A consultant used his personal wallet to save $400 million from being stolen during FTX hack: Wired

Quick Take

  • During FTX’s hack last year, consultant Kumanan Ramanathan used his Ledger Nano device to help protect the exchange assets.
  • Ramanathan volunteered to receive funds to his Ledger device and secured $400-$500 million of crypto by doing so, according to a Wired report.

During last year’s hack of FTX, consultant Kumanan Ramanathan utilized his personal Ledger Nano hardware wallet to safeguard vulnerable assets when unusual outflows were detected by the staff, according to a Wired investigation.

On Nov. 11 2022, unusual withdrawals alarmed former staff members and executives. While FTX later reported losses surpassing $450 million, the efforts of Ramanathan and the FTX team preserved a significant portion of the assets.

Ramanathan, associated with the consulting and restructuring firm Alvarez & Marsall, volunteered to relocate a major portion of the company’s assets to his device, thereby protecting between $400 and $500 million of FTX’s cryptocurrency. The transactions, initiated by former CTO Gary Wang, helped mitigate further losses.

The assets were housed on Ramanathan’s device until FTX’s crypto custodian provider, BitGo, had cold storage wallets ready. Subsequently, the exchange collaborated with BitGo, safeguarding over $1.1 billion in total, Wired found.

Another $400 million was relayed to the Securities Commission of the Bahamas for protective purposes. This episode transpired shortly after former CEO Sam Bankman-Fried filed Chapter 11 bankruptcy protection.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Protective measures post-hack

During the hack, FTX staff voiced concerns about potential delays in initializing BitGo’s cold storage wallets, emphasizing the necessity for a prompt solution. As a result, Ramanathan volunteered to provide his Ledger wallet as a temporary security measure during an emergency meeting, as per the Wired report.

Nearly 11 months later, the identity of the hacker remains undetermined. In a later interview, Bankman-Fried alluded to the possibility that an insider, potentially a “former employee,” might have accessed FTX’s crypto wallet keys. This view was recently matched by Zane Tackett, former head of institutional sales at FTX, in an interview on The Scoop podcast.

Recently, considerable movements of assets were reported from the FTX hacker, with stolen funds moving from Ethereum to Bitcoin via cross-chain exchange services on Thorchain and Railgun. This maneuver, known as chain hopping, is employed to disguise the origin of funds.

Disclaimer: The former CEO and majority shareholder of The Block has disclosed a series of loans from former FTX and Alameda founder Sam Bankman-Fried.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]


To contact the editor of this story:
Tim Copeland at
[email protected]