FTX Accounts Drainer Swaps Millions in Stolen Crypto, Becomes 35th-Largest Ether Holder

Whoever was behind last week’s $600 million exploit of crypto exchange FTX started moving millions of dollars in stolen funds during European morning hours on Tuesday.

The funds were siphoned from FTX's crypto wallets late Friday. Soon after, the exchange said on its official Telegram channel that it had been compromised, instructing users not to install any new upgrades and to delete all FTX apps.

Multiple addresses connected to the accounts drainer today transferred over 21,555 ether (ETH), or over $27 million, to a single address. These were later converted to stablecoin DAI on the swapping service CowSwap, blockchain data shows.

The addresses, over several transactions, amassed over $48 million of DAI and swapped it all into 37,000 ether. The address now holds over 288,000 ether and is the 35th-largest owner of the cryptocurrency, blockchain data pointed out by security firm PeckShield shows.

Separately, some stolen 7,420 BNB tokens, worth just above $2 million, were converted to 1,500 ether using BNB Chain-based exchange PancakeSwap. The exploiter then bridged the converted ether to the Ethereum network.