IRA Financial Suspicious Withdrawals

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

IRA Financial Homepage, CEO, Logo

IRA Financial offers the ability for clients to invest in bitcoin and ethereum, which is stored in the third party custodian Gemini. In a single day, $36m worth of client funds were transferred between accounts and withdrawn from the Gemini platform. These funds were then mixed. Unsurprisingly, insurance is not covering anything. At present, it appears that many client accounts are still locked and there is no note of any recovery for those affected.

This exchange or platform is based in United States, or the incident targeted people primarily in United States.[1][2][3][4][5][6][7]

About IRA Financial

[8][9][10][11][12]

"IRA Financial Trust offers self-directed retirement accounts in South Dakota."

"IRA Financial is simplifying how you invest your retirement funds in alternative assets. Open an account on our app and start investing for a simple, flat fee."

"IRA Financial Group & IRA Financial Trust Company, a leading financial technology self-directed IRA and 401(k) plan provider & custodian, is excited to announce its new digital solution for Bitcoin and other cryptocurrency investments."

“IRA Financial has integrated with Gemini to be the first self-directed retirement provider to allow for Bitcoin and other cryptocurrency investments directly from our digital app,” said Adam Bergman, President of IRA Financial. “We wanted to offer a solution that allows our clients to buy cryptocurrencies directly through an exchange without the need for using an LLC or a third-party broker firm.”

"This new digital solution will allow our self-directed IRA and 401(k) plan clients the ability to buy and sell cryptocurrencies at any-time without the need of a broker, control transaction costs by sidestepping the need for an LLC or costly broker, and best of all, trust Gemini as the licensed and qualified custodian of their cryptocurrency private key. We strongly believe that the best way to buy bitcoin and other cryptocurrencies with IRA funds is with this solution– which provides the IRA client with total control over their cryptos and the ability to do away with the need for an LLC or excessive broker commissions."

"IRA Financial Group & IRA Financial Trust Company’s self-directed IRA and solo 401(k) plan platform allows investors to invest in IRS approved alternative asset investments digitally and with no account valuation or minimum balance fees. The primary advantage of using a self-directed IRA to make private IRS approved alternative asset investments, such as real estate, is that one can diversify their retirement assets and invest in what one knows and trusts."

"IRA Financial, a South Dakota Trust company, has told clients since 2019 that their retirement savings would be safe with its institutional accounts on Gemini, a crypto giant which operates under the New York BitLicense, the toughest digital asset regulatory regime in the U.S."

"Tricky U.S. tax laws make setting up these institutional accounts far more complex than retail customer fare, especially in the retirement space. For starters, you can’t wholly control a self-directed IRA yourself. It has to be run through a third party like IRA Financial Trust that can attest your account is following IRS rules."

“You have total control over your cryptos,” IRA Financial CEO Adam Bergman said in a May 3, 2021, video walk-through of “Gemini IRA account” onboarding, which included linking the IRA Financial and Gemini accounts together. In a later video on crypto insurance, his company assured viewers that “Gemini is regulated and insured against theft, so your cryptos are protected.”

The Reality

IRA Financial was clearly not as secure as stated. Attackers or insiders at the company would later be able to remove funds from customer accounts. The platform's insurance was not able to cover losses from this theft.

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

in a recent cyber attack, hackers stole $37 million worth of Bitcoin and Ethereum from IRA Financial, a company offering self-directed retirement accounts linked to the Gemini crypto exchange platform. The hack occurred on February 8, and while the Gemini exchange stated that it was not hacked, it pointed out that the attack was against IRA Financial. The hackers drained $21 million in Bitcoin and $50 million in Ethereum from IRA Financial Trust customers. The incident is currently under investigation, and IRA Financial has engaged third-party forensic experts and law enforcement to address the situation. Users affected by the hack reported their accounts being linked to Gemini and having funds transferred to unauthorized recipients. The importance of storing cryptocurrency securely in cold storage or using other secure methods was highlighted, and users were urged to take precautions to protect their holdings[13].

There is a history of insurance not paying out in the event of breaches[14].

What Happened

Customer IRA funds were transferred to Benjamin Choe and withdrawn from the Gemini custodian on February 8th, 2022.

Key Event Timeline - IRA Financial Suspicious Withdrawals
Date Event Description
May 3rd, 2021 Total Control Of Your Funds “You have total control over your cryptos,” IRA Financial CEO Adam Bergman said in a May 3, 2021, video walk-through of “Gemini IRA account” onboarding, which included linking the IRA Financial and Gemini accounts together. In a later video on crypto insurance, his company assured viewers that “Gemini is regulated and insured against theft, so your cryptos are protected.”[15]
January 28th, 2022 Claims About Insurance “Are crypto IRAs insured?” he asked viewers on Jan. 28. “We’re insured,” Bergman said, referring to cash deposits covered by the Federal Deposit Insurance Corp. (FDIC). He later implied that Gemini was responsible for covering the crypto deposits themselves[15].
February 8th, 2022 Hack Occurred The reported date of the hack.
February 9th, 2022 7:53:00 AM MST Promotional Tweet In a subsequently deleted Tweet, IRA Financial asks the public "[w]hat Crypto IRA exchange should you use for your IRA or 401(k) funds to invest in cryptos?", describing their services as "a popular way for retirement investors to diversify their retirement portfolio, as well as gain exposure to an emerging asset class"[16]. This post received criticism from the community[17].
February 10th, 2022 7:23:25 AM MST Discussions on Reddit The user "Ecstatic-Cause5954" posted on the Gemini subreddit about a hacking incident involving IRA Financial and Gemini[18]. According to the post, the user received notification of a hack on February 8th, affecting both their IRA Financial and Gemini accounts. Money was transferred from the Gemini account to an unknown recipient, prompting the user to contact both IRA Financial and Gemini for resolution. Gemini responded, asserting that their platform had not been hacked, and they offered assistance to IRA Financial in their investigation. Several users expressed concern, shared their experiences, and questioned the security measures of IRA Financial and Gemini. Some discussed potential legal actions, including class-action lawsuits, while others highlighted the need for transparency and accountability from both companies. One user, "JJ51515," emphasized the impact of the situation on their retirement funds and called for Gemini and IRA Financial to make affected users whole. Another user, "thats_right_jimmy," suggested that IRA Financial should take responsibility for replacing the missing funds. The overall sentiment in the discussion reflected frustration, anxiety, and a desire for swift resolution and accountability from the companies involved[18].
February 10th, 2022 1:43:46 PM MST lucidBTC Report A user named "lucidBTC" shared details about the hack, mentioning that BTC and ETH were removed from affected accounts, and suspicions arose about a compromised employee account with admin privileges[19].
February 10th, 2022 5:24:00 PM MST Steven Chen Report Steven Chen reports that their Gemini account is locked[20]. "I saw that an unauthorized withdrawal was made at 15:37:52 on Tues to someone else's Roth IRA."
February 11th, 2022 1:42:00 PM MST Stephen Cole Report Twitter user Stephen Cole reports that "IRA Financial appears to have been hacked.

$20M in crypto stolen from retirement accounts possibly by rogue employee with admin access."[21]

February 11th, 2022 2:04:00 PM MST ErgoBTC Response "Asleep at the switch analysts frantically updating their ChipMixer detection scripts to bech32."[22].
February 11th, 2022 7:07:00 PM MST Twitter Announcement IRA Financial posts a (now deleted) tweet indicating that they discovered “suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange"[23].
February 14th, 2022 1:55:00 PM MST CoinDesk Article Published CoinDesk reports that in a recent security breach, retirement accounts held at IRA Financial, which utilizes Gemini's institutional trading and custody suite, were compromised on February 8[15]. Users reported drained and locked accounts, with an estimated loss of millions of dollars. The apparent breach involved a mass withdrawal of bitcoin, ether, and U.S. dollars from user accounts on the Gemini exchange. IRA Financial Trust, the crypto IRA firm, acknowledged the incident and is collaborating with forensic specialists to investigate. Gemini denies being hacked, placing the blame on IRA Financial. Victims express frustration over the lack of information and seek clarity on the extent of the breach, the number of affected accounts, and potential coverage for losses. The incident highlights challenges in securing crypto retirement accounts and raises questions about the responsibility of service providers in such cases[15]. "The apparent victims tell CoinDesk they are trapped in a knotty morass of incomplete facts that only confound a fraught situation. Even basic details – how many accounts were breached, who (if anyone) will cover their losses – remain unclear. Some receive occasional terse email updates from IRA Financial while others are forced to call every day, users tell CoinDesk."
February 14th, 2022 3:37:00 PM MST Bloomberg Article Published Bloomberg reports on the situation. The article references the statement from IRA Financial Trust that “suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange. Upon discovery, we immediately launched an investigation and contacted state and federal law enforcement.”[24]
February 15th, 2022 4:11:12 PM MST FXEmpire Article Published News reporting site FXEmpire reports that IRA Financial Trust, a US-based regulated financial institution offering self-directed retirement accounts, reported a loss of $36 million in a crypto hack[25]. The incident, discovered on February 8, affected a limited subset of customers with accounts on the Gemini crypto exchange, where IRA Financial Trust operates. While $21 million of the lost funds were in Bitcoin, the remainder was in Ethereum. The institution notified affected customers, and investigations were ongoing. Some users speculated on Reddit about potential insider knowledge, suggesting that funds were transferred to a Roth IRA account named Benjamin Choe. The incident underscores the increasing prevalence of crypto crimes amid record earnings for cybercriminals in recent years. The article is reposted to Yahoo Finance[5].
February 18th, 2022 9:49:16 AM MST Updated Message From CEO IRA Finance posts an updated message from their CEO on Twitter[3].
February 24th, 2022 7:15:03 AM MST YouTube News Video A Cybersecurity News video reports that in a recent cyber attack, hackers stole $37 million worth of Bitcoin and Ethereum from IRA Financial, a company offering self-directed retirement accounts linked to the Gemini crypto exchange platform. The hack occurred on February 8, and while the Gemini exchange stated that it was not hacked, it pointed out that the attack was against IRA Financial. The hackers drained $21 million in Bitcoin and $50 million in Ethereum from IRA Financial Trust customers. The incident is currently under investigation, and IRA Financial has engaged third-party forensic experts and law enforcement to address the situation. Users affected by the hack reported their accounts being linked to Gemini and having funds transferred to unauthorized recipients. The importance of storing cryptocurrency securely in cold storage or using other secure methods was highlighted, and users were urged to take precautions to protect their holdings[13].

Total Amount Lost

The total amount lost has been estimated at $36,000,000 USD.

Immediate Reactions

Initial IRA Financial Tweet

IRA Financial shared a tweet with limited details a few days after they discovered the incident had occurred[23].

On February 8, 2022, IRA Financial Trust discovered suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange.

We have provided individual notification to all affected customers and have separately notified non-impacted customers. Due to the ongoing investigation, we are unable to comment to individual queries.

Gemini Email To Customers

Gemini shared an email to customers about the situation[15].

“Although our investigation remains ongoing, the facts discovered to date indicate that transfer requests were made by utilizing properly authenticated accounts controlled by IRA Financial Group, which were used to execute asset transfers to another account,” the firm wrote late Sunday night. “At the time, these requests complied with IRA’s approval processes and appeared to Gemini to be legitimate, authorized transactions. To date, our investigation has found no indication of any unauthorized access to your account resulting from any security failure or breach of Gemini systems.”

[23]

On February 8, 2022, IRA Financial Trust discovered suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange. We have provided individual notification to all affected customers and have separately notified non-impacted customers. Due to the ongoing investigation, we are unable to comment to individual queries.


"In a statement, IRA Financial Trust said on Feb. 8 it discovered “suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange. Upon discovery, we immediately launched an investigation and contacted state and federal law enforcement.”"

"Around 5 p.m. ET last Tuesday an account labeled “Benjamin Choe began withdrawing bitcoin, ether and U.S. dollars from user accounts. One user said he lost 13 ETH, 1 BTC and thousands of dollars in a matter of minutes despite multiple account security layers, like two-factor authentication."

"Dozens of users began seeing unauthorized withdrawals on their Gemini accounts, victims told CoinDesk. One user, Jacob, who declined to give his last name, said he lost $20,000 in fiat to an account he did not control. Others described losing bitcoin and ether in full coin increments."

IRA Finance tweeted that it found “suspicious activity affecting our limited customer base with accounts on the Gemini cryptocurrency exchange. Upon discovery, we immediately launched an investigation and contacted state and federal law enforcement. Department.”

"That same day, unidentified hackers withdrew $21 million in bitcoin and $15 million in ether from IRA Financial Trust’s accounts." "Crypto tracing company Chainalysis confirmed the hack involved $36 million in cryptocurrencies."

“I only had cash in my Gemini account, no coin, and it was all taken in multiple transfers to Choe at $10k per transfer,” one Reddit user wrote. “So in only 15 seconds they moved all my cash.”

Another user wrote, “All of my BTC and Ether have also been transferred out. I can confirm that they only transferred out whole units and left a small fraction of BTC and my cash.” The user added, “Transfers were made out to the Choe Roth in multiple 1 whole unit coin transactions.”

“Late in the day on Tuesday, February 8, 2022, we believe we were targeted by hackers. To protect your assets and data, we took immediate actions to suspend access to your IRA Financial/Gemini accounts.”

Details were slow to come out about the situation, leaving many affected users without answers even a full week after the theft[15].

"The apparent victims tell CoinDesk they are trapped in a knotty morass of incomplete facts that only confound a fraught situation. Even basic details – how many accounts were breached, who (if anyone) will cover their losses – remain unclear. Some receive occasional terse email updates from IRA Financial while others are forced to call every day, users tell CoinDesk."


TBD: [22]

Ultimate Outcome

“Although our investigation remains ongoing, the facts discovered to date indicate that transfer requests were made by utilizing properly authenticated accounts controlled by IRA Financial Group, which were used to execute asset transfers to another account,” the firm wrote late Sunday night. “At the time, these requests complied with IRA’s approval processes and appeared to Gemini to be legitimate, authorized transactions. To date, our investigation has found no indication of any unauthorized access to your account resulting from any security failure or breach of Gemini systems.”

"Apparent IRA Financial users posting in forums on Reddit Inc. said they experienced their crypto accounts being emptied, with thieves directing stolen funds to a Roth IRA account with the name “Benjamin Choe.” The funds from the Choe account were subsequently sent to services that are often used to launder cryptocurrency. Some users said that cash stored in their accounts was also taken."

"It’s been nearly one week since an apparent security breach threw IRA Financial’s clients into crisis mode. With $36 million of their retirement savings in limbo and no full explanation from either IRA Financial or Gemini – the crypto exchange owned by the Winklevoss twins, Cameron and Tyler, and custodian where their crypto was held – they’ve begun organizing a response to crypto’s latest hack."

"Users, appearing to count in the dozens, have begun reaching out to news organizations and regulators, wanting to know how they lost possibly millions of dollars on Feb. 8, when an apparent bad actor began withdrawing funds en masse from Gemini. IRA Financial Trust is one of a handful of firms that run their retirement account services atop Gemini’s institutional trading and custody suite."

"It’s not clear who may end up being responsible for the lost funds. IRA Financial spokesperson Maria Stagliano said the company’s investigation is primarily focused on security controls that IRA Financial claims weren’t offered or available from Gemini. She declined to say which controls IRA Financial had in place."

"The apparent victims tell CoinDesk they are trapped in a knotty morass of incomplete facts that only confound a fraught situation. Even basic details – how many accounts were breached, who (if anyone) will cover their losses – remain unclear. Some receive occasional terse email updates from IRA Financial while others are forced to call every day, users tell CoinDesk."

"Gemini says it was not hacked; IRA Financial Trust has acknowledged an incident occurred and is investigating it, telling CoinDesk in an emailed statement the “suspicious activity” affected “a limited subset of our customers with accounts on the Gemini cryptocurrency exchange.”"

“We are working closely with third-party forensic specialists to determine the nature and scope of this incident,” a spokesperson from IRA Financial’s hired crisis communications firm told CoinDesk.

[26]

IRA Financial Posts/Media Deleted

Several videos posted by IRA Financial were removed from YouTube[15][27][28][29][30][31][32].

Additionally, IRA Financial removed tweets related to the incident[23][33].

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

Ongoing Developments

"The apparent victims tell CoinDesk they are trapped in a knotty morass of incomplete facts that only confound a fraught situation.

Even basic details – how many accounts were breached, who (if anyone) will cover their losses – remain unclear. Some receive occasional terse email updates from IRA Financial while others are forced to call every day, users tell CoinDesk."

"Blockchain analysis firm Chainalysis Inc. said it was tracking the $36 million in cryptocurrency stolen from IRA customers, and said that it is being laundered through a “mixer” service known as Tornado. A representative for Tornado didn’t immediately respond to a request for comment."

Individual Prevention Policies

There were a number of deficiencies in the IRA Finance model, and users had limited visibility to be able to review these deficiencies. It was unclear who held the funds, and many users were misinformed about the insurance which was available to assist them.

When using any third party custodial platform (such as for trading), it is important to verify that the platform has a full backing of all assets, and that assets have been secured in a proper multi-signature wallet held by several trusted and trained individuals. If this can't be validated, then users should avoid using that platform. Unfortunately, most centralized platforms today still do not provide the level of transparency and third party validation which would be necessary to ensure that assets have been kept secure and properly backed. Therefore, the most effective strategy at present remains to learn proper self custody practices and avoid using any third party custodial platforms whenever possible.

Store the majority of funds offline. By offline, it means that the private key and/or seed phrase is exclusively held by you and not connected to any networked device. Examples of offline storage include paper wallets (seed phrase or key written down and deleted from all electronic media), hardware wallets, steel wallet devices, etc...

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

It seems highly likely that IRA Financial did not utilize any form of multi-sig in their security setup, thereby allowing the compromise of one staff member's credentials to result in the theft.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Having a greater training for staff and a more thorough review of the security would greatly decrease the likelihood of a successful compromise of any staff credentials, and assist others in detecting a compromise more easily.

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

Having an industry insurance fund would place funds available for assisting users in the event of a breach.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

While details have not been provided, security deficiencies were clearly present in order to allow this situation to happen.

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. IRA Financial - "Update From Adam Bergman - Founder of IRA Financial Trust" - Twitter Archive February 12th, 2022 5:58:05 PM MST (Mar 12, 2022)
  2. IRA Financial - "A Message from Adam Bergman, Founder of IRA Financial" - Twitter Archive February 16th, 2022 9:06:02 AM MST (Mar 12, 2022)
  3. 3.0 3.1 IRA Financial - "An updated message from Adam Bergman, Founder, IRA Financial." - Twitter Archive February 18th, 2022 9:49:16 AM MST (Mar 12, 2022)
  4. Drained Crypto Accounts at IRA Financial Leave Victims Searching for Answers - Yahoo Finance (Mar 12, 2022)
  5. 5.0 5.1 IRA Financial Trust Loses $36 Million in Clients Funds - Yahoo Finance (Mar 12, 2022)
  6. https://news.bloomberglaw.com/privacy-and-data-security/ira-financial-hacked-36-million-in-cryptocurrency-stolen (Mar 12, 2022)
  7. Timeline of Cyber Incidents Involving Financial Institutions - Carnegie Endowment for International Peace (Dec 12, 2022)
  8. Home - IRA Financial (Mar 12, 2022)
  9. IRA Financial Launches New Digital Solution for Using IRA Funds to Buy Bitcoin Directly from Cryptocurrency Exchange and Custodian Gemini (Mar 12, 2022)
  10. Self-Direct Your Retirement - IRA Financial Group (Mar 12, 2022)
  11. https://www.trustpilot.com/review/irafinancialgroup.com (Mar 12, 2022)
  12. Why IRA Financial? - YouTube (Mar 12, 2022)
  13. 13.0 13.1 Cybersecurity News - IRA Financial Services Breach Hackers Stole $36 Million In Cryptocurrency - YouTube (Mar 12, 2022)
  14. Cyber insurance rejects claim after BitPay lost $1.8 million in phishing attack | CSO Online (Dec 11, 2022)
  15. 15.0 15.1 15.2 15.3 15.4 15.5 15.6 Drained Crypto Accounts at IRA Financial Leave Victims Searching for Answers - CoinDesk (Mar 12, 2022)
  16. IRA Financial - "What Crypto IRA exchange should you use for your IRA or 401(k) funds to invest in cryptos? It's a popular way for retirement investors to diversify their retirement portfolio, as well as gain exposure to an emerging asset class." - Twitter Archive February 9th, 2022 7:58:13 AM MST (Jan 24, 2024)
  17. patten3232 - "pretty ironic - it takes balls of steel to allow that to be posted after a hack on their crypto IRA accounts!" - Reddit (Jan 24, 2024)
  18. 18.0 18.1 Ecstatic-Cause5954 - Ira Financial and Gemini - Reddit (Jan 24, 2024)
  19. lucidBTC - "I was also affected by the hack. Like others, I only had BTC and ETH removed (not USD) and it was transferred to an account with the last name Choe. As context, IRA Financial uses Gemini custodian and manages IRA crypto funds on the behalf of it's users." - Reddit (Jan 24, 2024)
  20. Steven Chen - "Well, it finally happened. I was part of a crypto hack and had coin taken from me. On Tuesday night I went in to check my balance in @Gemini and my account was locked. Gemini is where my @TheIRAFinancial Crypto IRA is custodied." - Twitter (Jan 24, 2024)
  21. Stephen Cole - "IRA Financial appears to have been hacked. $20M in crypto stolen from retirement accounts possibly by rogue employee with admin access." - Twitter (Jan 24, 2024)
  22. 22.0 22.1 ErgoBTC - "Asleep at the switch analysts frantically updating their ChipMixer detection scripts to bech32." - Twitter (Mar 15, 2024)
  23. 23.0 23.1 23.2 23.3 IRA Financial - "On February 8, 2022, IRA Financial Trust discovered suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange." - Twitter Archive February 11th, 2022 7:12:39 PM MST (Mar 12, 2022)
  24. Hackers Steal $36 Million in Crypto in IRA Financial Breach - Bloomberg (Mar 12, 2022)
  25. IRA Financial Trust Loses $36 Million in Clients Funds - FXEmpire (Jan 25, 2024)
  26. SlowMist Hacked - SlowMist Zone (Jun 26, 2021)
  27. https://www.youtube.com/watch?v=VhuB3QAAFck (Jan 25, 2024)
  28. https://www.youtube.com/watch?v=ZHzcFYXEjmg (Jan 25, 2024)
  29. A Message from Adam Bergman - Founder, IRA Financial - YouTube (Mar 12, 2022)
  30. A Message from Adam Bergman - Founder, IRA Financial - YouTube Archive February 18th, 2022 10:44:01 AM MST (Feb 26, 2024)
  31. An Update from Adam Bergman - Founder, IRA Financial - YouTube (Mar 12, 2022)
  32. An Update from Adam Bergman - Founder, IRA Financial - YouTube Archive February 19th, 2022 3:29:49 AM MST (Feb 26, 2024)
  33. IRA Financial - Deleted Tweet - Twitter (Jan 25, 2024)