Tether CEO responds to alleged Bitfinex database attack from ‘F Society’

A ransomware group claims to have targeted Bitfinex, but senior officials at the cryptocurrency exchange deny a cyberattack took place.

The notorious group known as the F Society is raising concerns across the cryptocurrency community after claiming to have successfully hacked Bitfinex and gained access to a staggering 2.5 terabytes of information, including the personal details of around 400,000 Bitfinex users.

see below.

In response to these allegations, Tether CEO Paolo Ardoino, who is also CTO at Bitfinex, took to X to address the situation directly.

“Everyone is panicking about the possibility of a Bitfinex database being hacked. Tldr: Looks fake,” Arduino posted on social media.

But, according to… Shinoji ResearchF Society has uploaded a page to its onion site, accompanied by two huge links that lead to a text file containing a partial dump of plain-text usernames and passwords.

However, Arduino noted that there are no plain text passwords and two-factor authentication (2FA) secrets in Bitfinex's storage systems.

The ransomware group has threatened to escalate the situation by leaking Know Your Customer (KYC) documents to all users if their demands to “pay a large amount” are not met.

Given the volume of data they allegedly have in their possession, it has been suggested that they may have access to KYC documents covering the entire history of Bitfinex's operations.

The leaked data reportedly contains email domains, with one domain, Coinfarm.co.za, attracting particular interest. However, most domains appear to be public rather than corporate-specific, suggesting the possibility of selective regulation by hackers.

.

In his posts, Ardoino sought to allay concerns, suggesting that the alleged breach may be unfounded.

“Various security researchers were quick to promote the hack,” he said. “However, from what we have been able to gather, the hackers have collected a database of emails/passwords potentially from various cryptocurrency breaches. Unfortunately, most users use the same email/passwords across multiple sites.

Arduino added that Bitfinx is conducting a “deep analysis” of its systems and “currently has not found any hack,” calling it “pure FUD.”

Furthermore, Arduino pointed out inconsistencies in the leaked data, such as only a small portion of email addresses matching Bitfinex users. He questioned the legitimacy of the hackers' claims, pointing out their failure to contact Bitfinex through established channels to report vulnerabilities or demand ransom.

Arduino also highlighted the possibility of aggregating leaked data from various cryptocurrency breaches, as many users tend to reuse email and password combinations across multiple platforms.

Additionally, Arduino emphasized the robust rate-limiting measures in place in the KYC platform, which will prevent mass downloading of sensitive information.

Meanwhile, in a separate post, Arduino shared thoughts from a security researcher who speculated that the alleged hack may be a ploy to advertise a hacking tool for sale.

The message allegedly originated from a Telegram channel, suggesting that spreading allegations regarding the Bitfinex breach could serve as a marketing tactic to boost the tool's effectiveness.

In light of these developments, Arduino has posed a question to the cryptocurrency community regarding the possibility of collecting some valid cryptocurrency user emails from previous breaches. “If someone compiled a database of 100,000 emails belonging to people in the cryptocurrency space (collected from all previous cryptocurrency hacks), how likely is it that 20% of them are valid emails on some cryptocurrency exchange? ” asked Bitfinex's CTO.

We reached out to Bitfinex for comment on the alleged breach, but they did not respond.