FTX’s sister hedge fund, Alameda Research, lost at least $190 million of its trading funds due to arguably avoidable scams, according to a former engineer at the firm.
In an Oct. 12 post to X titled “The Hacks,” former Alameda Research engineer turned whistleblower Aditya Baradwaj claims that the firm’s “breathtaking” agility led to “major security incidents” as often as every few months.
Incident #1:
An Alameda trader got phished while trying to complete a DeFi transaction by accidentally clicking a fake link that had been promoted to the top of Google Search results
Cost: $100M+
Postmortem: Implemented extra checks on our internal wallet software
In an example of one of the biggest exploits, Baradwaj claims a trader at Alameda once lost more than $100 million of the firm’s funds after clicking a malicious link promoted to the top of Google Search results.
The trader was attempting to sign off on a decentralized finance transaction, said Baradwaj.
In another example, he said Alameda was yield farming on a new blockchain of “questionable legitimacy” — a move that saw the trading firm eventually rack up losses of more than $40 million.
Baradwaj wrote that FTX founder Sam Bankman-Fried believed that the “single most important thing” for Alameda and FTX was their ability to move quickly. This ethos led to Alameda routinely ignoring industry-standard engineering and accounting practices for such firms, he said.
“This meant virtually no code testing and incomplete balance accounting. Safety checks for trading would only be added on an as-needed basis,” wrote Baradwaj.
This led to another security incident that cost the firm millions after an old version of the plaintext files containing keys to Alameda’s wallets were leaked.
The attacker
Read more on cointelegraph.com