Bitfinex database
Tether CEO responds to allegations of a Bitfinex database attack by “F Society.” A ransomware group claims to have targeted Bitfinex, but executives at the cryptocurrency exchange deny that a cyberattack took place. A notorious group known as F Society claims to have successfully infiltrated Bitfinex and accessed a staggering 2.5 terabytes of information, including the personal information of approximately 400,000 of his Bitfinex users and the entire crypto community, which is causing concern.
Table of Contents
Bitfinex database attack by “F Society.
Tether CEO Paolo Ardoino responds
Following the allegations, Tether CEO Paolo Ardoino, who is also Bitfinex‘s CTO, reached out to X to directly address the situation. “Everyone is panicking about a possible database breach at Bitfinex. Tldr appears to be fake,” Ardoino posted on social media.
However, according to Shinoji Research, F Society has uploaded a page to his Onion site with two megalinks of text leading to his files, including a partial dump of usernames and cleartext passwords. Still, Ardoino pointed out that Bitfinex’s storage system lacks cleartext passwords and his two-factor authentication (2FA) secrets.
Read also: Women In Crypto [Infographic]
The ransomware group has threatened to escalate the situation by releasing Know Your Customer (KYC) documents to all users if their demands for “large payments” are not met.
Given the amount of data they allegedly possess, it is suspected that they may have had access to his KYC documents spanning his entire Bitfinex operating history.
The leaked data reportedly includes email domains, of which one of his domains, Coinfarm.co.za, is of particular interest. However, most domains appear to be public rather than private, suggesting possible selective curation by hackers.
Ardoino highlighted
In his post, Ardoino sought to allay fears by suggesting that the allegations of infringement may be unfounded. “Various security researchers rushed to hype this breach,” he says. “However, according to the information we were able to learn, hackers are collecting a database of emails and passwords that may have come from various cryptocurrencies.
Unfortunately, most users have multiple I am using the same email address and password for this website. Bitfinex is conducting a “detailed analysis” of its systems and “no violations have been found at this time,” Ardoino added, calling it “pure FUD.”
Read also: Principles for dealing with the changing world order by ray dalio
Additionally, Ardoino pointed out inconsistencies in the leaked data, such as only some of his addresses matching emails to Bitfinex users. He questioned the validity of the hackers’ claims, pointing out that the hackers did not contact Bitfinex through established channels to report vulnerabilities or demand a ransom.
Ardoino also shed light on how the leaked data could have come from various cryptocurrency breaches, as many users tend to reuse email and password combinations across multiple platforms. .
Additionally, Ardoino highlighted his KYC platform’s strict rate-limiting measures to prevent mass downloads of sensitive information. Meanwhile, in another post, Ardoino shared findings from security researchers who speculated that the alleged hack could be a ploy to sell hacking tools.
Read also: Spot Ethereum ETF And Bitcoin ETF To Go Live On April 30 in Hong Kong
The message was reportedly sent from a Telegram channel, suggesting that disseminating claims of Bitfinex’s infringement may be used as a marketing strategy to promote the tool’s effectiveness.
In light of these developments, Ardoino asked the cryptocurrency community about the possibility that some of the valid emails came from cryptocurrency users and stemmed from previous breaches.
Read also: Privasea and Zama form a strategic partnership to revolutionize AI data security.
“If someone compiled a database of 100,000 emails unique to people in the crypto space (collected from previous crypto hacks), 20% of them would be valid emails on cryptocurrency exchanges,” asked his CTO at Bitfinex. .
