Former Alameda Research software engineer Aditya Baradwaj has uncovered multiple security vulnerabilities that reportedly resulted in a loss of at least $200 million for FTX’s sister hedge fund. Baradwaj took to X (Twitter) to reveal the details, titling his posts ‘The Hacks’. According to him, “poor security practices at Alameda Research caused the company to lose hundreds of millions of dollars.”
These revelations come at a time when Sam Bankman-Fried (SBF), the former CEO of FTX, is facing a six-week-long criminal trial in lower Manhattan. Baradwaj claims that SBF prioritized speed over engineering and accounting standards, which are considered standard in the tech and financial services industries.
Baradwaj points out that Alameda Research’s security measures were questionable, as safety checks for trading were only implemented when needed. He also gave examples of major security breaches that occurred at Alameda Research every few months.
Phishing Attack Resulting in $100 Million Loss
Baradwaj described an incident where an Alameda trader fell victim to a phishing attack while attempting to complete a DeFi transaction. The trader clicked on a fake link that was promoted at the top of Google Search results, resulting in a loss of over $100 million.
Loss of $40 Million in Yield Farming on a Questionable Blockchain
Another alarming incident involved yield farming on a new blockchain with questionable legitimacy. Baradwaj explained that the creator of the blockchain held Alameda’s funds hostage, leading to months of negotiations and a loss of $40 million. Yield farming refers to earning yield by providing liquidity to various token pairs in a decentralized application (dApp).
However, malicious actors can create fake dApps to block withdrawals after accumulating a significant amount of funds.
Additionally, an ex-employee leaked blockchain private keys that were stored in plaintext, resulting in a loss of over $50 million. These security breaches highlight the vulnerabilities present in Alameda Research’s practices.
Caroline Ellison, the ex-CEO of Alameda and SBF’s former girlfriend, provided testimony against SBF, describing him as a “very ambitious” risk-taker who mishandled customer funds for his own ideals. She revealed that SBF even expressed his desire to become the President of the United States, giving him a 5% chance of achieving this goal.
Ellison also disclosed that SBF intentionally made investment choices that led to his pursuit of funding from the Saudi Prince and his plotting against Binance.
Baradwaj has been outspoken about the fraudulent activities committed by both Alameda and FTX in recent times. He personally suffered significant financial losses when FTX collapsed in November 2022. However, SBF maintains his innocence and has pleaded not guilty to the charges against him throughout his trial.