October 14, 2022

FTX lost over $100,000 in gas theft

Today, October 13, the Wu Blockchain team drew attention to an anomalous activity in the FTX hot wallet. A hacker took advantage of a vulnerability in the withdrawal mechanism, "siphoning off" over $100k in gas fees. 

The Wu Blockchain team announced the vulnerability on its Twitter page. The reason for what happened is that FTX, while not charging a withdrawal fee, does not impose a gas limit on transactions.

The hacker created several contracts with 1-3 subcontracts. Each of them executed a mine or claim in XEN. Each of these transactions resulted in a gas fee debit from the FTX hot wallet.

As a result, the exchange lost 81 ETH. At the same time, the hacker transferred 100 million XEN to his account, some of which he withdrew back to FTX and Binance. Thus, he earned 61 ETH (over $70,000).

There were quite a few small transactions like that "siphoning off" fees from the exchange. Over time, these contracts simply self-destruct.

Wu Blockchain claims that the exploit has not yet been closed. Therefore, it is too early to judge the exact losses of the exchange.

Jack Evans

About the author

I became a crypto asset owner in 2014, when the industry was in its infancy. Before that, I was working in the classic US and European stock markets. Since then, I have gained extensive experience in both cryptocurrency investing and day trading. I am happy to share with readers my experience with crypto exchanges, DeFi and NFT instruments. 

View All Posts By Jack Evans