Bitfinex CTO Denies Ransomware Group’s Data Breach Claims
6 May 2024
2 MIN read
Paolo Ardoino, the Chief Technology Officer of Bitfinex, a prominent cryptocurrency exchange, has recently expressed skepticism regarding claims made by a hacking group known as FSOCIETY. The group alleged that Bitfinex had fallen victim to a significant data breach, but Ardoino has publicly questioned the validity of these assertions.
In a statement released on X, Ardoino revealed that Bitfinex is currently conducting a thorough investigation of its systems, and thus far, no evidence of a breach has been discovered. He further noted that less than one-quarter of the email addresses allegedly stolen from the exchange’s servers actually correspond to legitimate Bitfinex users.
FSOCIETY, a hacking collective named after the fictional group featured in the popular television series Mr. Robot, claimed responsibility for attacks on several organizations on its darkweb homepage on April 26. Among the alleged victims were Rutgers University, consulting firm SBC Global, and a cryptocurrency exchange believed to be Coinmama, despite the hackers misspelling it as “Coinmoma.” However, none of the reportedly hacked companies have publicly acknowledged a substantial data breach or the payment of a ransom.
Ardoino, who concurrently serves as the CEO of Tether, stated that Bitfinex never received any direct communication from the hacking group, even though their post provided a 7-day window for the targeted organizations to establish contact. He argued that if the hackers truly possessed genuine information, they would have attempted to demand a ransom through official channels, such as Bitfinex’s bug bounty program, customer support, emails, or social media platforms.
Furthermore, Ardoino shared a message he received from a security researcher, speculating that the actual motive behind the hacks might be to promote FSOCIETY’s ransomware tools. According to the researcher, these tools are reportedly sold through a subscription model, with the hackers taking a commission on any stolen profits.
“tldr: if they truly hacked Bitfinex, do they really need selling stuff for 299$?,” Ardoino questioned, further emphasizing his doubts about the hacking group’s claims.
This incident comes several years after Bitfinex suffered a notorious hack in 2016, which resulted in the theft of over 95,000 Bitcoin. The hack led to the guilty pleas of two individuals, including the cryptocurrency rapper ‘Razzlekhan’, on money laundering charges related to the stolen funds. The individuals subsequently surrendered the stolen Bitcoin to the government.