BitFinex Under Threat? Hackers Allege Access to 400K Accounts

BitFinex CTO Paulo Ardoino save the day after hackers allege compromising users’ data.

Notorious hacking group FSOCIETY, styled after the crew in the hit TV show Mr. Robot, claimed successful hacks on several victims on its dark web homepage, which included crypto exchange BitFinex.

Their hacking group claimed to possess terabytes of users’ data from the exchange and threatened to release it, plunging users into panic. Yet, as users scrambled to safeguard their accounts, FSOCIETY’s credibility waned, leaving many questioning if they were just another group crying wolf.

BitFinex Hacked?
On April 25, FSociety proudly announced on the dark web that it compromised over 400,000 BitFinex accounts, grasping over 2.5 terabytes of user data. The hacking group issued a seven-day ultimatum for the exchange to reach out, backing up their claim by leaking a text file containing a partial dump of usernames and plaintext passwords.

But it didn’t stop there. FSociety upped the ante by threatening to unleash the KYC details of all users if their demands weren’t met promptly.

As the clock ticked down, chaos rippled through BitFinex’s user base. In a frenzy to validate the breach, security researchers tested the leaked passwords, triggering 2FA prompts and sending a wave of urgency for users to change their credentials.

Amid the panic, Paolo Ardoino, BitFinex’s CTO and CEO of Tether, chimed in, casting doubt on the legitimacy of the hack.

BitFinex CTO Clears the Air
After a week of panic, Ardoino offered some relief on Friday, clarifying that the data originated from another breach and not from BitFinex. The executive also revealed that the hackers never reached out for ransom.

The BitFinex CTO detailed that FSociety’s data contained 22,500 records of emails and passwords, of which only 5,000 were linked to BitFinex users. Ardonio also emphasized that the exchange didn’t store passwords in plaintext. He also highlighted that if any real information had been compromised, they would have been contacted through their bug bounty program, customer support ticket system, emails, or Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Chatbot AI D2