquiring private keys, such as system hacking and phishing.
According to estimations from security companies Halborn and PeckShield, FTX’s exchange wallets were apparently compromised in November to the tune of $300-$400 million. While the hacker’s identity remains unclear, Bankman-Fried speculated that a “disgruntled employee” or a rogue actor may have acquired the private keys to its cryptocurrency wallets.
A month after the crypto exchange he created went for bankruptcy, the former Bankman-Fried has been charged with fraud by U.S. authorities.
Michael McCaffrey, once the CEO and primary owner of The Block, borrowed money from Sam Bankman-Fried, formerly the founder and CEO of FTX and Alameda, beginning in 2021.
Also Read: The European Parliament has decided not to renew the term of crypto supporter Eva Kaili