How BitFinex was held hostage by hackers – the complete story of the hack

CONTENT

  • Hackers are still successful in absconding

  • Scammers continue to transfer stolen funds

  • The police do not help find criminals

International consortium of news organizations developing transparency standards.

Thursday, October 8, 2020, began with the news that hackers who hacked the popular digital asset exchange BitFinex in 2016 transferred a large amount of stolen bitcoins (BTC) again. 

For the team of the trading platform, the activity of the attackers is a reminder of the failure four years ago. Regular funds transfers by hackers do not allow BitFinex representatives, and at the same time all members of the crypto community, to forget about what happened. 

Bitfinex Intrigue – Warrant Canary Disappears

The editors of BeInCrypto decided to figure out how the reputation of the popular exchange was taken hostage by scammers, and whether there is any hope of catching criminals.

How BitFinex was hacked 

For the first time, information about the breakthrough of BitFinex security systems appeared on the network on August 2, 2016. A day later, the team of the trading platform published a post with all the data known at that time on its blog and social networks … Amid the incident, the exchange was suspended.

Bitfinex Security Breech: https://t.co/9Y56DYoSDn

– Bitfinex (@bitfinex) August 2, 2016

Later, during the check, it was possible to establish that unknown persons stole 119.756 BTC from the platform. At the time of the incident, the value of the stolen cryptocurrency was $ 71.8 million.

According to one of the versions, the fraudsters gained access to the funds of the platform users due to the refusal of the representatives of the latter to store assets in cold wallets. It is known that at the time of the hack, the work of BitFinex was organized in part on the basis of the technical solutions of the BitGo startup. Presumably, the imperfection of the system allowed hackers to obtain access keys, with which, subsequently, they were able to withdraw the cryptocurrency. Despite the fact that more than four years have passed since the trading platform was hacked, the exact scenario of the scammers’ work is still unknown..

How A Ponzi Scheme Whistle-Blower Was Taken By His Own Government

The police were involved in the investigation. However, as it turned out later, the methods of work of the law enforcement officers were ineffective. For the entire period of work, the police helped the platform to return only 27.66270285 BTC (0.02% of the total stolen funds). Despite this, in April 2017, the exchange team reimbursed the losses to the affected users.

Operations with stolen bitcoins

The history of transferring bitcoins stolen from BitFinex, according to the Twitter bot Whale Alert, began on June 7, 2020. When it will end is unknown. The chronology of transfers of funds stolen from BitFinex recorded by Whale Alert in 2016 is as follows:

  • June 7, 2019 transfer 30.66757155 BTC, transfer 19.67 BTC, transfer 80.93787872 BTC, transfer 17.0291308 BTC, transfer 24.26178489 BTC.
  • June 8, 2019 transfer 17.03 BTC.
  • August 12, 2019 transfer 30.667542 BTC.
  • May 22, 2020 transfer 28.39124 BTC, transfer 2.275952 BTC.
  • June 2, 2020 transfer 77.644901 BTC, transfer 3.292869 BTC.
  • How BitFinex was held hostage by hackers - the complete story of the hack
  • June 11, 2020 transfer 15.176744 BTC, transfer 15.476164 BTC, transfer 15.717251 BTC, transfer 16.648619 BTC, transfer 17.095428 BTC, transfer 17.813872 BTC, transfer 18.441607 BTC, transfer 18.732718 BTC, transfer 18.877855 BTC, transfer 19.156244 BTC, transfer 19.435 BTC, transfer 22.446922 BTC, transfer 24.103418 BTC, transfer 24.847739 BTC, transfer 25.571318 BTC, transfer 26.487092 BTC, transfer 27.352629 BTC, transfer 33.328789 BTC.
  • July 24, 2020 transfer 260.71 BTC, transfer 271.23 BTC
  • July 27, 2020 transfer 174.44 BTC, transfer 86.266727 BTC, transfer 183.55 BTC, transfer 87.673599 BTC, transfer 473.32 BTC, transfer 448.72 BTC, transfer 476.32 BTC, transfer 320.34 BTC, transfer 299.99 BTC.
  • July 29, 2020 transfer 2.612703 BTC, transfer 473.71 BTC.
  • July 30, 2020 transfer 448.72 BTC.
  • August 3, 2020 transfer 5.59208 BTC, transfer 11.912776 BTC, transfer 294.4 BTC, transfer 308.43 BTC
  • August 18, 2020 transfer 467.67 BTC, transfer 5.648296 BTC.
  • October 8, 2020 transfer 8.27394 BTC, transfer 3.412834 BTC, transfer 1.166206 BTC, transfer 435.2 BTC, transfer 391.68 BTC, transfer 455.11 BTC, transfer 398.15 BTC, transfer 400.1 BTC, transfer 389.94 BTC, 

On the graph, transactions and the behavior of the bitcoin rate during the period of their implementation can be represented as follows:

  • Pink ovals mark bitcoin’s growth amid transfers of funds stolen from BitFinex by scammers.
  • Blue ovals mark periods of BTC rate drop amid the movement of hacker funds.
  • Green rectangle – lateral movement of the bitcoin rate against the background of the transfer of assets stolen from the exchange.

Bitcoin chart. Data: TradingView

It is likely that the Whale Alert bot could have missed some transactions that are related to the platform hacking. Accordingly, the above list may not be complete..

Headhunting

It is noteworthy that on August 4, 2020, after almost four years of unsuccessful attempts to return the stolen funds, BitFinex representatives, tired of the constant transfers of hackers, decided to announce a reward for the heads of scammers.. 

Bitfinex offers up to ~ $ 400M reward for return of 2016 stolen BTC https://t.co/04GrHoKZdQ

– Bitfinex (@bitfinex) August 4, 2020

According to the platform’s blog, the user who helps the exchange representatives catch the attackers will receive a reward in the form of 30% of the bitcoins stolen in 2016. The BitFinex team also approached the hackers themselves with an offer to surrender for a fee.

Following the announcement of the bounty hunt, the transfers of stolen funds likely indicate a reluctance by hackers to give up..

findings

Hacking BitFinex was a good lesson for everyone in the crypto industry. Against the background of the incident, many trading platforms began to improve their protection systems against hackers..

Modern digital asset exchanges significantly outperform the 2016 BitFinex in terms of security. One of the details that allows you to reduce risks when working with cryptocurrencies is confidentiality.

The lack of information about the identity of users makes it possible to exclude the possibility of data manipulation by hackers. An example of an anonymous exchange with high security standards – StormGain. P.S. When registering using the link, the platform issues 25 USDT to all newcomers to replenish the deposit.

As a reminder, earlier we figured out what BitFinex, Tether and US regulators did not share.

Disclaimer

All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..

Share Article

How BitFinex was held hostage by hackers - the complete story of the hack
How BitFinex was held hostage by hackers - the complete story of the hack
How BitFinex was held hostage by hackers - the complete story of the hack
How BitFinex was held hostage by hackers - the complete story of the hack