Tether CEO responds to alleged Bitfinex database attack from ‘F Society’

As a researcher with experience in cybersecurity and data breaches, I find the ongoing situation between F Society’s claims of hacking Bitfinex and the exchange’s denial intriguing. While it is essential to maintain an objective stance, my professional background compels me to pay close attention to details and assess the credibility of each party’s statements.

As a researcher investigating recent news, I came across conflicting reports regarding Bitfinex and a supposed ransomware attack. The ransomware group asserted they had targeted the cryptocurrency exchange, but Bitfinex’s top executives refuted any claims of a cyberattack occurring.

The infamous hacking collective called F Society has caused alarm within the cryptocurrency sector after announcing that they had managed to infiltrate Bitfinex’s robust security system and obtained an immense amount of data – approximately 2.5 terabytes – which encompasses personal information of roughly 400,000 Bitfinex users.

See below.

As a crypto investor, I’ve recently come across some alarming news. The notorious hacking group FSOCIETY has announced that they’ve carried out four successful cyberattacks. Here are the details:

— HackManac (@H4ckManac) May 3, 2024

In reaction to the accusations, Tether’s CEO Paolo Ardoino, who holds the double role of CEO at Tether and CTO at Bitfinex, spoke out on platform X to clarify the matter personally.

“Ardoino expressed skepticism on social media about the widespread panic over a supposed database breach on Bitfinex, suggesting that it may be a false alarm.”

As an analyst, I’ve come across some intriguing information from Shinoji Research. It appears that F Society has recently added a new page on their hidden website, complete with two links to Mega that point to a text file. This file allegedly contains a partial list of usernames and plaintext passwords.

Ardoino pointed out that Bitfinex’s storage lacked the use of text passwords and 2FA keys for enhanced security.

Tether CEO responds to alleged Bitfinex database attack from ‘F Society’

If the ransomware gang fails to receive a significant payment from their victims, they have warned that they will release KYC information publicly to all affected users.

Based on the large amount of data reportedly held by them, it’s possible that they possess KYC (Know Your Customer) records encompassing Bitfinex’s entire business history.

The stolen information is believed to include email domains, among which is coinfarm.co.za, attracting significant attention. A majority of these domains seem to be publicly available, implying that the hackers may have deliberately chosen them.


It appears that there are concerns among many about a possible data breach at Bitfinex. However, it seems questionable as some individuals have shared large links containing supposed sample data consisting of approximately 22,500 email and password combinations.

— Paolo Ardoino 🍐 (@paoloardoino) May 4, 2024

In his writings, Ardoino aimed to reassure readers, implying that the reported issue might be a false alarm.

Security experts hastily drew attention to the recent data breach, according to him. However, based on our preliminary investigation, it appears that the hackers obtained a database of emails and passwords primarily from various crypto platform intrusions. Regrettably, many users employ the same email and password combinations across multiple websites.

Bitfinx is thoroughly examining their systems and has not detected any security breaches at the moment. Ardoino dismissed this as mere fear-mongering or false rumors.

Ardoino raised concerns over inconsistencies in the leaked data, specifically mentioning that only a small portion of the email addresses corresponded with Bitfinex users. He cast doubt on the authenticity of the hackers’ statements, as they hadn’t reached out to Bitfinex via proper reporting channels or demanded ransom.

Ardoino further revealed that the stolen data might have been collected from different crypto-related breaches, since many users often employ the same email addresses and passwords for various accounts.

As a crypto investor, I can assure you that Ardoino placed great importance on the strong security features of the KYC platform. Specifically, he highlighted the effective rate-limiting mechanisms in place to protect against mass data downloads of sensitive information.

As a researcher delving into the intricacies of this situation, I came across Ardoino’s separate post where a security expert shared their suspicions. This expert posited that the reported hack could potentially be a ruse to promote the sale of a hacking tool.

“It seems I’m making progress in deciphering the situation behind those supposed hack notifications. The message depicted in the attached ticket screenshot originated from a…”

— Paolo Ardoino 🍐 (@paoloardoino) May 4, 2024

The message is said to have come from a Telegram channel, implying that the spread of rumors about Bitfinex’s supposed security breach might be a deliberate marketing strategy to showcase the tool’s effectiveness.

Considering the recent occurrences, Ardoino, the Bitfinex CTO, raised an intriguing query to the crypto community about the probability of around 20% of a database consisting of 100,000 emails identified as belonging to individuals in the crypto sphere being valid email addresses for some crypto exchange users.

We reached out to Bitfinex for comment regarding the alleged breach, but they had not responded.

Read More

2024-05-04 21:34