- FSOCIETY sparked panic by claiming to have compromised BitFinex.
- Initially, security researchers authenticated the hack, citing a match with some leaked passwords.
- BitFinex CTO Paolo Ardoino chimed in, casting doubt on the hack.
Notorious hacking group FSOCIETY, styled after the crew in the hit TV show Mr. Robot, claimed successful hacks on several victims on its dark web homepage, which included crypto exchange BitFinex.
Their hacking group claimed to possess terabytes of users’ data from the exchange and threatened to release it, plunging users into panic. Yet, as users scrambled to safeguard their accounts, FSOCIETY’s credibility waned, leaving many questioning if they were just another group crying wolf.
BitFinex Hacked?
On April 25, FSociety proudly announced on the dark web that it compromised over 400,000 BitFinex accounts, grasping over 2.5 terabytes of user data. The hacking group issued a seven-day ultimatum for the exchange to reach out, backing up their claim by leaking a text file containing a partial dump of usernames and plaintext passwords.
Sponsored
But it didn’t stop there. FSociety upped the ante by threatening to release all users’ KYC details if their demands weren’t met promptly.
As the clock ticked down, chaos rippled through BitFinex’s user base. In a frenzy to validate the breach, security researchers tested the leaked passwords, triggering 2FA prompts and sending a wave of urgency for users to change their credentials.
Amid the panic, Paolo Ardoino, BitFinex’s CTO and CEO of Tether, chimed in, casting doubt on the legitimacy of the hack.
BitFinex CTO Clears the Air
After a week of panic, Ardoino offered some relief on Friday, clarifying that the data originated from another breach and not from BitFinex. The executive also revealed that the hackers never reached out for ransom.
Sponsored
The BitFinex CTO detailed that FSociety’s data contained 22,500 records of emails and passwords, of which only 5,000 were linked to BitFinex users. Ardonio also emphasized that the exchange didn’t store passwords in plaintext. He also highlighted that if any real information had been compromised, they would have been contacted through their bug bounty program, customer support ticket system, emails, or Twitter.
Shinoji Research linked the emails to the recent CoinMarketCap breach, asserting that the compromised accounts had a significant presence on HaveIBeenPwned. This website indicates if your email has been compromised.
Ardoino maintained that BitFinex found no breaches after a deep analysis of its system. In a separate tweet, he unveiled FSociety’s motives, claiming the ransomware group aimed to promote its ransomware tool and share profits with subscribers.
Ardoino questioned, "If they truly hacked BitFinex, do they really need to sell stuff for $299?"
On the Flipside
- The panic surrounding Bitfinex stems from its notorious hack in 2016. Two individuals pleaded guilty to money laundering charges concerning the hack, surrendering over 95,000 Bitcoin to the government.
- Losses due to crypto hacks dropped by 67% in April to $60.2 million, marking a notable reduction in crypto attacks, representing the first significant decline in 2024.
Why This Matters
The panic surrounding BitFinex’s alleged hack serves as why it is essential to do your research, talk to officials, and stay up to date with official communication from the team to keep yourself safe.
Are altcoins under threat?
Michael Saylor Warns SEC to Flag ETH, ADA, SOL as Securities
Bitcoin pulls a surprise comeback:
Bitcoin Reclaims $63,000 After Massive Liquidation Scare
