BitFinex Under Threat? Hackers Allege Access to 400K Users’ Accounts
- BitFinex CTO Paulo Ardoino save the day after hackers allege compromising users’ account details.
- FSOCIETY sparked panic by claiming to have compromised BitFinex.
- Initially, security researchers authenticated the hack, citing a match with some leaked passwords.
BitFinex CTO Paolo Ardoino chimed in, casting doubt on the hack.
Notorious hacking group FSOCIETY, styled after the crew in the hit TV show Mr. Robot, claimed successful hacks on several victims on its dark web homepage, which included crypto exchange BitFinex.
Their hacking group claimed to possess terabytes of users’ data from the exchange and threatened to release it, plunging users into panic.
Yet, as users scrambled to safeguard their accounts, FSOCIETY’s credibility waned, leaving many questioning if they were just another group crying wolf.
BitFinex Hacked?
On April 25, FSociety proudly announced on the dark web that it compromised over 400,000 BitFinex accounts, grasping over 2.5 terabytes of user data.
See Also: Paolo Ardoino (Bitfinex CTO) Has Denied Rumors Of Data Breach
The hacking group issued a seven-day ultimatum for the exchange to reach out, backing up their claim by leaking a text file containing a partial dump of usernames and plaintext passwords.
But it didn’t stop there. FSociety upped the ante by threatening to unleash the KYC details of all users if their demands weren’t met promptly.
As the clock ticked down, chaos rippled through BitFinex’s user base. In a frenzy to validate the breach, security researchers tested the leaked passwords, triggering 2FA prompts and sending a wave of urgency for users to change their credentials.
Amid the panic, Paolo Ardoino, BitFinex’s CTO and CEO of Tether, chimed in, casting doubt on the legitimacy of the hack.
BitFinex CTO Clears the Air
After a week of panic, Ardoino offered some relief on Friday, clarifying that the data originated from another breach and not from BitFinex.
The executive also revealed that the hackers never reached out for ransom.
The BitFinex CTO detailed that FSociety’s data contained 22,500 records of emails and passwords, of which only 5,000 were linked to BitFinex users. Ardonio also emphasized that the exchange didn’t store passwords in plaintext.
He also highlighted that if any real information had been compromised, they would have been contacted through their bug bounty program, customer support ticket system, emails, or Twitter.
Everyone panicking for a potential database breach on bitfinex.
Tldr: seems fake.The alleged hackers have posted 2 mega links with sample data contains 22.5k records of email and passwords.
– we don't store plaintext passwords, nor 2FA secrets in clear text.
– only 5k of 22.5k…— Paolo Ardoino
(@paoloardoino) May 4, 2024
Shinoji Research linked the emails to the recent CoinMarketCap breach, asserting that the compromised accounts had a significant presence on HaveIBeenPwned, a website that indicates if your email has been compromised.
Ardoino maintained that BitFinex found no breaches after a deep analysis of its system.
In a separate tweet, he unveiled FSociety’s motives, claiming the ransomware group aimed to promote its ransomware tool and share profits with subscribers.
Here a message from a security researcher (that instead of panicking, trying to dig a bit more into it).
"I believe I start to understand what is happening and why they are sending these messages claiming you were hacked.
The message in the screenshot in the ticket came from a… pic.twitter.com/YjwG2eeXw2— Paolo Ardoino
Ardoino questioned, “If they truly hacked BitFinex, do they really need to sell stuff for $299?”
The panic surrounding Bitfinex stems from its notorious hack in 2016. Two individuals pleaded guilty to money laundering charges in connection with the hack, surrendering over 95,000 Bitcoin to the government.
Losses due to crypto hacks dropped by 67% in April to $60.2 million, marking a notable reduction in crypto attacks, representing the first significant decline in 2024.
#PeckShieldAlert In April 2024, the crypto space encountered ~40 hacks, resulting in losses totaling ~$60.2 million.
This marks a significant decrease of 67% from the losses recorded in March 2024. #Top5 hacks:#HedgeyFinance: ~$47.35 million, involving ~$44 million worth of… pic.twitter.com/wKMg4ZMxSr— PeckShieldAlert (@PeckShieldAlert) May 1, 2024
The panic surrounding BitFinex’s alleged hack serves as why it is essential to do your research, talk to officials, and stay up to date with official communication from the team to keep yourself safe.
Disclaimer: The information provided is not trading advice. Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
#Binance #WRITE2EARN
The post BitFinex Under Threat? Hackers Allege Access to 400K Users’ Accounts appeared first on BitcoinWorld.
