FTX’s sister hedge fund Alameda Research lost at least $190 million of its trading funds due to arguably avoidable scams, according to a former engineer at the firm.
In an Oct. 12 post to X, titled “The Hacks,” former Alameda Research engineer turned whistleblower Aditya Baridwaj claims that the firm’s “breathtaking” agility led to “major security incidents” as often as every few months.
Incident #1:
An Alameda trader got phished while trying to complete a DeFi transaction by accidentally clicking a fake link that had been promoted to the top of Google Search results
Cost: $100M+
Postmortem: Implemented extra checks on our internal wallet software
— Adi (e/acc) (@aditya_baradwaj) October 11, 2023
In an example of one of the biggest exploits, Baridwaj claims a trader at Alameda once lost more than $100 million of the firm’s funds after clicking a malicious link promoted to the top of Google Search results.
The trader was attempting to sign off on a DeFi transaction, said Baridwaj.
In another example, he said Alameda was yield farming on a new blockchain of “questionable legitimacy” — a move that saw the trading firm eventually rack up losses of more than $40 million.
Baradwaj wrote that FTX founder Sam Bankman-Fried believed that the “single most important thing” for Alameda and FTX was their ability to move quickly. This ethos led to Alameda routinely ignoring industry-standard engineering and accounting practices for such firms, he said.
“This meant virtually no code testing and incomplete balance accounting. Safety checks for trading would only be added on an as-needed basis,” wrote Baradwaj.
“Blockchain private keys and exchange API keys were stored in plaintext in a file that several employees could access.”
This led to another security incident that cost the firm millions after an old version of the plaintext files containing keys to Alameda’s wallets were leaked.
The attacker transferred funds out of “some exchanges” and the incurred losses tallied up to more than $50 million, explained Baradwaj.
These are just a few incidents – there’s many more, including from before my time at the company.
FTX had its own issues, including the MobileCoin fiasco that Gary recently testified about during the trial.
— Adi (e/acc) (@aditya_baradwaj) October 11, 2023
He said that Alameda suffered through “many more” incidents of similar scope to the ones he’d described, but many of these were before his time at the…
Click Here to Read the Full Original Article at Cointelegraph.com News…