Re: FTX has been hacked, delete the app, don't go to website
You think this hack is bad, wait till Twitter gets hit since so many of their IT / Security people have been fired and quit.
Amazing if Twitter manages to turn in to even more of a mess than it has been the last few days under Musk's phenomenal leadership. And to think people in this space listen to him for investment advice. Lol.But eliminating all other things I have been saying for years unless you have a controlled multiple verification setup for updating anything like this you are just asking for trouble.
Automatic updates are awful for the exact reason you have pointed out. But the fact remains that >99.99% of people do not have both the ability and the time to independently review the code for every update for every piece of software they use. So what do you do instead? Only verify the important ones? Wait a week after each update and ensure no vulnerabilities have been disclosed? What about if you miss some critical security patch or update in that time? There is universally correct answer here.The best thing most people could do would be to get their coins in to their own hardware or airgapped wallet. Doing that will protect you against almost all such malicious software or updates.
It's time for: "Recent events should make you withdraw all your coins to your own wallet: Part 4". 
Haha. I had drafted the beginnings of a post when FTX starting looking sketchy. Then I had to edit it when they started looking for bail outs. Then I had to edit it again when the bail outs failed. Then after BlockFi also started looking sketchy and now this insider job scam as well I've given up editing it for now. It's just so hard to keep up with the plethora of shadiness, illegality, and outright scams in the world of centralized exchanges!