Share this article
Bitfinex has been thrust into the spotlight recently after a ransomware group, named “FSOCIETY,” claimed to have gained access to 2.5TB of the exchange’s data and the personal details of 400,000 users. In response to the allegations, Bitfinex CTO Paolo Ardoino clarified that the claims of a database hack appear to be “fake” and assured user funds remain secure.
Ardoino found out there were data discrepancies and user data mismatches in the hacker’s posts.
The hackers posted sample data containing 22,500 records of emails and passwords. However, according to Paolo, Bitfinex does not store plain-text passwords or two-factor authentication (2FA) secrets in clear text. Additionally, of the 22,500 emails in the leaked data, only 5,000 match Bitfinex users.
According to him, it could be a common issue in data security: users often reuse the same email and password across multiple sites, which might explain the presence of some Bitfinex-related emails in the dataset.
Another highlight is the lack of communication from the hackers. They did not contact Bitfinex directly to report this data breach or to negotiate, which is atypical behavior for ransomware attacks that typically involve some form of ransom demand or contact.
Moreover, information about the alleged hack was posted on April 25, but Bitfinex only became aware of the claim recently. Paolo said if there had been any genuine threat or demand, the hackers would have likely used Bitfinex’s bug bounty program or customer support channels to make contact, none of which occurred.
“The alleged hackers didn’t contact us. If they had any real information they would have asked a ramson through our bug bounty, customer support ticket etc. We couldn’t find any request,” wrote Ardoino.
Bitfinex has conducted a thorough analysis of its systems and, so far, has not found any evidence of a breach. Paolo said the team would continue to review and analyze all available data to ensure that nothing is overlooked in their security assessments.
After news of a potential breach surfaced, Shinoji Research, an X user, confirmed the authenticity of the leak. The user said he tried one of the passwords in the leaked information and received a 2FA.
However, at press time, he removed his post and corrected the previous information.
Removed the original BFX hack post as I’m not able to edit it. What appears to have happened is this “Flocker” group curated a list of BitFinex logins from other breaches.
They then made the site look like a ransom demand for a major breach.
— Alice (e/nya)🐈⬛ (@Alice_comfy) May 4, 2024
In a separate post on X, Ardoino suggested that the real motive behind the exaggerated breach claims is to sell the hacking tool to other potential scammers.
The idea is to generate buzz around these high-profile (Bitfinex, SBC Global, Rutgers, Coinmoma) hacks to promote their tool, which they allege can enable others to carry out similar attacks and potentially make large sums of money.
Here a message from a security researcher (that instead of panicking, trying to dig a bit more into it).
“I believe I start to understand what is happening and why they are sending these messages claiming you were hacked.The message in the screenshot in the ticket came from a… pic.twitter.com/YjwG2eeXw2
— Paolo Ardoino 🍐 (@paoloardoino) May 4, 2024
Additionally, he questioned why the hackers would need to sell a hacking tool for $299 if they had really accessed Bitfinex and obtained valuable data.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight – and oversight – of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
