Collapsed cryptocurrency exchange FTX reportedly faced a series of unauthorized transactions over the weekend, prompting several warnings from users and analysts against interacting with its mobile application or website.
Wallets associated with FTX saw roughly $266.3 million worth of outflows on Nov. 11, according to analytics firm Nansen. FTX US, a separate entity operating in the United States, was reportedly drained of $73.4 million.
The magnitude of the alleged attack appears to have intensified overnight, with net outflows from FTX and FTX US totaling $659 million, according to Nansen data journalist Martin Lee. That represents roughly one-third of the wallets’ net outflows over the past seven days.
FTX US general counsel Ryne Miller confirmed on Nov. 12 that the transactions were unauthorized and that FTX US had moved all remaining crypto into cold storage as a precaution.
A Nov. 12 blog post from blockchain forensics firm Elliptic suggests that the drain has seen various tokens on Ethereum, BNB Smart Chain and Avalanche removed. However, they said that of the $663 million drained, around $477 million is suspected of having been stolen, while the remainder is believed to be moved into secure storage by FTX themselves.
An administrator for FTX’s Telegram group confirmed that the exchange was hacked and urged users not to use the FTX website due to potential security vulnerabilities. “Don’t go on ftx site as it might download Trojans,” wrote community administrator Rey.
FTX’s meltdown and apparent security breach were documented in near real-time on Twitter, with some users claiming that FTX customers were receiving SMS messages and emails urging them to log into the app and website, which have since been infected with a Trojan.
Kraken’s chief security officer Nick Percoco later Tweeted that they were aware of the user’s identity but did not share any more information publicly.
Related: Sam Bankman-Fried apologizes for FTX liquidity crisis: ‘I fucked up twice’
At the beginning of the week, FTX held the reigns as a top-three cryptocurrency exchange. Its monumental collapse began on Nov. 7 when Binance CEO Changpeng Zhao tweeted that his exchange would be liquidating its entire FTX Token (FTT) position amid insolvency rumors and shady business dealings with sister firm Alameda Research. The announcement prompted a bank run on FTX, from which it could not recover.
On Nov. 11, former FTX CEO Sam Bankman-Fried announced that FTX, FTX US and Alameda Research were filing for bankruptcy.
Update Nov. 12, 11:20 pm UTC: Added information from Elliptic and a Tweet from Kraken's chief security officer claiming to know the identity of the exploiter.