An ex-engineer at Alameda Research has revealed a number of management errors that cost the company at least $190 million. Among these irregularities was catastrophic management of private keys.
Alameda Research: several errors led to millions of dollars in losses
If certain practices can be described as “rookie mistakes” for a novice investor, it’s downright foul play when it comes to a company managing several billion dollars in client assets. In this regard, Aditya Baradwaj, a former engineer at Alameda Research, has posted a thread in which he shares the flawed practices of his former company that caused the loss of millions of dollars.
The first “incident” relayed recounts how an Alameda Research trader suffered a phishing attack by clicking on a fraudulent advertising link spoofing a decentralized finance application (DeFi) in Google search results. This error cost the company $100 million.
Next, Aditya Baradway explains that the creator of a “blockchain of dubious legitimacy” held the company’s funds hostage during yield farming operations. The negotiations lasted several months and cost Alameda Research $40 million :
Incident 2:
We started yield farming on a new blockchain of questionable legitimacy. The creator ended up holding our funds hostage, and we had months of prolonged negotiations
Cost: $40M+
Postmortem: Decided to be more careful about which chains/protocols we trade on
– Adi (e/acc) (@aditya_baradwaj) October 11, 2023
Nevertheless, the most astonishing fault concerns the catastrophic management of the company’s private keys. These were stored unencrypted on a file accessible to several employees, along with secret API keys, an irregularity that cost the company $50 million :
” An old version of our plain text key file was leaked, probably by a former employee. The attacker transferred funds from certain exchanges and placed bad orders. Cost: $50 million. “
According to the former Alameda Research engineer, “these are just a few of the incidents” that caused the company to lose money. However, he did not specify the dates of these incidents
