Bitfinex Security Breach: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitfinexsecuritybreach.php}} thumb|BitFinexIn August 2016, Bitfinex was the largest cryptocurrency exchange platform at the time of the attack. This breach affected a significant portion of the bitcoin on the platform, which were stored in a new and supposedly more secure way. While multiple others exchanges utilize BitGo (including BitStamp and Kraken), Bitfinex was the only...")
 
No edit summary
Line 1: Line 1:
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitfinexsecuritybreach.php}}
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitfinexsecuritybreach.php}}
{{Unattributed Citations}}


[[File:Bitfinex.jpg|thumb|BitFinex]]In August 2016, Bitfinex was the largest cryptocurrency exchange platform at the time of the attack. This breach affected a significant portion of the bitcoin on the platform, which were stored in a new and supposedly more secure way. While multiple others exchanges utilize BitGo (including BitStamp and Kraken), Bitfinex was the only one doing so without the majority of funds in cold storage. This is notable as the first attack that is known to target a multi-sig wallet scheme. Bitfinex was using a new scheme which gave each customer a 2 of 3 multi-sig wallet, with a unique key stored in a database. Bitfinex held one of the keys offline, and a third key was held with third party BitGo.
[[File:Bitfinex.jpg|thumb|BitFinex]]In August 2016, Bitfinex was the largest cryptocurrency exchange platform at the time of the attack. This breach affected a significant portion of the bitcoin on the platform, which were stored in a new and supposedly more secure way. While multiple others exchanges utilize BitGo (including BitStamp and Kraken), Bitfinex was the only one doing so without the majority of funds in cold storage. This is notable as the first attack that is known to target a multi-sig wallet scheme. Bitfinex was using a new scheme which gave each customer a 2 of 3 multi-sig wallet, with a unique key stored in a database. Bitfinex held one of the keys offline, and a third key was held with third party BitGo.
Line 8: Line 9:


This exchange or platform is based in Hong Kong, or the incident targeted people primarily in Hong Kong.
This exchange or platform is based in Hong Kong, or the incident targeted people primarily in Hong Kong.
<ref name="bitcoinmagazine-6" /><ref name="bbc-15" /><ref name="kylegibson-86" /><ref name="cryptopotato-161" /><ref name="fintechnews-164" /><ref name="cointelegraph-197" /><ref name="hackingdistributed-198" /><ref name="reddit-199" /><ref name="bitcoinmagazine-200" /><ref name="zdnet-201" /><ref name="coinsutra-202" /><ref name="bitcoinexchangeguide-218" /><ref name="slowmisthacked-1160" /><ref name="pcmag-1165" /><ref name="cointelegraph-2236" /><ref name="cointelegraph-2238" /><ref name="cryptonews-2239" /><ref name="cryptocompare-2240" /><ref name="masterthecrypto-2241" /><ref name="youtube-6381" /><ref name="youtube-6382" /><ref name="youtube-6383" /><ref name="youtube-6384" /><ref name="techtarget-6385" /><ref name="justicedepartment-6386" /><ref name="youtube-6542" /><ref name="youtube-6543" /><ref name="bitfinex-6544" /><ref name="latimes-6545" /><ref name="bitfinex-6546" /><ref name="intotheblockmedium-6547" /><ref name="justicedepartment-6548" /><ref name="justicedepartment-6549" /><ref name="coindesk-6550" /><ref name="therecord-6551" /><ref name="techmonitor-6552" /><ref name="thejusticedepttwitter-6553" /><ref name="bitinfocharts-6554" /><ref name="nbcnews-6555" /><ref name="fridayeveryday-7532" /><ref name="coinmonksmedium-7933" />


== About BitFinex ==
== About BitFinex ==
Line 80: Line 82:


Don't Include:
Don't Include:
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
* Anything that wasn't reasonably knowable at the time of the event.
* Anything that wasn't reasonably knowable at the time of the event.
Line 102: Line 103:
|-
|-
|August 3rd, 2016 7:20:00 AM
|August 3rd, 2016 7:20:00 AM
|First Event
|Main Event
|This is an expanded description of what happened and the impact. If multiple lines are necessary, add them here.
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|-
|
|
|
|-
|-
|
|
Line 115: Line 112:


== Total Amount Lost ==
== Total Amount Lost ==
The total amount lost is unknown.
The total amount lost has been estimated at $72,000,000 USD.


How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Line 126: Line 123:


== Total Amount Recovered ==
== Total Amount Recovered ==
It is unknown how much was recovered.
The total amount recovered has been estimated at $72,000,000 USD.


What funds were recovered? What funds were reimbursed for those affected users?
What funds were recovered? What funds were reimbursed for those affected users?
Line 139: Line 136:


== References ==
== References ==
[https://bitcoinmagazine.com/articles/infographic-overview-compromised-bitcoin-exchange-events Infographic: An Overview of Compromised Bitcoin Exchange Events] (Jan 29)
<references><ref name="bitcoinmagazine-6">[https://bitcoinmagazine.com/articles/infographic-overview-compromised-bitcoin-exchange-events Infographic: An Overview of Compromised Bitcoin Exchange Events] (Jan 29, 2020)</ref>


[https://www.bbc.com/news/technology-37009319 Bitfinex users to share 36% of bitcoin losses after hack - BBC News] (Feb 2)
<ref name="bbc-15">[https://www.bbc.com/news/technology-37009319 Bitfinex users to share 36% of bitcoin losses after hack - BBC News] (Feb 2, 2020)</ref>


[https://medium.com/@kylegibson/100-crypto-thefts-a-timeline-of-hacks-glitches-exit-scams-and-other-lost-cryptocurrency-873c87fd5522 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents] (Jan 24)
<ref name="kylegibson-86">[https://medium.com/@kylegibson/100-crypto-thefts-a-timeline-of-hacks-glitches-exit-scams-and-other-lost-cryptocurrency-873c87fd5522 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents] (Jan 25, 2020)</ref>


[https://cryptopotato.com/lessons-learned-from-the-biggest-crypto-hacks-in-history/ Lessons Learned from the Biggest Crypto Hacks in History] (Feb 25)
<ref name="cryptopotato-161">[https://cryptopotato.com/lessons-learned-from-the-biggest-crypto-hacks-in-history/ Lessons Learned from the Biggest Crypto Hacks in History] (Feb 25, 2020)</ref>


[https://fintechnews.sg/23594/blockchain/cryptocurrency-hack-binance/ A Look Back on Some of the Most Devastating Crypto Hacks | Fintech Singapore] (Feb 26)
<ref name="fintechnews-164">[https://fintechnews.sg/23594/blockchain/cryptocurrency-hack-binance/ A Look Back on Some of the Most Devastating Crypto Hacks | Fintech Singapore] (Feb 26, 2020)</ref>


[https://cointelegraph.com/news/crypto-exchange-hacks-in-review-proactive-steps-and-expert-advice Crypto Exchange Hacks in Review: Proactive Steps and Expert Advice] (Mar 1)
<ref name="cointelegraph-197">[https://cointelegraph.com/news/crypto-exchange-hacks-in-review-proactive-steps-and-expert-advice Crypto Exchange Hacks in Review: Proactive Steps and Expert Advice] (Mar 1, 2020)</ref>


[https://hackingdistributed.com/2016/08/03/how-bitfinex-heist-could-have-been-avoided/ How the Bitfinex Heist Could Have Been Avoided] (Mar 2)
<ref name="hackingdistributed-198">[https://hackingdistributed.com/2016/08/03/how-bitfinex-heist-could-have-been-avoided/ How the Bitfinex Heist Could Have Been Avoided] (Mar 2, 2020)</ref>


[https://np.reddit.com/r/BitcoinMarkets/comments/4vtv1m/bitfinex_down_due_to_bitcoin_security_breach/d61qbed/?context=2 nukumu comments on Bitfinex down due to bitcoin security breach] (Mar 1)
<ref name="reddit-199">[https://np.reddit.com/r/BitcoinMarkets/comments/4vtv1m/bitfinex_down_due_to_bitcoin_security_breach/d61qbed/?context=2 nukumu comments on Bitfinex down due to bitcoin security breach] (Mar 1, 2020)</ref>


[https://bitcoinmagazine.com/articles/after-the-bitfinex-hack-here-s-why-bitstamp-is-sticking-with-bitgo-1470669567 After the Bitfinex Hack, Here’s Why Bitstamp Is Sticking With BitGo] (Mar 1)
<ref name="bitcoinmagazine-200">[https://bitcoinmagazine.com/articles/after-the-bitfinex-hack-here-s-why-bitstamp-is-sticking-with-bitgo-1470669567 After the Bitfinex Hack, Here’s Why Bitstamp Is Sticking With BitGo] (Mar 1, 2020)</ref>


[https://www.zdnet.com/article/bitstamp-bitcoin-exchange-suspended-amid-hack-concerns-heres-what-we-know/ Bitstamp exchange hacked, $5M worth of bitcoin stolen | ZDNet] (Mar 1)
<ref name="zdnet-201">[https://www.zdnet.com/article/bitstamp-bitcoin-exchange-suspended-amid-hack-concerns-heres-what-we-know/ Bitstamp exchange hacked, $5M worth of bitcoin stolen | ZDNet] (Mar 1, 2020)</ref>


[https://coinsutra.com/biggest-bitcoin-hacks/ Top 6 Biggest Bitcoin Hacks Ever] (Mar 1)
<ref name="coinsutra-202">[https://coinsutra.com/biggest-bitcoin-hacks/ Top 6 Biggest Bitcoin Hacks Ever] (Mar 1, 2020)</ref>


[https://bitcoinexchangeguide.com/bitcoin/scams-hacks/ Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com] (Mar 4)
<ref name="bitcoinexchangeguide-218">[https://bitcoinexchangeguide.com/bitcoin/scams-hacks/ Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com] (Mar 5, 2020)</ref>


[https://hacked.slowmist.io/en/?c=Exchange SlowMist Hacked - SlowMist Zone] (Jun 25)
<ref name="slowmisthacked-1160">[https://hacked.slowmist.io/en/?c=Exchange SlowMist Hacked - SlowMist Zone] (Jun 25, 2021)</ref>


[https://www.pcmag.com/news/to-recover-stolen-bitcoin-bitfinex-to-offer-400-million-reward To Recover Stolen Bitcoin, Bitfinex Offers Hackers a Hefty Cut of the Funds | PCMag] (Jun 25)
<ref name="pcmag-1165">[https://www.pcmag.com/news/to-recover-stolen-bitcoin-bitfinex-to-offer-400-million-reward To Recover Stolen Bitcoin, Bitfinex Offers Hackers a Hefty Cut of the Funds | PCMag] (Jun 25, 2021)</ref>


[https://cointelegraph.com/news/over-10-000-blacklisted-btc-from-2016-bitfinex-hack-on-the-move Over 10,000 blacklisted BTC from 2016 Bitfinex hack on the move] (Aug 6)
<ref name="cointelegraph-2236">[https://cointelegraph.com/news/over-10-000-blacklisted-btc-from-2016-bitfinex-hack-on-the-move Over 10,000 blacklisted BTC from 2016 Bitfinex hack on the move] (Aug 6, 2021)</ref>


[https://cointelegraph.com/tags/bitfinex Bitfinex | Latest Bitfinex News by Cointelegraph] (Aug 6)
<ref name="cointelegraph-2238">[https://cointelegraph.com/tags/bitfinex Bitfinex | Latest Bitfinex News by Cointelegraph] (Aug 6, 2021)</ref>


[https://cryptonews.com/reviews/bitfinex/ Bitfinex Review (2021) - Is It Trustworthy?] (Aug 6)
<ref name="cryptonews-2239">[https://cryptonews.com/reviews/bitfinex/ Bitfinex Review (2021) - Is It Trustworthy?] (Aug 6, 2021)</ref>


[https://www.cryptocompare.com/exchanges/bitfinex/overview Bitfinex Exchange Reviews, Live Markets, Guides, Bitcoin charts] (Aug 6)
<ref name="cryptocompare-2240">[https://www.cryptocompare.com/exchanges/bitfinex/overview Bitfinex Exchange Reviews, Live Markets, Guides, Bitcoin charts] (Aug 6, 2021)</ref>


[https://masterthecrypto.com/bitfinex/ Bitfinex Exchange: User Review Guide - Master The Crypto] (Aug 6)
<ref name="masterthecrypto-2241">[https://masterthecrypto.com/bitfinex/ Bitfinex Exchange: User Review Guide - Master The Crypto] (Aug 6, 2021)</ref>


[https://www.youtube.com/watch?v=PAymADnjjFY Couple arrested in $3.5B Bitcoin laundering scheme - YouTube] (Feb 12)
<ref name="youtube-6381">[https://www.youtube.com/watch?v=PAymADnjjFY Couple arrested in $3.5B Bitcoin laundering scheme - YouTube] (Feb 12, 2022)</ref>


[https://www.youtube.com/watch?v=1Yszo_VD57U DOJ Arrests New York Couple In $3.6 Billion Bitcoin Laundering Scheme - YouTube] (Feb 12)
<ref name="youtube-6382">[https://www.youtube.com/watch?v=1Yszo_VD57U DOJ Arrests New York Couple In $3.6 Billion Bitcoin Laundering Scheme - YouTube] (Feb 12, 2022)</ref>


[https://www.youtube.com/watch?v=NV_uj5YbpVc The Crypto Couple Charged For Laundering $3.6 Billion in Bitcoin | Forbes Investigates - YouTube] (Feb 12)
<ref name="youtube-6383">[https://www.youtube.com/watch?v=NV_uj5YbpVc The Crypto Couple Charged For Laundering $3.6 Billion in Bitcoin | Forbes Investigates - YouTube] (Feb 12, 2022)</ref>


[https://www.youtube.com/watch?v=GR3rUlDiMxY <nowiki>Married Couple Steals $4.5 Billion in Bitcoin Heist [Bitfinex] - YouTube</nowiki>] (Feb 12)
<ref name="youtube-6384">[https://www.youtube.com/watch?v=GR3rUlDiMxY <nowiki>Married Couple Steals $4.5 Billion in Bitcoin Heist [Bitfinex] - YouTube</nowiki>] (Feb 12, 2022)</ref>


[https://www.techtarget.com/searchsecurity/news/252513146/DOJ-recovers-36B-from-2016-Bitfinex-hack DOJ recovers $3.6B from 2016 Bitfinex hack] (Feb 12)
<ref name="techtarget-6385">[https://www.techtarget.com/searchsecurity/news/252513146/DOJ-recovers-36B-from-2016-Bitfinex-hack DOJ recovers $3.6B from 2016 Bitfinex hack] (Feb 12, 2022)</ref>


[https://www.justice.gov/opa/press-release/file/1470186/download https://www.justice.gov/opa/press-release/file/1470186/download] (Feb 12)
<ref name="justicedepartment-6386">[https://www.justice.gov/opa/press-release/file/1470186/download https://www.justice.gov/opa/press-release/file/1470186/download] (Feb 12, 2022)</ref>


[https://www.youtube.com/watch?v=Y-MX6YdA8k0 Meet the ‘Crocodile of Wall Street' - YouTube] (Feb 13)
<ref name="youtube-6542">[https://www.youtube.com/watch?v=Y-MX6YdA8k0 Meet the ‘Crocodile of Wall Street' - YouTube] (Feb 13, 2022)</ref>


[https://www.youtube.com/watch?v=MPY7eVqhNCM Millennial couple CAUGHT for attempting to launder billions in Bitcoin | Exactly HOW they did it - YouTube] (Feb 16)
<ref name="youtube-6543">[https://www.youtube.com/watch?v=MPY7eVqhNCM Millennial couple CAUGHT for attempting to launder billions in Bitcoin | Exactly HOW they did it - YouTube] (Feb 16, 2022)</ref>


[https://www.bitfinex.com/posts/198 https://www.bitfinex.com/posts/198] (Feb 19)
<ref name="bitfinex-6544">[https://www.bitfinex.com/posts/198 https://www.bitfinex.com/posts/198] (Feb 19, 2022)</ref>


[https://www.latimes.com/business/story/2022-02-09/bitfinex-who-will-get-crypto-back-after-arrests-in-3-6-billion-bitcoin-hack Who will get bitcoin back after arrests in Bitfinex hack? - Los Angeles Times] (Feb 19)
<ref name="latimes-6545">[https://www.latimes.com/business/story/2022-02-09/bitfinex-who-will-get-crypto-back-after-arrests-in-3-6-billion-bitcoin-hack Who will get bitcoin back after arrests in Bitfinex hack? - Los Angeles Times] (Feb 19, 2022)</ref>


[https://www.bitfinex.com/posts/766 https://www.bitfinex.com/posts/766] (Feb 19)
<ref name="bitfinex-6546">[https://www.bitfinex.com/posts/766 https://www.bitfinex.com/posts/766] (Feb 19, 2022)</ref>


[https://medium.com/intotheblock/behind-the-3-6b-recovery-of-bitfinex-hack-funds-ca321b185df6 Behind The 3 6b Recovery Of Bitfinex Hack Funds] (Feb 19)
<ref name="intotheblockmedium-6547">[https://medium.com/intotheblock/behind-the-3-6b-recovery-of-bitfinex-hack-funds-ca321b185df6 Behind The 3 6b Recovery Of Bitfinex Hack Funds] (Feb 19, 2022)</ref>


[https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12] (Feb 19)
<ref name="justicedepartment-6548">[https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12] (Feb 19, 2022)</ref>


[https://www.justice.gov/opa/press-release/file/1470211/download https://www.justice.gov/opa/press-release/file/1470211/download] (Feb 19)
<ref name="justicedepartment-6549">[https://www.justice.gov/opa/press-release/file/1470211/download https://www.justice.gov/opa/press-release/file/1470211/download] (Feb 19, 2022)</ref>


[https://www.coindesk.com/markets/2020/07/27/whale-alert-27m-from-2016-bitfinex-hack-is-on-the-move/ Whale Alert: $27M From 2016 Bitfinex Hack Is on the Move - CoinDesk] (Feb 19)
<ref name="coindesk-6550">[https://www.coindesk.com/markets/2020/07/27/whale-alert-27m-from-2016-bitfinex-hack-is-on-the-move/ Whale Alert: $27M From 2016 Bitfinex Hack Is on the Move - CoinDesk] (Feb 19, 2022)</ref>


[https://therecord.media/hackers-move-760-million-from-the-2016-bitfinex-hack/ Hackers move $760 million from the 2016 Bitfinex hack - The Record by Recorded Future] (Feb 19)
<ref name="therecord-6551">[https://therecord.media/hackers-move-760-million-from-the-2016-bitfinex-hack/ Hackers move $760 million from the 2016 Bitfinex hack - The Record by Recorded Future] (Feb 19, 2022)</ref>


[https://techmonitor.ai/technology/cybersecurity/bitfinex-cryptocurrency-seizure-bitcoin-cybercrime Bitfinex cryptocurrency seizure won't deter cybercriminals - Tech Monitor] (Feb 19)
<ref name="techmonitor-6552">[https://techmonitor.ai/technology/cybersecurity/bitfinex-cryptocurrency-seizure-bitcoin-cybercrime Bitfinex cryptocurrency seizure won't deter cybercriminals - Tech Monitor] (Feb 19, 2022)</ref>


[https://twitter.com/TheJusticeDept/status/1491107346923278342 @TheJusticeDept Twitter] (Feb 19)
<ref name="thejusticedepttwitter-6553">[https://twitter.com/TheJusticeDept/status/1491107346923278342 @TheJusticeDept Twitter] (Feb 19, 2022)</ref>


[https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12] (Feb 19)
<ref name="bitinfocharts-6554">[https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12] (Feb 19, 2022)</ref>


[https://www.nbcnews.com/politics/justice-department/two-arrested-allegedly-trying-launder-billions-stolen-bitcoin-rcna15352 https://www.nbcnews.com/politics/justice-department/two-arrested-allegedly-trying-launder-billions-stolen-bitcoin-rcna15352] (Feb 19)
<ref name="nbcnews-6555">[https://www.nbcnews.com/politics/justice-department/two-arrested-allegedly-trying-launder-billions-stolen-bitcoin-rcna15352 https://www.nbcnews.com/politics/justice-department/two-arrested-allegedly-trying-launder-billions-stolen-bitcoin-rcna15352] (Feb 19, 2022)</ref>


[https://www.fridayeveryday.com/bitcoin-heist-rapper-heather-morgan-lived-in-hong-kong/ https://www.fridayeveryday.com/bitcoin-heist-rapper-heather-morgan-lived-in-hong-kong/] (Apr 23)
<ref name="fridayeveryday-7532">[https://www.fridayeveryday.com/bitcoin-heist-rapper-heather-morgan-lived-in-hong-kong/ https://www.fridayeveryday.com/bitcoin-heist-rapper-heather-morgan-lived-in-hong-kong/] (Apr 23, 2022)</ref>


[https://medium.com/coinmonks/razzlekahn-part-1-establishing-some-background-2f4d1c9d37d7 Razzlekahn Part 1 Establishing Some Background] (Jun 5)
<ref name="coinmonksmedium-7933">[https://medium.com/coinmonks/razzlekahn-part-1-establishing-some-background-2f4d1c9d37d7 Razzlekahn Part 1 Establishing Some Background] (Jun 5, 2022)</ref></references>

Revision as of 19:00, 15 February 2023

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

BitFinex

In August 2016, Bitfinex was the largest cryptocurrency exchange platform at the time of the attack. This breach affected a significant portion of the bitcoin on the platform, which were stored in a new and supposedly more secure way. While multiple others exchanges utilize BitGo (including BitStamp and Kraken), Bitfinex was the only one doing so without the majority of funds in cold storage. This is notable as the first attack that is known to target a multi-sig wallet scheme. Bitfinex was using a new scheme which gave each customer a 2 of 3 multi-sig wallet, with a unique key stored in a database. Bitfinex held one of the keys offline, and a third key was held with third party BitGo.

In response to the hack, Bitfinex removed a portion of the balance on every customer’s account, and replaced it with Bitfinex (BFX) Tokens. Over time, the exchange continued to operate, and was able to recover the sum lost to customers within a year. Bitfinex continues to operate today as one of the largest exchanges in the world, having officially paid all customers back. As part of the process, 0.023% of the bitcoin was also returned by government and law enforcement.

The theft remained officially unsolved for 6 years. Finally, at the end of January 2022, the FBI announced that they had seized the funds, now worth $3.5b. It is yet unclear what will happen to those seized funds.

This exchange or platform is based in Hong Kong, or the incident targeted people primarily in Hong Kong. [1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41]

About BitFinex

"Bitfinex is a Hong Kong-based cryptocurrency exchange owned and operated by iFinex Inc., which is headquartered in Hong Kong and registered in the British Virgin Islands." "The Bitfinex exchange is a popular platform for exchanging cryptocurrencies, also hosting spot and derivatives trading as well as certain lending, borrowing and staking features. Bitfinex came into existence in 2012." "BitFinex offers three main functions - it is a pure bitcoin to fiat exchange, a margin trading exchange and a liquidity provider. The platform offers a number of features available that expand the financial positions you can take - for example, the ability to short Bitcoin via margin trading."

"Bitfinex also has its own utility crypto token called Unus Sed Leo (LEO). Because it restricts a number of regions, Bitfinex U.S. customers are not allowed. On Bitfinex, KYC and Anti-Money Laundering procedures are employed." "It serves all except few countries in the world (mentioned below) and supports both fiat-to-crypto and crypto-to-crypto trades. Other notable features include margin trading, limit and stop orders, over-the-counter (OTC) trades, and others. While there are many options available, everything is laid out in an impressively intuitive fashion, with easy-to-navigate dashboards and menus."

“In August 2016, nearly $72 million worth of BTC (almost 120,000 Bitcoins) was stolen from Bitfinex.” “Unknown people used a bug in the multisignature system, which was supported by BitGo's partner company. The hackers deceived the BitGo algorithms in an unknown way, forcing them to approve transactions and withdrew about 120,000 BTC from the hot wallet, worth the equivalent of $72 million at the exchange rate at that time.”

"In or around August 2016, a hacker breached Victim VCE’s security systems and infiltrated its infrastructure. While inside Victim VCE’s network, the hacker was able to initiate over 2,000 unauthorized BTC transactions, in which approximately 119,754 BTC was transferred from Victim VCE’s wallets to an outside wallet (Wallet 1CGA4s5)."

"According to court documents, Lichtenstein and Morgan allegedly conspired to launder the proceeds of 119,754 bitcoin that were stolen from Bitfinex’s platform after a hacker breached Bitfinex’s systems and initiated more than 2,000 unauthorized transactions. Those unauthorized transactions sent the stolen bitcoin to a digital wallet under Lichtenstein’s control."

"Zane Tackett, Director of Community & Product Development for Bitfinex, told Reuters on Wednesday that 119,756 bitcoins had been stolen from users’ accounts and that the exchange hadn’t yet decided how to address customer losses..."

“Due to the magnitude of the attack and the fact that Bitfinex did not publish the details of their internal investigation, the hack created a strange confusion in the crypto community at the time.” “If one had to take a blind guess, one would suspect that the hacker obtained the private keys held by Bitfinex, coupled with API access to BitGo to instruct BitGo to sign the withdrawals. Additional trickery would probably be required to circumvent BitGo's daily withdrawal limits.”

“the US government did interfere with, fine, and modify the operations of Bitfinex. But as far as [one researcher could] tell, the government's touch was incredibly gentle. First, they fined Bitfinex only $75K, a slap on the wrist, three months' salary for a valley dev, for not having spent the three months of a developer's time on some needed key management structure. Second, they made sure that Bitfinex kept its funds not in a master omnibus account, but in multisig accounts for each individual registered with bitfinex. Essentially, the regulators wanted to see that the coins were delivered to individuals, as opposed to held in one giant pool. This little accounting twist was all that was required to satisfy the regulators, who generally seem clueless and out of the picture as far as security measures go. All the relevant decisions about protecting the private keys, then, rest with Bitfinex.”

“There were a lot of reasons for why we went with this implementation with BitGo; one, a big one, was transparency,” said Tackett. “Everyone has their own wallet that they can watch on the blockchain. They can see their bitcoin at any time, and we settle it once per day.” ”Bitfinex subsequently decided to generalize the losses - “Upon logging into the platform, customers will see that they have experienced a generalised loss percentage of 36.067%." The rest was distributed as BFX tokens and “these tokens will eventually be exchanged either for repayment by Bitfinex or for shares in its parent company iFinex Inc.”

"[B]eginning in or around January 2017, a portion of the stolen BTC moved out of Wallet 1CGA4s in a series of small, complex transactions across multiple accounts and platforms. This shuffling, which created a voluminous number of transactions, appeared to be designed to conceal the path of the stolen BTC, making it difficult for law enforcement to trace the funds."

"The early movement of the stolen funds involved extensive layering activity that employed the peel chain technique. As part of this layering, a portion of the stolen funds were deposited gradually (an indication of peel chain activity) into AlphaBay accounts. The AlphaBay accounts were used as a pass-through for the stolen BTC. Depositing and withdrawing BTC at AlphaBay allowed LICHTENSTEIN and MORGAN to break up the stolen BTC trail on the blockchain. After being moved into accounts at AlphaBay, the stolen BTC was withdrawn, layered, and ultimately deposited into VCEs around the world, as described in pertinent part immediately below."

By April 3rd, 2017, "Bitfinex [was] pleased to announce redeeming 100% of all issued and outstanding BFX tokens. This [was] the final redemption of BFX tokens created in August 2016. After these redemptions, no BFX tokens [would] remain outstanding." "A combination of factors led to [that] seminal moment for Bitfinex, including a dramatic uptick in equity conversions; record operating results in March; and, the decision to reduce our reserves in favor of this opportunity. We are tremendously grateful to all of our customers and new shareholders for helping us get to this point." "The 2017 transfers notwithstanding, the majority of the stolen funds remained in Wallet 1CGA4s from August 2016 until January 31, 2022."

"Over the [subsequent] five years, approximately 25,000 of those stolen bitcoin were transferred out of Lichtenstein’s wallet via a complicated money laundering process that ended with some of the stolen funds being deposited into financial accounts controlled by Lichtenstein and Morgan. The remainder of the stolen funds, comprising more than 94,000 bitcoin, remained in the wallet used to receive and store the illegal proceeds from the hack."

In "July 2020 and April 2021 — linked addresses [made] several transactions worth hundreds of millions." On July 27th, 2020, "The market-tracking and market-moving Twitter account [Whale Alert] documented nine transactions that saw about 2,550 total bitcoin (~$27 million) move from wallets associated with the 2016 hack into new unknown addresses." On April 14th, 2021, "More than $760 million worth of Bitcoin, stolen from cryptocurrency exchange Bitfinex in 2016, were moved to new accounts."

"After the execution of court-authorized search warrants of online accounts controlled by Lichtenstein and Morgan, special agents obtained access to files within an online account controlled by Lichtenstein. Those files contained the private keys required to access the digital wallet that directly received the funds stolen from Bitfinex, and allowed special agents to lawfully seize and recover more than 94,000 bitcoin that had been stolen from Bitfinex. The recovered bitcoin was valued at over $3.6 billion at the time of seizure."

"On January 31, 2022, law enforcement gained access to Wallet 1CGA4s by decrypting a file saved to LICHTENSTEIN’s cloud storage account, which had been obtained pursuant to a search warrant. The file contained a list of 2,000 virtual currency addresses, along with corresponding private keys.9 Blockchain analysis confirmed that almost all10 of those addresses were directly linked to the hack. Between January 31, 2022, and February 1, 2022, law enforcement obtained approval to execute a lawful seizure supported by probable cause under exigent circumstances and used the private keys from LICHTENSTEIN’s file to seize Wallet 1CGA4’s remaining balance of approximately 94,636 BTC, [now] worth $3.629 billion."

On "February 1, 2022 these addresses [seized by law enforcement made] various transactions. A total of 94,643 BTC (approximately $3.6 billion) [was] transferred to a new address." "The U.S. government becomes the 5th largest holder of Bitcoin in a single address." "The LEO token reached a new all-time high after the U.S. government seized the stolen funds, but before it was public information."

On "February 8, 2022 the U.S. Department of Justice announces they have obtained over 94,000 Bitcoin and arrested a couple laundering funds from the Bitfinex hack."

"Two individuals were arrested this morning in Manhattan for an alleged conspiracy to launder cryptocurrency that was stolen during the 2016 hack of Bitfinex, a virtual currency exchange, presently valued at approximately $4.5 billion. Thus far, law enforcement has seized over $3.6 billion in cryptocurrency linked to that hack."

“Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “The arrests today show that we will take a firm stand against those who allegedly try to use virtual currencies for criminal purposes.”

"Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, New York, are scheduled to make their initial appearances in federal court today at 3:00 p.m. in Manhattan." "Lichtenstein and Morgan are charged with conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison, and conspiracy to defraud the United States, which carries a maximum sentence of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors."

Bitfinex announced that they were "pleased that the U.S. Department of Justice has today announced that it has recovered a significant portion of the bitcoin stolen during the August 2016 security breach. We have been cooperating extensively with the DOJ since its investigation began and will continue to do so."

"Bitfinex will work with the DOJ and follow appropriate legal processes to establish our rights to a return of the stolen bitcoin. Bitfinex intends to provide further updates on its efforts to obtain a return of the stolen bitcoin as and when those updates are available."

"If Bitfinex receives a recovery of the stolen bitcoin, as described in the UNUS SED LEO token white paper, Bitfinex will, within 18 months of the date it receives that recovery use an amount equal to 80% of the recovered net funds to repurchase and burn outstanding UNUS SED LEO tokens. These token repurchases can be accomplished in open market transactions or by acquiring UNUS SED LEO in over-the-counter trades, including directly trading bitcoin for UNUS SED LEO."

"David Silver, a lawyer who specializes in financial and cryptocurrency-related fraud, said since the seizure was announced Tuesday he has received dozens of calls from individuals saying they lost money in the 2016 online heist and they want to get their coins back. Twitter has been whipped into a frenzy as well, with posters asking how to claim lost crypto. Justice Department officials said they plan to establish a court process for victims to reclaim the stolen digital assets, which have since surged in value."

"Figuring out to whom the crypto belongs may not be simple, however. Bitfinex considers that it has made investors whole, and said in a statement Tuesday that it will “follow appropriate legal processes to establish our rights to a return of the stolen bitcoin.” If Bitfinex and users start off on a collision course, the legal battle probably would be protracted."

This exchange or platform is based in Hong Kong, or the incident targeted people primarily in Hong Kong.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Bitfinex Security Breach
Date Event Description
August 3rd, 2016 7:20:00 AM Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $72,000,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

The total amount recovered has been estimated at $72,000,000 USD.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Prevention Policies

While more secure than a traditional single-signature wallet would have been, two of the signatures were “online” and therefore, this can effectively be considered to be a form of hot wallet. The damage was limited because Bitfinex noticed the issue quickly. Had the new storage scheme been more widely used or Bitfinex failed to notice as quickly, the situation could have been much worse.

Platforms, in general, should consider all hot wallets breachable, and have insurance. This could be a self insurance treasury, a third party with a comprehensive policy that adequately covers all loss in the hot wallet, or an industry insurance fund as we propose in our framework.

References

  1. Infographic: An Overview of Compromised Bitcoin Exchange Events (Jan 29, 2020)
  2. Bitfinex users to share 36% of bitcoin losses after hack - BBC News (Feb 2, 2020)
  3. 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents (Jan 25, 2020)
  4. Lessons Learned from the Biggest Crypto Hacks in History (Feb 25, 2020)
  5. A Look Back on Some of the Most Devastating Crypto Hacks | Fintech Singapore (Feb 26, 2020)
  6. Crypto Exchange Hacks in Review: Proactive Steps and Expert Advice (Mar 1, 2020)
  7. How the Bitfinex Heist Could Have Been Avoided (Mar 2, 2020)
  8. nukumu comments on Bitfinex down due to bitcoin security breach (Mar 1, 2020)
  9. After the Bitfinex Hack, Here’s Why Bitstamp Is Sticking With BitGo (Mar 1, 2020)
  10. Bitstamp exchange hacked, $5M worth of bitcoin stolen | ZDNet (Mar 1, 2020)
  11. Top 6 Biggest Bitcoin Hacks Ever (Mar 1, 2020)
  12. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
  13. SlowMist Hacked - SlowMist Zone (Jun 25, 2021)
  14. To Recover Stolen Bitcoin, Bitfinex Offers Hackers a Hefty Cut of the Funds | PCMag (Jun 25, 2021)
  15. Over 10,000 blacklisted BTC from 2016 Bitfinex hack on the move (Aug 6, 2021)
  16. Bitfinex | Latest Bitfinex News by Cointelegraph (Aug 6, 2021)
  17. Bitfinex Review (2021) - Is It Trustworthy? (Aug 6, 2021)
  18. Bitfinex Exchange Reviews, Live Markets, Guides, Bitcoin charts (Aug 6, 2021)
  19. Bitfinex Exchange: User Review Guide - Master The Crypto (Aug 6, 2021)
  20. Couple arrested in $3.5B Bitcoin laundering scheme - YouTube (Feb 12, 2022)
  21. DOJ Arrests New York Couple In $3.6 Billion Bitcoin Laundering Scheme - YouTube (Feb 12, 2022)
  22. The Crypto Couple Charged For Laundering $3.6 Billion in Bitcoin | Forbes Investigates - YouTube (Feb 12, 2022)
  23. Married Couple Steals $4.5 Billion in Bitcoin Heist [Bitfinex] - YouTube (Feb 12, 2022)
  24. DOJ recovers $3.6B from 2016 Bitfinex hack (Feb 12, 2022)
  25. https://www.justice.gov/opa/press-release/file/1470186/download (Feb 12, 2022)
  26. Meet the ‘Crocodile of Wall Street' - YouTube (Feb 13, 2022)
  27. Millennial couple CAUGHT for attempting to launder billions in Bitcoin | Exactly HOW they did it - YouTube (Feb 16, 2022)
  28. https://www.bitfinex.com/posts/198 (Feb 19, 2022)
  29. Who will get bitcoin back after arrests in Bitfinex hack? - Los Angeles Times (Feb 19, 2022)
  30. https://www.bitfinex.com/posts/766 (Feb 19, 2022)
  31. Behind The 3 6b Recovery Of Bitfinex Hack Funds (Feb 19, 2022)
  32. https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 (Feb 19, 2022)
  33. https://www.justice.gov/opa/press-release/file/1470211/download (Feb 19, 2022)
  34. Whale Alert: $27M From 2016 Bitfinex Hack Is on the Move - CoinDesk (Feb 19, 2022)
  35. Hackers move $760 million from the 2016 Bitfinex hack - The Record by Recorded Future (Feb 19, 2022)
  36. Bitfinex cryptocurrency seizure won't deter cybercriminals - Tech Monitor (Feb 19, 2022)
  37. @TheJusticeDept Twitter (Feb 19, 2022)
  38. https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-9wELOd9uwa_FD8lUcfMf1ifpG5WiYTGXFBCyo1FGh5VIAwPplSKXJf1Bdi8SRg0VX1r-12 (Feb 19, 2022)
  39. https://www.nbcnews.com/politics/justice-department/two-arrested-allegedly-trying-launder-billions-stolen-bitcoin-rcna15352 (Feb 19, 2022)
  40. https://www.fridayeveryday.com/bitcoin-heist-rapper-heather-morgan-lived-in-hong-kong/ (Apr 23, 2022)
  41. Razzlekahn Part 1 Establishing Some Background (Jun 5, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bitfinex_Security_Breach&oldid=1949"