The market has not yet recovered from the shock of the collapse of the FTX building and the announcement of bankruptcy and reorganization in a few days.

In recent days, although user deposits cannot be withdrawn, FTX is still open for trading, and user deposits are also dubbed "Happy Beans". Many users have hoped to operate.

Since this morning, the user's deposit value, deposit and withdrawal records, and transaction records have all disappeared. For FTX users, the last glimmer of hope is almost dashed.

At noon today, FTX was suspected of being hacked. On-chain records show that a large number of exchange assets of FTX and FTX US began to be collected to the same on-chain address 0x59abf3837fa962d6853b4cc0a19513aa031fd32b. Some wallets were labeled as fucksbf and fuckftxandsbf.eth, which also raised suspicions that FTX was hacked.

Several project parties have reminded users of the possibility of information leakage. It is recommended to uninstall the FTX App, and do not download the new version of FTX or update the version.

In addition, FTX Telegram administrator Rey stated that FTX was hacked and reminded not to visit the FTX website because it may download a Trojan horse virus.

FTX US General Counsel Ryne Miller responded that he is investigating wallet changes related to the consolidation of FTX balances across exchanges and will share more information as soon as possible.

So far, FTX has not given a detailed explanation for the "hacking" incident. But the bankruptcy was announced yesterday, and most of the assets were stolen today. The plot that "the screenwriter can't write" is really unbelievable that it was not directed by someone. The strange behavior of the wallet makes people suspect that this is a "coin theft" accident, or the team. The money ran away.

After the collection of funds, a large amount of funds were transferred out of FTX and sold directly through DEX. At present, UNI, stETH, 1INCH, WBTC, SUSHI, YFI, LDO, LINK, MATIC, AAVE, SHIB, and APE with addresses starting with 0x59ab are sold.

Surprisingly, these token sales have extremely high slippage. Taking MATIC as an example, the hacker sold MATIC worth about US$9.13 million, but only received ETH worth about US$6.23 million, and the loss caused by slippage was as high as nearly 3 million. The urgency with which it cashed out was astounding.

After a large number of sales, even more unbelievable behavior of hacker addresses appeared. Unlike previous hackers who held a large amount of ETH, the FTX hacker address (starting with 0x59ab) used 46.2 million USDT to buy 116,915 BNB in ​​addition to ETH and DAI at a unit price of $395.

The appearance of hackers at the right time also made the market inevitably have some associations about the direction of the matter.

Autism Capital, a Twitter user who has been tracking this incident, gave a more sensational conjecture: the hacker was nothing, and the insiders absconded with money.

Autism Capital found that the hacker's operation records did not match the time node when FTX disclosed the information, and the hacker's operating authority was extremely high. Some people think that this is not like outsiders can achieve.

Some community users discovered that the Github account of FTX founder and CTO Gary Wang continued to contribute code until the company closed down. This active "work" situation is also confusing. On November 11, Gary Wang submitted code 5 times. On November 10, Gary Wang submitted 19 codes. However, since the code was submitted to a private project, we cannot see the specific content of the submission, but it is speculated that the updated code may be the code of FTX.

On the FTX official website, only SBF and Gary Wang have the title of "Founder".

This afternoon, the Reuters report also revealed more doubts. An investigation by FTX's legal and financial team found that SBF implemented what it called a "back door" into FTX's accounting system, which was built using custom software. This "back door" allowed SBF to perform work that could alter the company's financial situation without alerting others, including outside accountants. The setup, which meant moving $10 billion to Alameda, did not raise any internal compliance or accounting risk red flags at FTX, they said.

At least $1 billion in customer funds has disappeared from crypto exchange FTX, according to two people familiar with the matter. Sam Bankman-Fried has secretly transferred $10 billion in client funds from FTX to Alameda Research, according to people familiar with the matter. One source estimated the unaccounted for at about $1.7 billion. Another said between $1 billion and $2 billion.

As the number one Internet celebrity, Musk is naturally indispensable for such a phenomenal event.

At 14:00 today, Elon Musk tweeted that he was tracking the FTX crash/investigation event in real time on Twitter. Later, he also participated in the theme SPACE for the FTX event, but did not disclose more information on whether he would participate in this event.

At 15:00 today, FTX US General Counsel Ryne Miller responded, “After the Chapter 11 bankruptcy application, FTX US and FTX initiated preventive measures to transfer all digital assets to cold wallets. The process has been expedited to mitigate unauthorized transactions. The loss caused by the transaction." But he did not say whether today's "hacking" behavior is an official "transfer" behavior. At present, FTX has not yet made an official statement on this incident.

According to Bloomberg News, FTX has launched an investigation into the "abnormal situation" of the platform's fund balance. The FTX hacking incident continues to ferment, and the truth is still confusing. Odaily will continue to track the progress of this incident.